Re: [PATCH] hv_netvsc: Fix a memory leak bug
From: Stephen Hemminger
Date: Wed Aug 14 2019 - 16:37:27 EST
On Wed, 14 Aug 2019 15:16:11 -0500
Wenwen Wang <wenwen@xxxxxxxxxx> wrote:
> In rndis_filter_device_add(), 'rndis_device' is allocated through kzalloc()
> by invoking get_rndis_device(). In the following execution, if an error
> occurs, the execution will go to the 'err_dev_remv' label. However, the
> allocated 'rndis_device' is not deallocated, leading to a memory leak bug.
>
> Signed-off-by: Wenwen Wang <wenwen@xxxxxxxxxx>
> ---
> drivers/net/hyperv/rndis_filter.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/net/hyperv/rndis_filter.c b/drivers/net/hyperv/rndis_filter.c
> index 317dbe9..ed35085 100644
> --- a/drivers/net/hyperv/rndis_filter.c
> +++ b/drivers/net/hyperv/rndis_filter.c
> @@ -1420,6 +1420,7 @@ struct netvsc_device *rndis_filter_device_add(struct hv_device *dev,
>
> err_dev_remv:
> rndis_filter_device_remove(dev, net_device);
> + kfree(rndis_device);
> return ERR_PTR(ret);
> }
>
The rndis_device is already freed by:
rndis_filter_device_remove
netvsc_device_remove
free_netvsc_device_rcu
free_netvsc_device called by rcu
static void free_netvsc_device(struct rcu_head *head)
{
struct netvsc_device *nvdev
= container_of(head, struct netvsc_device, rcu);
int i;
kfree(nvdev->extension); << here