diff mbox series

Suspected leak of 'name'

Message ID cd4caf07-69d1-d194-72f2-fddf55979d7b@kernel.dk (mailing list archive)
State New, archived
Headers show
Series Suspected leak of 'name' | expand

Commit Message

Jens Axboe Feb. 17, 2021, 9:54 p.m. UTC 
Hi Al,

Same reproducer I sent you, was running testing and kmemleak complained
about 'name' from proc_self_get_link() never getting freed:

unreferenced object 0xffff8881086f0a30 (size 16):
  comm "al", pid 35226, jiffies 4295022637 (age 74.420s)
  hex dump (first 16 bytes):
    33 35 32 32 36 00 00 00 20 0a 6f 08 81 88 ff ff  35226... .o.....
  backtrace:
    [<00000000dbe89ca0>] proc_self_get_link+0x99/0xc0
    [<0000000090ccc390>] step_into+0x530/0x6b0
    [<00000000934729a9>] walk_component+0x70/0x1c0
    [<00000000fc19296d>] link_path_walk.part.0+0x234/0x370
    [<000000006f9abd8e>] path_openat+0xb3/0xe50
    [<00000000d07cfec9>] do_filp_open+0x88/0x130
    [<000000007de40bab>] do_sys_openat2+0x97/0x150
    [<00000000bf0f331a>] __x64_sys_openat2+0x66/0xc0
    [<000000007ec2351f>] do_syscall_64+0x2d/0x40
    [<00000000758089a7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Are we missing a drop_links() for the LOOKUP_CACHED case?
diff mbox series

Patch

diff --git a/fs/namei.c b/fs/namei.c
index 58962569cc20..de74ad2bc6e2 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -631,6 +631,7 @@  static bool legitimize_links(struct nameidata *nd)
 {
 	int i;
 	if (unlikely(nd->flags & LOOKUP_CACHED)) {
+		drop_links(nd);
 		nd->depth = 0;
 		return false;
 	}