From 04be570c42057ab8ef929dfd9b82970d8cbf530c Mon Sep 17 00:00:00 2001 From: Qiheng Lin Date: Thu, 25 May 2023 20:29:32 +0800 Subject: [PATCH] hmdfs: fix memleak of alloc_conn_tcp The recv_task thread works with `kthread_create`, `wake_up_process`, `kthread_stop` sequence, but the thread need to be scheduled after wake up. We need to check the return code of kthread_stop to manualy put the refcnt of connection struct. BUG: memory leak unreferenced object 0xffff88800c91c000 (size 512): comm "ioctl_test_s", pid 202, jiffies 4295070196 (age 12.374s) hex dump (first 32 bytes): 00 c0 91 0c 80 88 ff ff 00 c0 91 0c 80 88 ff ff ................ 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000fd873d1d>] kmalloc include/linux/slab.h:552 [inline] [<00000000fd873d1d>] kzalloc include/linux/slab.h:664 [inline] [<00000000fd873d1d>] alloc_conn_tcp+0x7d/0x1340 fs/hmdfs/comm/transport.c:1113 [<00000000adbf1a7e>] hmdfs_get_conn_tcp+0x172/0x680 fs/hmdfs/comm/transport.c:1184 [<000000001c250cf6>] ctrl_cmd_update_socket_handler+0x1b8/0x4d0 fs/hmdfs/comm/device_node.c:57 [<00000000e311d1a1>] sbi_cmd_store+0x13d/0x220 fs/hmdfs/comm/device_node.c:238 ... Signed-off-by: Qiheng Lin Change-Id: I97e52ce20f2826f4e59a31d9ea42cd8b6e7c3b4e --- fs/hmdfs/comm/transport.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/hmdfs/comm/transport.c b/fs/hmdfs/comm/transport.c index e6c6768f0ab7..a68cf800c51a 100644 --- a/fs/hmdfs/comm/transport.c +++ b/fs/hmdfs/comm/transport.c @@ -850,11 +850,15 @@ static int tcp_send_message(struct connection *connect, void tcp_close_socket(struct tcp_handle *tcp) { + int ret; if (!tcp) return; mutex_lock(&tcp->close_mutex); if (tcp->recv_task) { - kthread_stop(tcp->recv_task); + ret = kthread_stop(tcp->recv_task); + /* recv_task killed before sched, we need to put the connect */ + if (ret == -EINTR) + connection_put(tcp->connect); tcp->recv_task = NULL; } mutex_unlock(&tcp->close_mutex); -- Gitee