* [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server
@ 2023-07-12 13:48 Wenchao Hao
2023-07-12 13:57 ` Wenchao Hao
2023-07-12 14:01 ` Ido Schimmel
0 siblings, 2 replies; 3+ messages in thread
From: Wenchao Hao @ 2023-07-12 13:48 UTC (permalink / raw)
To: Trond Myklebust, Anna Schumaker, linux-nfs, linux-kernel; +Cc: Wenchao Hao
call kfree() to free memory allocated in kasprintf() to fix
memleak. It's easy to recurrent this memleak, just mount and
remount nfs at NFS client.
The bug is detected by kmemleak with following stack:
unreferenced object 0xffffa31a91fdf2c0 (size 16):
comm "mount.nfs", pid 960, jiffies 4294724478 (age 111892.067s)
hex dump (first 16 bytes):
73 65 72 76 65 72 2d 30 00 f2 fd 91 1a a3 ff ff server-0........
backtrace:
[<00000000de9b21a9>] create_object+0x11/0x17
[<00000000ed17aa96>] kmemleak_alloc+0x6c/0x7a
[<000000009f4acc69>] slab_post_alloc_hook.constprop.0+0x81/0x99
[<00000000d2446455>] __kmem_cache_alloc_node+0x10c/0x13a
[<00000000eca4a704>] __kmalloc_node_track_caller+0x83/0xb7
[<0000000076cdb22f>] kvasprintf+0x65/0xc3
[<00000000f6f2e879>] kasprintf+0x4e/0x69
[<00000000e49d03be>] nfs_sysfs_move_sb_to_server+0x24/0x5f
[<0000000039127597>] nfs_kill_super+0x25/0x49
[<00000000e6ecf809>] deactivate_locked_super+0x35/0x74
[<000000003b9c3350>] deactivate_super+0x3c/0x44
[<00000000777c86be>] cleanup_mnt+0x6c/0xe7
[<000000009f181749>] __cleanup_mnt+0x12/0x18
[<00000000a709602e>] task_work_run+0x75/0x8c
[<0000000075da06ba>] exit_to_user_mode_prepare+0x79/0x102
[<0000000093a53d48>] syscall_exit_to_user_mode+0x1c/0x30
Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>
---
fs/nfs/sysfs.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/nfs/sysfs.c b/fs/nfs/sysfs.c
index acda8f033d30..bf378ecd5d9f 100644
--- a/fs/nfs/sysfs.c
+++ b/fs/nfs/sysfs.c
@@ -345,8 +345,10 @@ void nfs_sysfs_move_sb_to_server(struct nfs_server *server)
int ret = -ENOMEM;
s = kasprintf(GFP_KERNEL, "server-%d", server->s_sysfs_id);
- if (s)
+ if (s) {
ret = kobject_rename(&server->kobj, s);
+ kfree(s);
+ }
if (ret < 0)
pr_warn("NFS: rename sysfs %s failed (%d)\n",
server->kobj.name, ret);
--
2.35.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server
2023-07-12 13:48 [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server Wenchao Hao
@ 2023-07-12 13:57 ` Wenchao Hao
2023-07-12 14:01 ` Ido Schimmel
1 sibling, 0 replies; 3+ messages in thread
From: Wenchao Hao @ 2023-07-12 13:57 UTC (permalink / raw)
To: Trond Myklebust, Anna Schumaker, linux-nfs, linux-kernel; +Cc: Wenchao Hao
On Wed, Jul 12, 2023 at 9:48 PM Wenchao Hao <haowenchao22@gmail.com> wrote:
>
> call kfree() to free memory allocated in kasprintf() to fix
> memleak. It's easy to recurrent this memleak, just mount and
> remount nfs at NFS client.
>
I did not check the mail list before send this patch, Benjamin
Coddingto has fixed
it, so ignore this please.
> The bug is detected by kmemleak with following stack:
> unreferenced object 0xffffa31a91fdf2c0 (size 16):
> comm "mount.nfs", pid 960, jiffies 4294724478 (age 111892.067s)
> hex dump (first 16 bytes):
> 73 65 72 76 65 72 2d 30 00 f2 fd 91 1a a3 ff ff server-0........
