kmemleak report:
unreferenced object 0x9802bb591d00 (size 256):
comm "ftest03", pid 24778, jiffies 4301603810 (age 490.665s)
hex dump (first 32 bytes):
00 01 04 20 01 00 00 00 80 00 00 00 00 00 00 00 ...
f0 02 04 20 01 00 00 00 80 00 00 00 00 00 00 00 ...
backtrace:
[<50b162cb>] __kmalloc+0x234/0x438
[<491da9c7>] rw_copy_check_uvector+0x1ac/0x1f0
[] import_iovec+0x50/0xe8
[] vfs_readv+0x50/0xb0
[] do_readv+0x80/0x160
[] syscall_common+0x34/0x58
This is because "iov" allocated by kmalloc() is not destroyed. Under normal
circumstances, "ret_pointer" should be equal to "iov". But if the previous
statements fails to execute, and the allocation is successful, then the
block of memory will not be released, because it is necessary to
determine whether they are equal. So we need to change the order.
Signed-off-by: Peng Fan
---
fs/read_write.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/read_write.c b/fs/read_write.c
index bbfa9b1..aa4f7c5 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -832,8 +832,8 @@ ssize_t rw_copy_check_uvector(int type, const struct iovec
__user * uvector,
}
ret += len;
}
-out:
*ret_pointer = iov;
+out:
return ret;
}
--
2.1.0