From: David Teigland <teigland@redhat.com> Subject: [RHEL5.1 PATCH] dlm: fix new_lockspace error exit Date: Thu, 31 May 2007 09:36:09 -0500 Bugzilla: 241819 Message-Id: <20070531143609.GE2642@redhat.com> Changelog: [dlm] fix new_lockspace error exit bz 241819 Fix the error path when exiting new_lockspace(). It was kfree'ing the lockspace struct at the end, but that's only valid if it exits before kobject_register occured. After kobject_register we have to let the kobject do the freeing. upstream: gfs2-2.6-nmw.git and -mm Index: linux-rhel51-quilt/fs/dlm/lockspace.c =================================================================== --- linux-rhel51-quilt.orig/fs/dlm/lockspace.c 2007-06-08 10:01:29.000000000 -0500 +++ linux-rhel51-quilt/fs/dlm/lockspace.c 2007-06-08 10:16:43.000000000 -0500 @@ -395,6 +395,7 @@ { struct dlm_ls *ls; int i, size, error = -ENOMEM; + int do_unreg = 0; if (namelen > DLM_LOCKSPACE_LEN) return -EINVAL; @@ -520,32 +521,34 @@ error = dlm_recoverd_start(ls); if (error) { log_error(ls, "can't start dlm_recoverd %d", error); - goto out_rcomfree; + goto out_delist; } - dlm_create_debug_file(ls); - error = kobject_setup(ls); if (error) - goto out_del; + goto out_stop; error = kobject_register(&ls->ls_kobj); if (error) - goto out_del; + goto out_stop; + + /* let kobject handle freeing of ls if there's an error */ + do_unreg = 1; error = do_uevent(ls, 1); if (error) - goto out_unreg; + goto out_stop; + + dlm_create_debug_file(ls); + + log_debug(ls, "join complete"); *lockspace = ls; return 0; - out_unreg: - kobject_unregister(&ls->ls_kobj); - out_del: - dlm_delete_debug_file(ls); + out_stop: dlm_recoverd_stop(ls); - out_rcomfree: + out_delist: spin_lock(&lslist_lock); list_del(&ls->ls_list); spin_unlock(&lslist_lock); @@ -557,7 +560,10 @@ out_rsbfree: kfree(ls->ls_rsbtbl); out_lsfree: - kfree(ls); + if (do_unreg) + kobject_unregister(&ls->ls_kobj); + else + kfree(ls); out: module_put(THIS_MODULE); return error; @@ -703,7 +709,7 @@ dlm_clear_members_gone(ls); kfree(ls->ls_node_array); kobject_unregister(&ls->ls_kobj); - /* The ls structure will be freed when the kobject is done with */ + /* The ls structure will be freed when the kobject is done with */ mutex_lock(&ls_lock); ls_count--;