All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 0/2] Fix memory and page leak when writedata alloc failed
@ 2022-10-22  7:35 Zhang Xiaoxu
  2022-10-22  7:35 ` [PATCH 1/2] cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() Zhang Xiaoxu
  2022-10-22  7:35 ` [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() Zhang Xiaoxu
  0 siblings, 2 replies; 4+ messages in thread
From: Zhang Xiaoxu @ 2022-10-22  7:35 UTC (permalink / raw)
  To: linux-cifs, zhangxiaoxu5, sfrench, smfrench, pc, lsahlber,
	sprasad, tom, longli

Zhang Xiaoxu (2):
  cifs: Fix pages leak when writedata alloc failed in
    cifs_write_from_iter()
  cifs: Fix pages array leak when writedata alloc failed in
    cifs_writedata_alloc()

 fs/cifs/file.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

-- 
2.31.1


^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH 1/2] cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter()
  2022-10-22  7:35 [PATCH 0/2] Fix memory and page leak when writedata alloc failed Zhang Xiaoxu
@ 2022-10-22  7:35 ` Zhang Xiaoxu
  2022-10-22  7:35 ` [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() Zhang Xiaoxu
  1 sibling, 0 replies; 4+ messages in thread
From: Zhang Xiaoxu @ 2022-10-22  7:35 UTC (permalink / raw)
  To: linux-cifs, zhangxiaoxu5, sfrench, smfrench, pc, lsahlber,
	sprasad, tom, longli

There is a kmemleak when writedata alloc failed:

  unreferenced object 0xffff888175ae4000 (size 4096):
    comm "dd", pid 19419, jiffies 4296028749 (age 739.396s)
    hex dump (first 32 bytes):
      80 02 b0 04 00 ea ff ff c0 02 b0 04 00 ea ff ff  ................
      80 22 4c 04 00 ea ff ff c0 22 4c 04 00 ea ff ff  ."L......"L.....
    backtrace:
      [<0000000072fdbb86>] __kmalloc_node+0x50/0x150
      [<0000000039faf56f>] __iov_iter_get_pages_alloc+0x605/0xdd0
      [<00000000f862a9d4>] iov_iter_get_pages_alloc2+0x3b/0x80
      [<000000008f226067>] cifs_write_from_iter+0x2ae/0xe40
      [<000000001f78f2f1>] __cifs_writev+0x337/0x5c0
      [<00000000257fcef5>] vfs_write+0x503/0x690
      [<000000008778a238>] ksys_write+0xb9/0x150
      [<00000000ed82047c>] do_syscall_64+0x35/0x80
      [<000000003365551d>] entry_SYSCALL_64_after_hwframe+0x46/0xb0

__iov_iter_get_pages_alloc+0x605/0xdd0 is:
  want_pages_array at lib/iov_iter.c:1304
  (inlined by) __iov_iter_get_pages_alloc at lib/iov_iter.c:1457

If writedata allocate failed, the pages and pagevec should be cleanup.

Fixes: 8c5f9c1ab7cb ("CIFS: Add support for direct I/O write")
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
---
 fs/cifs/file.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 5b3b308e115c..87be0223a57a 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -3299,6 +3299,9 @@ cifs_write_from_iter(loff_t offset, size_t len, struct iov_iter *from,
 					     cifs_uncached_writev_complete);
 			if (!wdata) {
 				rc = -ENOMEM;
+				for (i = 0; i < nr_pages; i++)
+					put_page(pagevec[i]);
+				kvfree(pagevec);
 				add_credits_and_wake_if(server, credits, 0);
 				break;
 			}
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc()
  2022-10-22  7:35 [PATCH 0/2] Fix memory and page leak when writedata alloc failed Zhang Xiaoxu
  2022-10-22  7:35 ` [PATCH 1/2] cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() Zhang Xiaoxu
@ 2022-10-22  7:35 ` Zhang Xiaoxu
  2022-10-22 18:21   ` Steve French
  1 sibling, 1 reply; 4+ messages in thread
From: Zhang Xiaoxu @ 2022-10-22  7:35 UTC (permalink / raw)
  To: linux-cifs, zhangxiaoxu5, sfrench, smfrench, pc, lsahlber,
	sprasad, tom, longli

There is a memory leak when writedata alloc failed:

  unreferenced object 0xffff888192364000 (size 8192):
    comm "sync", pid 22839, jiffies 4297313967 (age 60.230s)
    hex dump (first 32 bytes):
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    backtrace:
      [<0000000027de0814>] __kmalloc+0x4d/0x150
      [<00000000b21e81ab>] cifs_writepages+0x35f/0x14a0
      [<0000000076f7d20e>] do_writepages+0x10a/0x360
      [<00000000d6a36edc>] filemap_fdatawrite_wbc+0x95/0xc0
      [<000000005751a323>] __filemap_fdatawrite_range+0xa7/0xe0
      [<0000000088afb0ca>] file_write_and_wait_range+0x66/0xb0
      [<0000000063dbc443>] cifs_strict_fsync+0x80/0x5f0
      [<00000000c4624754>] __x64_sys_fsync+0x40/0x70
      [<000000002c0dc744>] do_syscall_64+0x35/0x80
      [<0000000052f46bee>] entry_SYSCALL_64_after_hwframe+0x46/0xb0

cifs_writepages+0x35f/0x14a0 is:
  kmalloc_array at include/linux/slab.h:628
  (inlined by) kcalloc at include/linux/slab.h:659
  (inlined by) cifs_writedata_alloc at fs/cifs/file.c:2438
  (inlined by) wdata_alloc_and_fillpages at fs/cifs/file.c:2527
  (inlined by) cifs_writepages at fs/cifs/file.c:2705

If writedata alloc failed in cifs_writedata_alloc(), the pages array
should be freed.

Fixes: 8e7360f67e75 ("CIFS: Add support for direct pages in wdata")
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
---
 fs/cifs/file.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 87be0223a57a..cd9698209930 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -2434,12 +2434,16 @@ cifs_writev_complete(struct work_struct *work)
 struct cifs_writedata *
 cifs_writedata_alloc(unsigned int nr_pages, work_func_t complete)
 {
+	struct cifs_writedata *writedata = NULL;
 	struct page **pages =
 		kcalloc(nr_pages, sizeof(struct page *), GFP_NOFS);
-	if (pages)
-		return cifs_writedata_direct_alloc(pages, complete);
+	if (pages) {
+		writedata = cifs_writedata_direct_alloc(pages, complete);
+		if (!writedata)
+			kvfree(pages);
+	}
 
-	return NULL;
+	return writedata;
 }
 
 struct cifs_writedata *
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc()
  2022-10-22  7:35 ` [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() Zhang Xiaoxu
@ 2022-10-22 18:21   ` Steve French
  0 siblings, 0 replies; 4+ messages in thread
From: Steve French @ 2022-10-22 18:21 UTC (permalink / raw)
  To: Zhang Xiaoxu; +Cc: linux-cifs, sfrench, pc, lsahlber, sprasad, tom, longli

Good catch. Tentatively merged into cifs-2.6.git for-next pending testing.

On Sat, Oct 22, 2022 at 1:32 AM Zhang Xiaoxu <zhangxiaoxu5@huawei.com> wrote:
>
> There is a memory leak when writedata alloc failed:
>
>   unreferenced object 0xffff888192364000 (size 8192):
>     comm "sync", pid 22839, jiffies 4297313967 (age 60.230s)
>     hex dump (first 32 bytes):
>       00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>       00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>     backtrace:
>       [<0000000027de0814>] __kmalloc+0x4d/0x150
>       [<00000000b21e81ab>] cifs_writepages+0x35f/0x14a0
>       [<0000000076f7d20e>] do_writepages+0x10a/0x360
>       [<00000000d6a36edc>] filemap_fdatawrite_wbc+0x95/0xc0
>       [<000000005751a323>] __filemap_fdatawrite_range+0xa7/0xe0
>       [<0000000088afb0ca>] file_write_and_wait_range+0x66/0xb0
>       [<0000000063dbc443>] cifs_strict_fsync+0x80/0x5f0
>       [<00000000c4624754>] __x64_sys_fsync+0x40/0x70
>       [<000000002c0dc744>] do_syscall_64+0x35/0x80
>       [<0000000052f46bee>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
>
> cifs_writepages+0x35f/0x14a0 is:
>   kmalloc_array at include/linux/slab.h:628
>   (inlined by) kcalloc at include/linux/slab.h:659
>   (inlined by) cifs_writedata_alloc at fs/cifs/file.c:2438
>   (inlined by) wdata_alloc_and_fillpages at fs/cifs/file.c:2527
>   (inlined by) cifs_writepages at fs/cifs/file.c:2705
>
> If writedata alloc failed in cifs_writedata_alloc(), the pages array
> should be freed.
>
> Fixes: 8e7360f67e75 ("CIFS: Add support for direct pages in wdata")
> Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
> ---
>  fs/cifs/file.c | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/fs/cifs/file.c b/fs/cifs/file.c
> index 87be0223a57a..cd9698209930 100644
> --- a/fs/cifs/file.c
> +++ b/fs/cifs/file.c
> @@ -2434,12 +2434,16 @@ cifs_writev_complete(struct work_struct *work)
>  struct cifs_writedata *
>  cifs_writedata_alloc(unsigned int nr_pages, work_func_t complete)
>  {
> +       struct cifs_writedata *writedata = NULL;
>         struct page **pages =
>                 kcalloc(nr_pages, sizeof(struct page *), GFP_NOFS);
> -       if (pages)
> -               return cifs_writedata_direct_alloc(pages, complete);
> +       if (pages) {
> +               writedata = cifs_writedata_direct_alloc(pages, complete);
> +               if (!writedata)
> +                       kvfree(pages);
> +       }
>
> -       return NULL;
> +       return writedata;
>  }
>
>  struct cifs_writedata *
> --
> 2.31.1
>


-- 
Thanks,

Steve

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-10-22 18:22 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-22  7:35 [PATCH 0/2] Fix memory and page leak when writedata alloc failed Zhang Xiaoxu
2022-10-22  7:35 ` [PATCH 1/2] cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() Zhang Xiaoxu
2022-10-22  7:35 ` [PATCH 2/2] cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() Zhang Xiaoxu
2022-10-22 18:21   ` Steve French

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.