io_uring/rw: free potentially allocated iovec on cache put failure (4b974805) · Commits · git / linux-net

io_uring/rw.c

+11 −4

Original line number	Diff line number	Diff line
		@@ -144,19 +144,22 @@ static inline int io_import_rw_buffer(int rw, struct io_kiocb *req,
		return 0;
		}

		static void io_rw_recycle(struct io_kiocb *req, unsigned int issue_flags)
		static bool io_rw_recycle(struct io_kiocb *req, unsigned int issue_flags)
		{
		struct io_async_rw *rw = req->async_data;

		if (unlikely(issue_flags & IO_URING_F_UNLOCKED))
		return;
		return false;

		io_alloc_cache_vec_kasan(&rw->vec);
		if (rw->vec.nr > IO_VEC_CACHE_SOFT_CAP)
		io_vec_free(&rw->vec);

		if (io_alloc_cache_put(&req->ctx->rw_cache, rw))
		if (io_alloc_cache_put(&req->ctx->rw_cache, rw)) {
		io_req_async_data_clear(req, 0);
		return true;
		}
		return false;
		}

		static void io_req_rw_cleanup(struct io_kiocb *req, unsigned int issue_flags)
		@@ -190,7 +193,11 @@ static void io_req_rw_cleanup(struct io_kiocb *req, unsigned int issue_flags)
		*/
		if (!(req->flags & (REQ_F_REISSUE \| REQ_F_REFCOUNT))) {
		req->flags &= ~REQ_F_NEED_CLEANUP;
		io_rw_recycle(req, issue_flags);
		if (!io_rw_recycle(req, issue_flags)) {
		struct io_async_rw *rw = req->async_data;

		io_vec_free(&rw->vec);
		}
		}
		}