[PATCH] physmap: Fix leak of memory returned by parse_mtd_partitions
Atsushi Nemoto
anemo at mba.ocn.ne.jp
Tue Feb 24 09:36:00 EST 2009
On Tue, 24 Feb 2009 14:35:05 +0100, Sascha Hauer <s.hauer at pengutronix.de> wrote:
> On Wed, Nov 12, 2008 at 11:57:33PM +0900, Atsushi Nemoto wrote:
> > The mtd partition parser returns an allocated pointer array of
> > mtd_partition. The caller must free it. The array is used only for
> > add_mtd_partitions(), so free it just after the call.
>
> This patch breaks command line parsing support. With command line
> partition parsing the struct mtd_partition array is allocated, but only
> once. On my board with NAND and NOR (both with command line partition
> parsing) It fails badly in parse_cmdline_partitions() when the second
> device gets parsed.
>
> The following patch fixes it, but I don't know if this is
> the correct solution. Does anybody have more insights on this?
Do your NAND and NOR have same mtd-id? The cmdlinepart allocates
mtd_partition aray for each mtd-id. So usually another array will be
returned for NAND and NOR.
The physmap patch has another bug and fixes are on the way mainline:
http://git.infradead.org/mtd-2.6.git?a=commit;h=e480814f138cd5d78a8efe397756ba6b6518fdb6
But this seems not enough, as you wrote. If multiple mtd have same
mtd-id, bad things can happen. And more seriously, if I load physmap
driver _again_ after unload, cmdlinepart will return a freed pointer
on the second time.
Hmm, little memory leak is less serious than crash. Now I start
thinking reverting the commit 176bf2e0 will be best for 2.6.29
release.
I'm not sure for long term solutions.
A) make all parsers return kmalloc-ed mtd_partition array each time
and fix memory leak in each driver
B) make all parsers return mtd_partition array allocated only once,
and fix drivers which free the mtd_partition array.
David, how do you think?
---
Atsushi Nemoto
More information about the linux-mtd
mailing list