> backtrace:
> [<00000000de9b21a9>] create_object+0x11/0x17
> [<00000000ed17aa96>] kmemleak_alloc+0x6c/0x7a
> [<000000009f4acc69>] slab_post_alloc_hook.constprop.0+0x81/0x99
> [<00000000d2446455>] __kmem_cache_alloc_node+0x10c/0x13a
> [<00000000eca4a704>] __kmalloc_node_track_caller+0x83/0xb7
> [<0000000076cdb22f>] kvasprintf+0x65/0xc3
> [<00000000f6f2e879>] kasprintf+0x4e/0x69
> [<00000000e49d03be>] nfs_sysfs_move_sb_to_server+0x24/0x5f
> [<0000000039127597>] nfs_kill_super+0x25/0x49
> [<00000000e6ecf809>] deactivate_locked_super+0x35/0x74
> [<000000003b9c3350>] deactivate_super+0x3c/0x44
> [<00000000777c86be>] cleanup_mnt+0x6c/0xe7
> [<000000009f181749>] __cleanup_mnt+0x12/0x18
> [<00000000a709602e>] task_work_run+0x75/0x8c
> [<0000000075da06ba>] exit_to_user_mode_prepare+0x79/0x102
> [<0000000093a53d48>] syscall_exit_to_user_mode+0x1c/0x30
>
> Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>
> ---
> fs/nfs/sysfs.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/nfs/sysfs.c b/fs/nfs/sysfs.c
> index acda8f033d30..bf378ecd5d9f 100644
> --- a/fs/nfs/sysfs.c
> +++ b/fs/nfs/sysfs.c
> @@ -345,8 +345,10 @@ void nfs_sysfs_move_sb_to_server(struct nfs_server *server)
> int ret = -ENOMEM;
>
> s = kasprintf(GFP_KERNEL, "server-%d", server->s_sysfs_id);
> - if (s)
> + if (s) {
> ret = kobject_rename(&server->kobj, s);
> + kfree(s);
> + }
> if (ret < 0)
> pr_warn("NFS: rename sysfs %s failed (%d)\n",
> server->kobj.name, ret);
> --
> 2.35.3
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server
2023-07-12 13:48 [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server Wenchao Hao
2023-07-12 13:57 ` Wenchao Hao
@ 2023-07-12 14:01 ` Ido Schimmel
1 sibling, 0 replies; 3+ messages in thread
From: Ido Schimmel @ 2023-07-12 14:01 UTC (permalink / raw)
To: Wenchao Hao
Cc: Trond Myklebust, Anna Schumaker, linux-nfs, linux-kernel,
Wenchao Hao
On Wed, Jul 12, 2023 at 09:48:53PM +0800, Wenchao Hao wrote:
> call kfree() to free memory allocated in kasprintf() to fix
> memleak. It's easy to recurrent this memleak, just mount and
> remount nfs at NFS client.
>
> The bug is detected by kmemleak with following stack:
> unreferenced object 0xffffa31a91fdf2c0 (size 16):
> comm "mount.nfs", pid 960, jiffies 4294724478 (age 111892.067s)
> hex dump (first 16 bytes):
> 73 65 72 76 65 72 2d 30 00 f2 fd 91 1a a3 ff ff server-0........
> backtrace:
> [<00000000de9b21a9>] create_object+0x11/0x17
> [<00000000ed17aa96>] kmemleak_alloc+0x6c/0x7a
> [<000000009f4acc69>] slab_post_alloc_hook.constprop.0+0x81/0x99
> [<00000000d2446455>] __kmem_cache_alloc_node+0x10c/0x13a
> [<00000000eca4a704>] __kmalloc_node_track_caller+0x83/0xb7
> [<0000000076cdb22f>] kvasprintf+0x65/0xc3
> [<00000000f6f2e879>] kasprintf+0x4e/0x69
> [<00000000e49d03be>] nfs_sysfs_move_sb_to_server+0x24/0x5f
> [<0000000039127597>] nfs_kill_super+0x25/0x49
> [<00000000e6ecf809>] deactivate_locked_super+0x35/0x74
> [<000000003b9c3350>] deactivate_super+0x3c/0x44
> [<00000000777c86be>] cleanup_mnt+0x6c/0xe7
> [<000000009f181749>] __cleanup_mnt+0x12/0x18
> [<00000000a709602e>] task_work_run+0x75/0x8c
> [<0000000075da06ba>] exit_to_user_mode_prepare+0x79/0x102
> [<0000000093a53d48>] syscall_exit_to_user_mode+0x1c/0x30
>
> Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>
> ---
> fs/nfs/sysfs.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/nfs/sysfs.c b/fs/nfs/sysfs.c
> index acda8f033d30..bf378ecd5d9f 100644
> --- a/fs/nfs/sysfs.c
> +++ b/fs/nfs/sysfs.c
> @@ -345,8 +345,10 @@ void nfs_sysfs_move_sb_to_server(struct nfs_server *server)
> int ret = -ENOMEM;
>
> s = kasprintf(GFP_KERNEL, "server-%d", server->s_sysfs_id);
> - if (s)
> + if (s) {
> ret = kobject_rename(&server->kobj, s);
> + kfree(s);
> + }
> if (ret < 0)
> pr_warn("NFS: rename sysfs %s failed (%d)\n",
> server->kobj.name, ret);
A fix was already posted:
https://lore.kernel.org/linux-nfs/6702796fee0365bf399800326bbe6c88e5f73f68.1689014440.git.bcodding@redhat.com/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-07-12 14:01 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-12 13:48 [PATCH] NFS: Fix memleak in nfs_sysfs_move_sb_to_server Wenchao Hao
2023-07-12 13:57 ` Wenchao Hao
2023-07-12 14:01 ` Ido Schimmel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox