Commit 1addb798 authored by David Disseldorp's avatar David Disseldorp Committed by Jens Axboe

null_blk: fix dev->badblocks leak

null_alloc_dev() allocates memory for dev->badblocks, but cleanup
currently only occurs in the configfs release codepath, missing a number
of other places.

This bug was found running the blktests block/010 test, alongside
kmemleak:
rapido1:/blktests# ./check block/010
...
rapido1:/blktests# echo scan > /sys/kernel/debug/kmemleak
[  306.966708] kmemleak: 32 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
rapido1:/blktests# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff88001f86d000 (size 4096):
  comm "modprobe", pid 231, jiffies 4294892415 (age 318.252s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff814b0379>] kmemleak_alloc+0x49/0xa0
    [<ffffffff810f180f>] kmem_cache_alloc+0x9f/0xe0
    [<ffffffff8124e45f>] badblocks_init+0x2f/0x60
    [<ffffffffa0019fae>] 0xffffffffa0019fae
    [<ffffffffa0021273>] nullb_device_badblocks_store+0x63/0x130 [null_blk]
    [<ffffffff810004cd>] do_one_initcall+0x3d/0x170
    [<ffffffff8109fe0d>] do_init_module+0x56/0x1e9
    [<ffffffff8109ebd7>] load_module+0x1c47/0x26a0
    [<ffffffff8109f819>] SyS_finit_module+0xa9/0xd0
    [<ffffffff814b4f60>] entry_SYSCALL_64_fastpath+0x13/0x94

Fixes: 2f54a613 ("nullb: badbblocks support")
Reviewed-by: default avatarShaohua Li <shli@fb.com>
Signed-off-by: default avatarDavid Disseldorp <ddiss@suse.de>
Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
parent 1690102d
...@@ -471,7 +471,6 @@ static void nullb_device_release(struct config_item *item) ...@@ -471,7 +471,6 @@ static void nullb_device_release(struct config_item *item)
{ {
struct nullb_device *dev = to_nullb_device(item); struct nullb_device *dev = to_nullb_device(item);
badblocks_exit(&dev->badblocks);
null_free_device_storage(dev, false); null_free_device_storage(dev, false);
null_free_dev(dev); null_free_dev(dev);
} }
...@@ -582,6 +581,10 @@ static struct nullb_device *null_alloc_dev(void) ...@@ -582,6 +581,10 @@ static struct nullb_device *null_alloc_dev(void)
static void null_free_dev(struct nullb_device *dev) static void null_free_dev(struct nullb_device *dev)
{ {
if (!dev)
return;
badblocks_exit(&dev->badblocks);
kfree(dev); kfree(dev);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment