fuse: Fix memory leak in fuse_dev_free()
authorTakeshi Misawa <jeliantsurux@gmail.com>
Sun, 9 Dec 2018 05:30:15 +0000 (14:30 +0900)
committerMiklos Szeredi <mszeredi@redhat.com>
Mon, 10 Dec 2018 08:57:54 +0000 (09:57 +0100)
When ntfs is unmounted, the following leak is
reported by kmemleak.

kmemleak report:

unreferenced object 0xffff880052bf4400 (size 4096):
  comm "mount.ntfs", pid 16530, jiffies 4294861127 (age 3215.836s)
  hex dump (first 32 bytes):
    00 44 bf 52 00 88 ff ff 00 44 bf 52 00 88 ff ff  .D.R.....D.R....
    10 44 bf 52 00 88 ff ff 10 44 bf 52 00 88 ff ff  .D.R.....D.R....
  backtrace:
    [<00000000bf4a2f8d>] fuse_fill_super+0xb22/0x1da0 [fuse]
    [<000000004dde0f0c>] mount_bdev+0x263/0x320
    [<0000000025aebc66>] mount_fs+0x82/0x2bf
    [<0000000042c5a6be>] vfs_kern_mount.part.33+0xbf/0x480
    [<00000000ed10cd5b>] do_mount+0x3de/0x2ad0
    [<00000000d59ff068>] ksys_mount+0xba/0xd0
    [<000000001bda1bcc>] __x64_sys_mount+0xba/0x150
    [<00000000ebe26304>] do_syscall_64+0x151/0x490
    [<00000000d25f2b42>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
    [<000000002e0abd2c>] 0xffffffffffffffff

fuse_dev_alloc() allocate fud->pq.processing.
But this hash table is not freed.

Fix this by freeing fud->pq.processing.

Signed-off-by: Takeshi Misawa <jeliantsurux@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: be2ff42c5d6e ("fuse: Use hash table to link processing request")
fs/fuse/inode.c

index 073865371f9ba00b4d4a41dd50bfa0f772adff96..568abed20eb20a097f43c108db7f274947ad604a 100644 (file)
@@ -1068,6 +1068,7 @@ void fuse_dev_free(struct fuse_dev *fud)
 
                fuse_conn_put(fc);
        }
+       kfree(fud->pq.processing);
        kfree(fud);
 }
 EXPORT_SYMBOL_GPL(fuse_dev_free);