代码拉取完成,页面将自动刷新
问题现象如下
[root@localhost ~]# echo scan > /sys/kernel/debug/kmemleak
[root@localhost ~]# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff8881238de580 (size 512):
comm "mount.cifs", pid 576, jiffies 4294805132 (age 398.116s)
hex dump (first 32 bytes):
00 30 63 10 81 88 ff ff e0 3d 63 10 81 88 ff ff .0c......=c.....
00 00 00 00 00 00 00 00 80 31 d1 22 81 88 ff ff .........1."....
backtrace:
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff888122d13180 (size 32):
comm "mount.cifs", pid 576, jiffies 4294805132 (age 398.116s)
hex dump (first 32 bytes):
5c 5c 31 39 32 2e 31 36 38 2e 36 38 2e 37 37 5c \\192.168.68.77\
54 45 53 54 00 00 00 00 00 00 00 00 00 00 00 00 TEST............
backtrace:
[<00000000717a9281>] cifs_parse_mount_options+0x459/0x2230
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff888110633000 (size 8):
comm "mount.cifs", pid 576, jiffies 4294805132 (age 398.116s)
hex dump (first 8 bytes):
66 73 67 71 61 00 ff ff fsgqa...
backtrace:
[<000000006315b419>] cifs_parse_mount_options+0xe5b/0x2230
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff888110633de0 (size 8):
comm "mount.cifs", pid 576, jiffies 4294805132 (age 398.116s)
hex dump (first 8 bytes):
68 75 61 77 65 69 00 00 huawei..
backtrace:
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff88810cf00120 (size 32):
comm "mount.cifs", pid 701, jiffies 4294848207 (age 355.056s)
hex dump (first 32 bytes):
5c 5c 31 39 32 2e 31 36 38 2e 36 38 2e 37 37 5c \\192.168.68.77\
54 45 53 54 00 00 00 00 00 00 00 00 00 00 00 00 TEST............
backtrace:
[<00000000717a9281>] cifs_parse_mount_options+0x459/0x2230
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff88814e6ed180 (size 8):
comm "mount.cifs", pid 701, jiffies 4294848208 (age 355.055s)
hex dump (first 8 bytes):
68 75 61 77 65 69 00 00 huawei..
backtrace:
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff88810f851680 (size 512):
comm "mount.cifs", pid 747, jiffies 4295139638 (age 63.625s)
hex dump (first 32 bytes):
b0 c4 41 08 81 88 ff ff d0 ce 41 08 81 88 ff ff ..A.......A.....
00 00 00 00 00 00 00 00 00 60 7f 02 81 88 ff ff .........`......
backtrace:
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff8881027f6000 (size 32):
comm "mount.cifs", pid 747, jiffies 4295139638 (age 63.625s)
hex dump (first 32 bytes):
5c 5c 31 39 32 2e 31 36 38 2e 36 38 2e 37 37 5c \\192.168.68.77\
54 45 53 54 00 ff ff ff 50 6a 57 ae ff ff ff ff TEST....PjW.....
backtrace:
[<00000000717a9281>] cifs_parse_mount_options+0x459/0x2230
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff88810841c4b0 (size 8):
comm "mount.cifs", pid 747, jiffies 4295139638 (age 63.640s)
hex dump (first 8 bytes):
66 73 67 71 61 00 ff ff fsgqa...
backtrace:
[<000000006315b419>] cifs_parse_mount_options+0xe5b/0x2230
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
unreferenced object 0xffff88810841ced0 (size 8):
comm "mount.cifs", pid 747, jiffies 4295139638 (age 63.640s)
hex dump (first 8 bytes):
68 75 61 77 65 69 00 00 huawei..
backtrace:
[<000000001aa09c5c>] cifs_setup_volume_info+0x1f/0x1f0
[<00000000c1a42c36>] cifs_get_volume_info+0x4e/0x90
[<00000000aa76ee94>] cifs_smb3_do_mount+0xa2/0x5b0
[<00000000b87d07fd>] mount_fs+0x5c/0x191
[<000000006a4dd4d9>] vfs_kern_mount.part.0+0x51/0x1b0
[<000000008da7b30f>] do_mount+0x30b/0x1320
[<000000009a9aa187>] ksys_mount+0x7e/0xc0
[<00000000df394707>] __x64_sys_mount+0x62/0x70
[<0000000063676d8d>] do_syscall_64+0x7b/0x2c0
[<00000000c2dae16f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<00000000aea7b412>] 0xffffffffffffffff
Hi Luo_meng_meng, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers: @yangyingliang , @gatieme , @jiaoff , @zhengzengkai , @LiuYongQiang0816 , @wangxiongfeng , @kevinzhu1 , @jentlestea , @lujialin2 , @wuxu_buque , @xukuohai , @lengchao , @alvin-ling , @yuzenghui , @yuehaibing , @juntianlinux , @chenguangli , @gasonchen , @whoisxxx , @koulihong , @kailiu42 , @hanjun-guo , @woqidaideshi , @chiqijun , @wkfxxx , @thundertown , @guohaocs2c , @kylin-mayukun , @oskernel0719 , @liuxinux , @newbeats , @zhujianwei001 , @zhenpengzheng , @SuperSix173 , @colyli , @zhangyi089 , @htforge , @qiuuuuu , @xiexiuqi
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
LuoMeng
3年前
LTS补丁2fe0e281f7ad 分析:
代码分析:
cifs_get_root # 此处失败
deactivate_locked_super
cifs_kill_sb # 通过 fs->kill_sb 回调
cifs_umount
kfree(cifs_sb->prepath); # 已释放一次
call_rcu(&cifs_sb->rcu, delayed_free)
smb3_cleanup_fs_context(cifs_sb->ctx)
kfree(ctx)
kfree(cifs_sb->prepath); # 重复释放
smb3_cleanup_fs_context(cifs_sb->ctx);
kfree(cifs_sb); # 重复释放
delayed_free # 此处会释放
smb3_cleanup_fs_context(cifs_sb->ctx);
根据上述流程补丁修复了double free的问题
LuoMeng
3年前
在openEuler-1.0-LTS里流程如下:
cifs_get_root
deactivate_locked_super
cifs_kill_sb
cifs_umount
kfree(cifs_sb->mountdata)
kfree(cifs_sb->prepath)
call_rcu(&cifs_sb->rcu, delayed_free)
cifs_cleanup_volume_info(volume_info) # 回合补丁后该分支跳过
kfree(volume_info)
在4,19的代码逻辑中不会发生double free,而此时若在合入LTS补丁会导致跳过cifs_cleanup_volume_info(),此时会导致memory leak。
登录 后才可以发表评论
FileDragTip