Project

General

Profile

Actions
Copy link

Bug #6504

closed

PATCH: Fix double-free of fiemap

Added by Alan Somers over 10 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Samuel Just
Category:
-
Target version:
-
% Done:

0%

Source:
Community (dev)
Tags:
Backport:
Regression:
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

If GenericFileStoreBackend::do_fiemap returns anything other than 0, then fiemap will not be allocated. However, GenericFileStoreBackend::detect_features will free fiemap regardless, triggering an assertion in tcmalloc. The attached patch will fix the bug by only freeing fiemap when necessary.

In my case, do_fiemap returns -ENOSYS because fiemap is not implemented on FreeBSD. However, this bug could also happen on Linux when do_fiemap returns -ENOMEM.

Files

Download all files
patch-src-os-GenericFileStoreBackend.cc (568 Bytes) patch-src-os-GenericFileStoreBackend.cc Alan Somers, 10/10/2013 09:05 AM
patch-src-os-FileStore.cc (735 Bytes) patch-src-os-FileStore.cc Alan Somers, 10/10/2013 09:05 AM
Actions
Copy link
 #1

Updated by Ian Colle over 10 years ago

  • Status changed from New to Fix Under Review
  • Assignee set to Samuel Just
Actions
Copy link
 #2

Updated by Noah Watkins over 10 years ago

This patch works for me to solve the same problem on OSX.

Actions
Copy link
 #3

Updated by Sage Weil over 10 years ago

  • Status changed from Fix Under Review to Resolved

moved one of the free(fiemap) calls in a block and then merged to master. thanks!

Actions
Copy link

Also available in: Atom PDF