Re: [PATCH] NFS: Fix sysfs server name memory leak

Geert Uytterhoeven <geert@xxxxxxxxxxxxxx> · Fri, 14 Jul 2023 17:20:17 +0200 (CEST)

Hi Benjamin,

On Mon, 10 Jul 2023, Benjamin Coddington wrote:
Free the formatted server index string after it has been duplicated by
kobject_rename().

Fixes: 1c7251187dc0 ("NFS: add superblock sysfs entries")
Reported-by: Alexander Aring <aahringo@xxxxxxxxxx>
Signed-off-by: Benjamin Coddington <bcodding@xxxxxxxxxx>

Thanks!

This fixes the memory leaks I was seeing:

    # cat /sys/kernel/debug/kmemleak
    unreferenced object 0xc6d3b7c0 (size 64):
      comm "mount.nfs", pid 261, jiffies 4294943450 (age 1385.530s)
      hex dump (first 32 bytes):
	73 65 72 76 65 72 2d 32 00 00 00 00 00 00 00 00  server-2........
	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
	[<7849dbd6>] slab_post_alloc_hook.constprop.0+0x9c/0xac
	[<bf2297e0>] __kmem_cache_alloc_node+0xc4/0x124
	[<07299a52>] __kmalloc_node_track_caller+0x80/0xa4
	[<1876b300>] kvasprintf+0x5c/0xcc
	[<4fa40352>] kasprintf+0x28/0x58
	[<68e29ee6>] nfs_sysfs_move_sb_to_server+0x18/0x50
	[<6a98700b>] nfs_kill_super+0x18/0x34
	[<d388276a>] deactivate_locked_super+0x50/0x88
	[<3945c450>] cleanup_mnt+0x6c/0xc8
	[<fb0ac980>] task_work_run+0x84/0xb4
	[<d6ee2bd3>] do_work_pending+0x364/0x398
	[<c7a0dcab>] slow_work_pending+0xc/0x20
    unreferenced object 0xc6cdd6c0 (size 64):
      comm "mount.nfs", pid 261, jiffies 4294943456 (age 1385.470s)
      hex dump (first 32 bytes):
	73 65 72 76 65 72 2d 31 00 00 00 00 00 00 00 00  server-1........
	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
	[<7849dbd6>] slab_post_alloc_hook.constprop.0+0x9c/0xac
	[<bf2297e0>] __kmem_cache_alloc_node+0xc4/0x124
	[<07299a52>] __kmalloc_node_track_caller+0x80/0xa4
	[<1876b300>] kvasprintf+0x5c/0xcc
	[<4fa40352>] kasprintf+0x28/0x58
	[<68e29ee6>] nfs_sysfs_move_sb_to_server+0x18/0x50
	[<6a98700b>] nfs_kill_super+0x18/0x34
	[<d388276a>] deactivate_locked_super+0x50/0x88
	[<3945c450>] cleanup_mnt+0x6c/0xc8
	[<fb0ac980>] task_work_run+0x84/0xb4
	[<d6ee2bd3>] do_work_pending+0x364/0x398
	[<c7a0dcab>] slow_work_pending+0xc/0x20

Tested-by: Geert Uytterhoeven <geert+renesas@xxxxxxxxx>

--- a/fs/nfs/sysfs.c
+++ b/fs/nfs/sysfs.c
@@ -345,8 +345,10 @@ void nfs_sysfs_move_sb_to_server(struct nfs_server *server)
	int ret = -ENOMEM;

	s = kasprintf(GFP_KERNEL, "server-%d", server->s_sysfs_id);
-	if (s)
+	if (s) {
		ret = kobject_rename(&server->kobj, s);
+		kfree(s);
+	}
	if (ret < 0)
		pr_warn("NFS: rename sysfs %s failed (%d)\n",
					server->kobj.name, ret);

Gr{oetje,eeting}s,

						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
							    -- Linus Torvalds






