Hi Yuezhang,
On 2025/9/9 10:52, Yuezhang Mo wrote:
This patch addresses 4 memory leaks and 1 allocation issue to
ensure proper cleanup and allocation:
1. Fixed memory leak by freeing sbi->zmgr in z_erofs_compress_exit().
2. Fixed memory leak by freeing inode->chunkindexes in erofs_iput().
3. Fixed incorrect allocation of chunk index array in
erofs_rebuild_write_blob_index() to ensure correct array allocation
and avoid out-of-bounds access.
4. Fixed memory leak of struct erofs_blobchunk not being freed by
calling erofs_blob_exit() in rebuild mode.
5. Fix memory leak by calling erofs_put_super().
In main(), erofs_read_superblock() is called only to get the block
size. In erofs_mkfs_rebuild_load_trees(), erofs_read_superblock()
is called again, causing sbi->devs to be overwritten without being
released.
Signed-off-by: Yuezhang Mo <[email protected]>
Reviewed-by: Friendy Su <[email protected]>
Reviewed-by: Daniel Palmer <[email protected]>
Thanks for your patch and sorry for a bit delay...
---
lib/compress.c | 2 ++
lib/inode.c | 3 +++
lib/rebuild.c | 2 +-
mkfs/main.c | 3 ++-
4 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/lib/compress.c b/lib/compress.c
index 622a205..dd537ec 100644
--- a/lib/compress.c
+++ b/lib/compress.c
@@ -2171,5 +2171,7 @@ int z_erofs_compress_exit(struct erofs_sb_info *sbi)
}
#endif
}
+
+ free(sbi->zmgr);
return 0;
}
diff --git a/lib/inode.c b/lib/inode.c
index 7ee6b3d..0882875 100644
--- a/lib/inode.c
+++ b/lib/inode.c
@@ -159,6 +159,9 @@ unsigned int erofs_iput(struct erofs_inode *inode)
} else {
free(inode->i_link);
}
+
+ if (inode->chunkindexes)
+ free(inode->chunkindexes);
For now, this needs a check
if (inode->datalayout == EROFS_INODE_CHUNK_BASED)
free(inode->chunkindexes);
I admit it's not very clean, but otherwise it doesn't work
since `chunkindexes` is in a union.
free(inode);
return 0;
}
diff --git a/lib/rebuild.c b/lib/rebuild.c
index 0358567..18e5204 100644
--- a/lib/rebuild.c
+++ b/lib/rebuild.c
@@ -186,7 +186,7 @@ static int erofs_rebuild_write_blob_index(struct
erofs_sb_info *dst_sb,
unit = sizeof(struct erofs_inode_chunk_index);
inode->extent_isize = count * unit;
- idx = malloc(max(sizeof(*idx), sizeof(void *)));
+ idx = calloc(count, max(sizeof(*idx), sizeof(void *)));
if (!idx)
return -ENOMEM;
inode->chunkindexes = idx;
diff --git a/mkfs/main.c b/mkfs/main.c
index 28588db..bcde787 100644
--- a/mkfs/main.c
+++ b/mkfs/main.c
@@ -1702,6 +1702,7 @@ int main(int argc, char **argv)
goto exit;
}
mkfs_blkszbits = src->blkszbits;
+ erofs_put_super(src);
Do you really need to fix this now (considering `mkfs.erofs`
will exit finally)?
In priciple, I think it should be fixed with a reference and
something similiar to the kernel fill_super.
I'm not sure if you have more time to improve this anyway,
but the current usage is not perfect on my side...
Thanks,
Gao Xiang
}
if (!incremental_mode)
@@ -1908,7 +1909,7 @@ exit:
erofs_dev_close(&g_sbi);
erofs_cleanup_compress_hints();
erofs_cleanup_exclude_rules();
- if (cfg.c_chunkbits)
+ if (cfg.c_chunkbits || source_mode == EROFS_MKFS_SOURCE_REBUILD)
erofs_blob_exit();
erofs_xattr_cleanup_name_prefixes();
erofs_rebuild_cleanup();
