Re: [PATCH] mm/huge_memory: fix memory leak when kobject_init_and_add() fails
From: Lorenzo Stoakes
Date: Tue Jun 09 2026 - 10:30:02 EST
On Tue, Jun 09, 2026 at 10:04:16PM +0800, Lance Yang wrote:
>
>
> On 2026/6/9 21:19, David Hildenbrand (Arm) wrote:
> > On 6/9/26 15:12, ranxiaokai627@xxxxxxx wrote:
> > > From: Ran Xiaokai <ran.xiaokai@xxxxxxxxxx>
> > >
> > > As documented in the comments for kobject_init_and_add():
> > >
> > > "If this function returns an error, kobject_put() must be called to
> > > properly clean up the memory associated with the object. This is the
> > > same type of error handling after a call to kobject_add() and kobject
> > > lifetime rules are the same here."
> > >
> > > This is because kobject_init_and_add() may have already allocated memory
> > > internally for the kobject name (kobj->name), and leaving the refcount
> > > at 1 prevents its release callback from being triggered.
> > >
> > > Fixes: 3485b88390b0a ("mm: thp: introduce multi-size THP sysfs interface")
> > > Signed-off-by: Ran Xiaokai <ran.xiaokai@xxxxxxxxxx>
> > > ---
> > > mm/huge_memory.c | 7 ++-----
> > > 1 file changed, 2 insertions(+), 5 deletions(-)
> > >
> > > diff --git a/mm/huge_memory.c b/mm/huge_memory.c
> > > index 653f2dc03403..601750dbe79f 100644
> > > --- a/mm/huge_memory.c
> > > +++ b/mm/huge_memory.c
> > > @@ -790,11 +790,8 @@ static struct thpsize *thpsize_create(int order, struct kobject *parent)
> > > ret = kobject_init_and_add(&thpsize->kobj, &thpsize_ktype, parent,
> > > "hugepages-%lukB", size);
> > > - if (ret) {
> > > - kfree(thpsize);
> > > - goto err;
> > > - }
> > > -
> > > + if (ret)
> > > + goto err_put;
> > > ret = sysfs_add_group(&thpsize->kobj, &any_ctrl_attr_grp);
> > > if (ret)
> >
> > This looks a lot like:
> >
> > https://lore.kernel.org/all/20260411062152.2092967-1-lgs201920130244@xxxxxxxxx/
>
> Right, the same issue :) There is a v2:
>
> https://lore.kernel.org/linux-mm/20260412175428.2613383-1-lgs201920130244@xxxxxxxxx/
>
> Still pending, though ...
If people could use my actual correct email address it might not have been
pending :) *grumble*