Patchwork kmemleak complaints in ip6mr.c

login
register
mail settings
Submitter WANG Cong
Date Jan. 30, 2013, 8:22 a.m.
Message ID <keal7n$mi4$1@ger.gmane.org>
Download mbox | patch
Permalink /patch/216779/
State RFC
Delegated to: David Miller
Headers show

Comments

WANG Cong - Jan. 30, 2013, 8:22 a.m.
On Tue, 29 Jan 2013 at 18:59 GMT, David Miller <davem@davemloft.net> wrote:
> From: Tom Parkin <tparkin@katalix.com>
> Date: Tue, 29 Jan 2013 18:51:27 +0000
>
>> I've discovered what may be a memory leak in ip6mr when using network
>> namespaces.  Here's the kmemleak backtrace:
>> 
>> 
>> unreferenced object 0xf0d4a180 (size 96):
>>   comm "ip", pid 6735, jiffies 4294949643 (age 73.268s)
>>   hex dump (first 32 bytes):
>>     68 a1 d4 f0 00 02 20 00 01 00 00 00 00 00 00 00  h..... .........
>>     00 00 00 00 00 00 00 00 00 00 00 00 ff 7f 00 00  ................
>>   backtrace:
>>     [<c159b50c>] kmemleak_alloc+0x2c/0x60
>>     [<c1139c23>] __kmalloc+0x1c3/0x240
>>     [<c14e2627>] fib_default_rule_add+0x27/0x70
>>     [<c157f8df>] ip6mr_net_init+0x6f/0x140
>>     [<c14c4129>] ops_init+0x39/0x110
>>     [<c14c425f>] setup_net+0x5f/0xf0
>>     [<c14c46e4>] copy_net_ns+0x74/0xf0
>>     [<c105fc81>] create_new_namespaces+0xd1/0x160
>>     [<c105fedf>] unshare_nsproxy_namespaces+0x5f/0xa0
>>     [<c1038a94>] sys_unshare+0x114/0x280
>>     [<c15b7ecd>] sysenter_do_call+0x12/0x28
>>     [<ffffffff>] 0xffffffff
>
> How is this memory unreferenced?  fib_rule_default_add() adds
> the allocated object to the ops->rules_list as it's very last
> action.

Perhaps we miss a synchronize_rcu() here...

		    

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index 58a4ba2..7b53f4a 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -176,6 +176,7 @@  void fib_rules_unregister(struct fib_rules_ops *ops)
        spin_unlock(&net->rules_mod_lock);
	 
         call_rcu(&ops->rcu, fib_rules_put_rcu);
 +       synchronize_rcu();
  }
  EXPORT_SYMBOL_GPL(fib_rules_unregister);