Kernel memleak in jffs2_erase_block() (fs/jffs2/erase.c:78)

Mon Nov 12 07:30:49 EST 2007

On Mon, 2007-11-12 at 13:39 +0300, Damir Shayhutdinov wrote:
> Hi!
> 
> I'm studying JFFS2 code now, and I believe I've found a kernel memory leak.
> 
> fs/jffs2/erase.c:
> 
> 76         ret = c->mtd->erase(c->mtd, instr);
> 77         if (!ret)
> 78                 return;
> 
> In case of ret == 0 (erase succeeded), line 78 leaves the function
> jffs2_erase_block without kfree-ing previously kmalloc-ed pointer
> instr (line 50).
> 
> So, sizeof(struct erase_info) + sizeof(struct erase_priv_struct) bytes
> are leaking each time block is erased successfully.

Nope, instr is freed in jffs2_erase_callback() in this case.

 Jocke