Btrfs: fix memory leak in raid56

The local bio_list may have pending bios when doing cleanup, it can
end up with memory leak if they don't get freed.

Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index cba5e7339462bc918d67a4e166ff4c6a87e53397..a7f79254eccaff4c58d8e9f7b92f96f899652456 100644 (file)
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -1326,6 +1326,9 @@ write_data:
 
 cleanup:
        rbio_orig_end_io(rbio, BLK_STS_IOERR);
+
+       while ((bio = bio_list_pop(&bio_list)))
+               bio_put(bio);
 }
 
 /*
@@ -1582,6 +1585,10 @@ static int raid56_rmw_stripe(struct btrfs_raid_bio *rbio)
 
 cleanup:
        rbio_orig_end_io(rbio, BLK_STS_IOERR);
+
+       while ((bio = bio_list_pop(&bio_list)))
+               bio_put(bio);
+
        return -EIO;
 
 finish:
@@ -2107,6 +2114,10 @@ cleanup:
        if (rbio->operation == BTRFS_RBIO_READ_REBUILD ||
            rbio->operation == BTRFS_RBIO_REBUILD_MISSING)
                rbio_orig_end_io(rbio, BLK_STS_IOERR);
+
+       while ((bio = bio_list_pop(&bio_list)))
+               bio_put(bio);
+
        return -EIO;
 }
 
@@ -2460,6 +2471,9 @@ submit_write:
 
 cleanup:
        rbio_orig_end_io(rbio, BLK_STS_IOERR);
+
+       while ((bio = bio_list_pop(&bio_list)))
+               bio_put(bio);
 }
 
 static inline int is_data_stripe(struct btrfs_raid_bio *rbio, int stripe)
@@ -2569,12 +2583,12 @@ static void raid56_parity_scrub_stripe(struct btrfs_raid_bio *rbio)
        int stripe;
        struct bio *bio;
 
+       bio_list_init(&bio_list);
+
        ret = alloc_rbio_essential_pages(rbio);
        if (ret)
                goto cleanup;
 
-       bio_list_init(&bio_list);
-
        atomic_set(&rbio->error, 0);
        /*
         * build a list of bios to read all the missing parts of this
@@ -2642,6 +2656,10 @@ static void raid56_parity_scrub_stripe(struct btrfs_raid_bio *rbio)
 
 cleanup:
        rbio_orig_end_io(rbio, BLK_STS_IOERR);
+
+       while ((bio = bio_list_pop(&bio_list)))
+               bio_put(bio);
+
        return;
 
 finish: