[PATCH] 9p: fix memory leak in v9fs_init_fs_context error path

[PATCH] 9p: fix memory leak in v9fs_init_fs_context error path

[Sasha Levin]

Move the assignments of fc->ops and fc->fs_private to right after the
kzalloc, before any fallible operations. Previously these were assigned
at the end of the function, after the kstrdup calls for uname and aname.
If either kstrdup failed, the error path would set fc->need_free but
leave fc->ops NULL, so put_fs_context() would never call v9fs_free_fc()
to free the allocated context and any already-duplicated strings.

Fixes: 1f3e4142c0eb ("9p: convert to the new mount API")
Assisted-by: Claude:claude-opus-4-6
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 fs/9p/vfs_super.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/fs/9p/vfs_super.c b/fs/9p/vfs_super.c
index 0a1c4f7cb001d..431f24938a1d3 100644
--- a/fs/9p/vfs_super.c
+++ b/fs/9p/vfs_super.c
@@ -312,6 +312,9 @@ static int v9fs_init_fs_context(struct fs_context *fc)
 	if (!ctx)
 		return -ENOMEM;
 
+	fc->ops = &v9fs_context_ops;
+	fc->fs_private = ctx;
+
 	/* initialize core options */
 	ctx->session_opts.afid = ~0;
 	ctx->session_opts.cache = CACHE_NONE;
@@ -345,9 +348,6 @@ static int v9fs_init_fs_context(struct fs_context *fc)
 	ctx->rdma_opts.timeout = P9_RDMA_TIMEOUT;
 	ctx->rdma_opts.privport = false;
 
-	fc->ops = &v9fs_context_ops;
-	fc->fs_private = ctx;
-
 	return 0;
 error:
 	fc->need_free = 1;
-- 
2.51.0

Re: [PATCH] 9p: fix memory leak in v9fs_init_fs_context error path

[Dominique Martinet]

Sasha Levin wrote on Wed, Feb 25, 2026 at 08:57:45AM -0500:
> Move the assignments of fc->ops and fc->fs_private to right after the
> kzalloc, before any fallible operations. Previously these were assigned
> at the end of the function, after the kstrdup calls for uname and aname.
> If either kstrdup failed, the error path would set fc->need_free but
> leave fc->ops NULL, so put_fs_context() would never call v9fs_free_fc()
> to free the allocated context and any already-duplicated strings.
> 
> Fixes: 1f3e4142c0eb ("9p: convert to the new mount API")
> Assisted-by: Claude:claude-opus-4-6
> Signed-off-by: Sasha Levin <sashal@kernel.org>

Looks correct to me (and there doesn't seem to be any side effect of
settings ops in the error path)

Pushed to my -next branch, will submit eventually.

Thanks!
-- 
Dominique

Re: [PATCH] 9p: fix memory leak in v9fs_init_fs_context error path

[Christian Schoenebeck]

On Wednesday, 25 February 2026 14:57:45 CET Sasha Levin wrote:
> Move the assignments of fc->ops and fc->fs_private to right after the
> kzalloc, before any fallible operations. Previously these were assigned
> at the end of the function, after the kstrdup calls for uname and aname.
> If either kstrdup failed, the error path would set fc->need_free but
> leave fc->ops NULL, so put_fs_context() would never call v9fs_free_fc()
> to free the allocated context and any already-duplicated strings.
> 
> Fixes: 1f3e4142c0eb ("9p: convert to the new mount API")
> Assisted-by: Claude:claude-opus-4-6
> Signed-off-by: Sasha Levin <sashal@kernel.org>
> ---
>  fs/9p/vfs_super.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)

Reviewed-by: Christian Schoenebeck <linux_oss@crudebyte.com>
 
> diff --git a/fs/9p/vfs_super.c b/fs/9p/vfs_super.c
> index 0a1c4f7cb001d..431f24938a1d3 100644
> --- a/fs/9p/vfs_super.c
> +++ b/fs/9p/vfs_super.c
> @@ -312,6 +312,9 @@ static int v9fs_init_fs_context(struct fs_context *fc)
>  	if (!ctx)
>  		return -ENOMEM;
> 
> +	fc->ops = &v9fs_context_ops;
> +	fc->fs_private = ctx;
> +
>  	/* initialize core options */
>  	ctx->session_opts.afid = ~0;
>  	ctx->session_opts.cache = CACHE_NONE;
> @@ -345,9 +348,6 @@ static int v9fs_init_fs_context(struct fs_context *fc)
>  	ctx->rdma_opts.timeout = P9_RDMA_TIMEOUT;
>  	ctx->rdma_opts.privport = false;
> 
> -	fc->ops = &v9fs_context_ops;
> -	fc->fs_private = ctx;
> -
>  	return 0;
>  error:
>  	fc->need_free = 1;