diff options
| author | Ilya Dryomov <[email protected]> | 2020-03-16 15:52:54 +0100 |
|---|---|---|
| committer | Ilya Dryomov <[email protected]> | 2020-04-13 08:55:49 +0200 |
| commit | 952c48b0ed18919bff7528501e9a3fff8a24f8cd (patch) | |
| tree | cb1c4416ad298503d23abd3298da76bfbf3c5634 /scripts/gdb/linux/lists.py | |
| parent | 0e4e1de5b63fa423b13593337a27fd2d2b0bcf77 (diff) | |
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
rbd_dev_unprobe() is supposed to undo most of rbd_dev_image_probe(),
including rbd_dev_header_info(), which means that rbd_dev_header_info()
isn't supposed to be called after rbd_dev_unprobe().
However, rbd_dev_image_release() calls rbd_dev_unprobe() before
rbd_unregister_watch(). This is racy because a header update notify
can sneak in:
"rbd unmap" thread ceph-watch-notify worker
rbd_dev_image_release()
rbd_dev_unprobe()
free and zero out header
rbd_watch_cb()
rbd_dev_refresh()
rbd_dev_header_info()
read in header
The same goes for "rbd map" because rbd_dev_image_probe() calls
rbd_dev_unprobe() on errors. In both cases this results in a memory
leak.
Fixes: fd22aef8b47c ("rbd: move rbd_unregister_watch() call into rbd_dev_image_release()")
Signed-off-by: Ilya Dryomov <[email protected]>
Reviewed-by: Jason Dillaman <[email protected]>
Diffstat (limited to 'scripts/gdb/linux/lists.py')
0 files changed, 0 insertions, 0 deletions