Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
From:   trondmy@kernel.org
To:     linux-nfs@vger.kernel.org
Subject: [PATCH 00/10] NFS: Fix a number of memory leaks and use-after-free
Date:   Wed,  1 Apr 2020 14:56:42 -0400
Message-Id: <20200401185652.1904777-1-trondmy@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk

From: Trond Myklebust <trond.myklebust@hammerspace.com>

When running xfstests with wsize=1024, a number of use-after-free issues
and memory leaks can currently be hit. One of the more obvious
leaks is seen when the generic/013 test fails due to the presence of
sillyrenamed files that never go away.

After testing with kasan enabled, and adding some debugging code to
detect leaked nfs_page and nfs_direct_req structures, I found a number
of issues that appear to be fixed by the following patchset.

Trond Myklebust (10):
  NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
  NFS: Fix races nfs_page_group_destroy() vs
    nfs_destroy_unlinked_subrequests()
  NFS: Fix use-after-free issues in nfs_pageio_add_request()
  NFS: Fix a request reference leak in nfs_direct_write_clear_reqs()
  NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
  NFS: Remove the redundant function nfs_pgio_has_mirroring()
  NFS: Clean up nfs_lock_and_join_requests()
  NFS: Reverse the submission order of requests in
    __nfs_pageio_add_request()
  NFS: Refactor nfs_lock_and_join_requests()
  NFS: Try to join page groups before an O_DIRECT retransmission

 fs/nfs/direct.c          |  21 +++
 fs/nfs/internal.h        |   6 -
 fs/nfs/pagelist.c        | 350 +++++++++++++++++++++++++--------------
 fs/nfs/write.c           | 258 ++++++++++++++---------------
 include/linux/nfs_page.h |   5 +
 5 files changed, 379 insertions(+), 261 deletions(-)

-- 
2.25.1