• Jeff Layton's avatar
    NFS: fix reference counting for NFSv4 callback thread · 8e60029f
    Jeff Layton authored
    The reference counting for the NFSv4 callback thread stays artificially
    high. When this thread comes down, it doesn't properly tear down the
    svc_serv, causing a memory leak. In my testing on an older kernel on
    x86_64, memory would leak out of the 8k kmalloc slab. So, we're leaking
    at least a page of memory every time the thread comes down.
    
    svc_create() creates the svc_serv with a sv_nrthreads count of 1, and
    then svc_create_thread() increments that count. Whenever the callback
    thread is started it has a sv_nrthreads count of 2. When coming down, it
    calls svc_exit_thread() which decrements that count and if it hits 0, it
    tears everything down. That never happens here since the count is always
    at 2 when the thread exits.
    
    The problem is that nfs_callback_up() should be calling svc_destroy() on
    the svc_serv on both success and failure. This is how lockd_up_proto()
    handles the reference counting, and doing that here fixes the leak.
    Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
    Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
    8e60029f
callback.c 5.08 KB