afr, client: More mem-leak fixes in COMPOUND fop cbk

Bugs found and fixed: 1. Use correct subvolume index in pre-op-writev compound cbk 2. Prevent use-after-free of local->compound_args members in compound fops cbk in protocol/client 3. Fix xdata and xattr leaks in client_process_response 4. Fix possible leak of xdata in client_pre_writev() in test mode. 5. Free req->compound_req_array.compound_req_array_val as well after freeing its members 6. Free tmp_rsp->flock.lk_owner.lk_owner_val in LK fop. Change-Id: I15b646d7d4e0e5cd4ea3d2d6452c815cf2eaf68f BUG: 1401218 Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com> Reviewed-on: http://review.gluster.org/16020 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
author: Krutika Dhananjay <kdhananj@redhat.com> 2016-12-03 09:09:15 +0530
committer: Pranith Kumar Karampuri <pkarampu@redhat.com> 2016-12-04 17:28:40 -0800
commit: c89cb610f51e7a5df5c4b7e9378a7ac8ac513e46 (patch)
tree: 1ddaeb27a9ba9d24ca9efa290bc76e393e798a0e /xlators/cluster/afr/src/afr-transaction.c
parent: 55ddf8c6b665d0b2ed024b984e871a68b25cffbf (diff)
1 files changed, 21 insertions, 4 deletions
diff --git a/xlators/cluster/afr/src/afr-transaction.c b/xlators/cluster/afr/src/afr-transaction.c
index d23654d8354..bedc4069f09 100644
--- a/xlators/cluster/afr/src/afr-transaction.c
+++ b/xlators/cluster/afr/src/afr-transaction.c
@@ -1272,7 +1272,7 @@ afr_pre_op_writev_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
                                        NULL, NULL, NULL);
         } else {
                 write_args_cbk = &args_cbk->rsp_list[1];
-                afr_inode_write_fill  (frame, this, (long) i,
+                afr_inode_write_fill  (frame, this, (long) child_index,
                                        write_args_cbk->op_ret,
                                        write_args_cbk->op_errno,
                                        &write_args_cbk->prestat,
@@ -1283,6 +1283,8 @@ afr_pre_op_writev_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
 	call_count = afr_frame_return (frame);
 
         if (call_count == 0) {
+                compound_args_cleanup (local->c_args);
+                local->c_args = NULL;
                 afr_process_post_writev (frame, this);
                 if (!afr_txn_nothing_failed (frame, this)) {
                         /* Don't unwind until post-op is complete */
@@ -1374,6 +1376,8 @@ afr_pre_op_fop_do (call_frame_t *frame, xlator_t *this, dict_t *xattr,
          */
         compound_cbk = afr_pack_fop_args (frame, args, local->op, i);
 
+        local->c_args = args;
+
         for (i = 0; i < priv->child_count; i++) {
                 /* Means lock did not succeed on this brick */
                 if (!local->transaction.pre_op[i])
@@ -1389,7 +1393,10 @@ afr_pre_op_fop_do (call_frame_t *frame, xlator_t *this, dict_t *xattr,
                         break;
         }
 
-        afr_compound_cleanup (args, xdata, newloc_xdata);
+        if (xdata)
+                dict_unref (xdata);
+        if (newloc_xdata)
+                dict_unref (newloc_xdata);
         return 0;
 err:
 	local->internal_lock.lock_cbk = local->transaction.done;
@@ -1399,7 +1406,10 @@ err:
         afr_restore_lk_owner (frame);
 	afr_unlock (frame, this);
 
-        afr_compound_cleanup (args, xdata, newloc_xdata);
+        if (xdata)
+                dict_unref (xdata);
+        if (newloc_xdata)
+                dict_unref (newloc_xdata);
 	return 0;
 }
 
@@ -1428,6 +1438,8 @@ afr_post_op_unlock_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
         UNLOCK (&frame->lock);
 
         if (call_count == 0) {
+                compound_args_cleanup (local->c_args);
+                local->c_args = NULL;
                 if (local->transaction.resume_stub) {
                         call_resume (local->transaction.resume_stub);
                         local->transaction.resume_stub = NULL;
@@ -1509,6 +1521,8 @@ afr_post_op_unlock_do (call_frame_t *frame, xlator_t *this, dict_t *xattr,
                 }
         }
 
+        local->c_args = args;
+
         for (i = 0; i < priv->child_count; i++) {
                 /* pre_op[i] has to be true for all nodes that were
                  * successfully locked. */
@@ -1524,7 +1538,10 @@ afr_post_op_unlock_do (call_frame_t *frame, xlator_t *this, dict_t *xattr,
                         break;
         }
 out:
-        afr_compound_cleanup (args, xdata, newloc_xdata);
+        if (xdata)
+                dict_unref (xdata);
+        if (newloc_xdata)
+                dict_unref (newloc_xdata);
         return 0;
 }
author	Krutika Dhananjay <kdhananj@redhat.com>	2016-12-03 09:09:15 +0530
committer	Pranith Kumar Karampuri <pkarampu@redhat.com>	2016-12-04 17:28:40 -0800
commit	c89cb610f51e7a5df5c4b7e9378a7ac8ac513e46 (patch)
tree	1ddaeb27a9ba9d24ca9efa290bc76e393e798a0e /xlators/cluster/afr/src/afr-transaction.c
parent	55ddf8c6b665d0b2ed024b984e871a68b25cffbf (diff)