diff options
author | Soumya Koduri <skoduri@redhat.com> | 2018-11-11 22:53:07 +0530 |
---|---|---|
committer | Shyamsundar Ranganathan <srangana@redhat.com> | 2018-12-26 16:59:17 +0000 |
commit | 9ab7053c1c1255403a7e330892523c35a4fa59e6 (patch) | |
tree | ba74868dda2502dfd63b4e4074be26ca386ae677 /tests | |
parent | 6df227148c5651bc321b86c147ea20f90944d1be (diff) |
leases: Fix incorrect inode_ref/unrefs
From testing & code-reading, found couple of places where
we incorrectly unref the inode resulting in use_after_free
crash or ref leaks. This patch addresses couple of them.
a) When we try to grant the very first lease for a inode,
inode_ref is taken in __add_lease. This ref should be active
till all the leases granted to that inode are released (i.e,
till lease_cnt > 0). In addition even after lease_cnt becomes '0',
the inode should be active till all the blocked fops are resumed.
Hence release this ref, after resuming all those fops. To avoid
granting new leases while resuming those fops, defined a new boolean
(blocked_fops_resuming) to flag it in the lease_ctx.
b) 'new_lease_inode' which creates new lease_inode_entry and
takes ref on inode, is used while adding that entry to
client_list and recall_list.
Use its counter function '__destroy_lease_inode' which does unref
while removing those entries from those lists.
c) inode ref is also taken when added to timer->data. Unref the same
after processing timer->data.
Change-Id: Ie77c78ff4a971e0d9a66178597fb34faf39205fb
updates: bz#1655532
Signed-off-by: Soumya Koduri <skoduri@redhat.com>
Diffstat (limited to 'tests')
0 files changed, 0 insertions, 0 deletions