From: bugzilla-daemon@bugzilla.kernel.org
To: linux-f2fs-devel@lists.sourceforge.net
Subject: [Bug 202747] New: sometime kernel crash when kzfree is called in fs/f2fs/xattr.c
Date: Mon, 04 Mar 2019 13:30:53 +0000 [thread overview]
Message-ID: <bug-202747-202145@https.bugzilla.kernel.org/> (raw)
https://bugzilla.kernel.org/show_bug.cgi?id=202747
Bug ID: 202747
Summary: sometime kernel crash when kzfree is called in
fs/f2fs/xattr.c
Product: File System
Version: 2.5
Kernel Version: f2fs-dev
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: high
Priority: P1
Component: f2fs
Assignee: filesystem_f2fs@kernel-bugs.kernel.org
Reporter: jiqun.li@unisoc.com
Regression: No
in file fs/f2fs/xattr.c
kzfree() is called somewhere
example:
static int read_all_xattrs(struct inode *inode, struct page *ipage,
void **base_addr)
{
......
txattr_addr = f2fs_kzalloc(F2FS_I_SB(inode),
inline_size + size + XATTR_PADDING_SIZE, GFP_NOFS);
.....
kzfree(txattr_addr);
return err;
}
address is alloced by f2fs_kzalloc(), step into, it may use kmalloc() or
kvmalloc(),
accordingly the address should be freed by kfree() or kvfree(), but kzfree()
aways use kfree(), then the kernel crashed when the address is alloced by
kvmalloc().
I have changed kzfree to kvfree, kernel not crash any more, I not understand
why set the memory to zero before free the address.
so I use the patch, kernel not crash also。
it diff diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 85d9508..c4b3d7b
100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -2798,6 +2798,18 @@ static inline void *f2fs_kmalloc(struct f2fs_sb_info
*sbi,
return kvmalloc(size, flags);
}
+static inline void *f2fs_kzfree(const void *p) {
+ size_t ks;
+ void *mem = (void *)p;
+
+ if (unlikely(ZERO_OR_NULL_PTR(mem)))
+ return;
+ ks = ksize(mem);
+ memset(mem, 0, ks);
+ kvfree(mem);
+}
+
static inline void *kvzalloc(size_t size, gfp_t flags) {
void *ret;
diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c index dedc91a..0152ed8 100644
--- a/fs/f2fs/xattr.c
+++ b/fs/f2fs/xattr.c
@@ -386,7 +386,7 @@ check:
*base_addr = txattr_addr;
return 0;
out:
- kzfree(txattr_addr);
+ f2fs_kzfree(txattr_addr);
return err;
}
@@ -429,7 +429,7 @@ static int read_all_xattrs(struct inode *inode, struct page
*ipage,
*base_addr = txattr_addr;
return 0;
fail:
- kzfree(txattr_addr);
+ f2fs_kzfree(txattr_addr);
return err;
}
@@ -556,7 +556,7 @@ int f2fs_getxattr(struct inode *inode, int index, const
char *name,
}
error = size;
out:
- kzfree(base_addr);
+ f2fs_kzfree(base_addr);
return error;
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next reply other threads:[~2019-03-04 13:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-04 13:30 bugzilla-daemon [this message]
2019-03-05 6:40 ` [Bug 202747] sometime kernel crash when kzfree is called in fs/f2fs/xattr.c bugzilla-daemon
2019-03-16 8:09 ` bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-202747-202145@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon@bugzilla.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).