Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp514898ybl;
        Wed, 28 Aug 2019 01:07:04 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwPkM8/HjjaJebmqr6F7ksULDQxPkhMj7xzxk9NJzI+ETNjS7EUhAOF9uTF7EWIjYBoBH3Z
X-Received: by 2002:a63:7c0d:: with SMTP id x13mr2336288pgc.360.1566979624607;
        Wed, 28 Aug 2019 01:07:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1566979624; cv=none;
        d=google.com; s=arc-20160816;
        b=ux8rLyguNaGKszJoYx/ouVWBvo/6BS9u42liAkEN42W8PQLjPhMHWfZSUezsydL4Q2
         FKoxLt5Rji6eB9rJhcUHAOSTnzODRZsC6vY0AwlV9e6XqkN7AKoIQxnb2ld/5WbxJgdK
         eEww7Sxthdufg4jTtoT2aEDeZ1LYJNGp3zj6wlizIMqn3nSD/2LgEQZc3z/xmK5UssvC
         UCMPNeOpfe7vOVBCIhERilpLbbboB8vGbGgjMHYN9NCQLw14g3gjzrRnXKdiD2lXweVh
         3zixMnyJAucJ6mSqPwl2xDppCkGcgKyIvJ+Xok8Dqj+jXk6tFFyiZPM5hUDGHF1IJON+
         iSDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=TFSfZia4DyxVfL0bB79dbpqQHULCh9tLLiWAwC+tlKk=;
        b=pfQ6Yom74hD0QUsr7a0ZUInpuXkxTiTpyzUHsGnZ23+k5v8zmhVI4EOlduiWMH+MXv
         wG/gHvouwgm7pUlfgbLnl7a8MA3a+/7On//6cTK4GKHntlVGjZtbVlMF7qcQHvzr3mdo
         EvXHDoFC6aP4zdhCZJP88LpY6cJGM9906M35vi4rudSPX409CkDfWkEAK61QiA8Vheuj
         H5lM821fnyxxJvTGuqw9CpX5QN278YEgiHhsC9wgsPqdALPpNxCzqnQ0+qqYLJhoELmO
         quwAdTzULg/ZkGd1DKJv70INprcXF22e0mCr7evWw/YyL4BH6gvzJParY8qxHZ3G9cLY
         Bj0w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 32si1317899pla.178.2019.08.28.01.06.38;
        Wed, 28 Aug 2019 01:07:04 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726253AbfH1IGh (ORCPT <rfc822;rosenp@gmail.com> + 99 others);
        Wed, 28 Aug 2019 04:06:37 -0400
Received: from mgwym01.jp.fujitsu.com ([211.128.242.40]:22981 "EHLO
        mgwym01.jp.fujitsu.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726272AbfH1IGh (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Wed, 28 Aug 2019 04:06:37 -0400
X-Greylist: delayed 670 seconds by postgrey-1.27 at vger.kernel.org; Wed, 28 Aug 2019 04:06:35 EDT
Received: from yt-mxoi1.gw.nic.fujitsu.com (unknown [192.168.229.67]) by mgwym01.jp.fujitsu.com with smtp
         id 1a8f_35ab_b7ce99b1_367d_4ac0_9a7b_582933f0df42;
        Wed, 28 Aug 2019 16:55:22 +0900
Received: from g01jpfmpwyt03.exch.g01.fujitsu.local (g01jpfmpwyt03.exch.g01.fujitsu.local [10.128.193.57])
        by yt-mxoi1.gw.nic.fujitsu.com (Postfix) with ESMTP id 95299AC0229
        for <linux-nfs@vger.kernel.org>; Wed, 28 Aug 2019 16:55:21 +0900 (JST)
Received: from g01jpexchyt36.g01.fujitsu.local (unknown [10.128.193.4])
        by g01jpfmpwyt03.exch.g01.fujitsu.local (Postfix) with ESMTP id CB8F446E51A;
        Wed, 28 Aug 2019 16:55:20 +0900 (JST)
Received: from luna3.soft.fujitsu.com (10.124.196.199) by
 g01jpexchyt36.g01.fujitsu.local (10.128.193.54) with Microsoft SMTP Server id
 14.3.439.0; Wed, 28 Aug 2019 16:55:20 +0900
From:   Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
To:     <linux-nfs@vger.kernel.org>, <trond.myklebust@hammerspace.com>
CC:     <misono.tomohiro@jp.fujitsu.com>
Subject: [PATCH] NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
Date:   Wed, 28 Aug 2019 17:01:22 +0900
Message-ID: <20190828080122.22123-1-misono.tomohiro@jp.fujitsu.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type:   text/plain; charset=US-ASCII
X-SecurityPolicyCheck-GC: OK by FENCE-Mail
X-TM-AS-GCONF: 00
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

When dreq is allocated by nfs_direct_req_alloc(), dreq->kref is
initialized to 2. Therefore we need to call nfs_direct_req_release()
twice to release the allocated dreq. Usually it is called in
nfs_file_direct_{read, write}() and nfs_direct_complete().

However, current code only calls nfs_direct_req_relese() once if
nfs_get_lock_context() fails in nfs_file_direct_{read, write}().
So, that case would result in memory leak.

Fix this by adding the missing call.

Signed-off-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
---
 Hello,

 I noticed this when reading the code.

 Thanks.

 fs/nfs/direct.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c
index 0cb442406168..18eff685e5fe 100644
--- a/fs/nfs/direct.c
+++ b/fs/nfs/direct.c
@@ -586,6 +586,7 @@ ssize_t nfs_file_direct_read(struct kiocb *iocb, struct iov_iter *iter)
 	l_ctx = nfs_get_lock_context(dreq->ctx);
 	if (IS_ERR(l_ctx)) {
 		result = PTR_ERR(l_ctx);
+		nfs_direct_req_release(dreq);
 		goto out_release;
 	}
 	dreq->l_ctx = l_ctx;
@@ -1014,6 +1015,7 @@ ssize_t nfs_file_direct_write(struct kiocb *iocb, struct iov_iter *iter)
 	l_ctx = nfs_get_lock_context(dreq->ctx);
 	if (IS_ERR(l_ctx)) {
 		result = PTR_ERR(l_ctx);
+		nfs_direct_req_release(dreq);
 		goto out_release;
 	}
 	dreq->l_ctx = l_ctx;
-- 
2.20.1