From patchwork Wed Jan 30 08:22:15 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: kmemleak complaints in ip6mr.c Date: Tue, 29 Jan 2013 22:22:15 -0000 From: WANG Cong X-Patchwork-Id: 216779 Message-Id: To: netdev@vger.kernel.org On Tue, 29 Jan 2013 at 18:59 GMT, David Miller wrote: > From: Tom Parkin > Date: Tue, 29 Jan 2013 18:51:27 +0000 > >> I've discovered what may be a memory leak in ip6mr when using network >> namespaces. Here's the kmemleak backtrace: >> >> >> unreferenced object 0xf0d4a180 (size 96): >> comm "ip", pid 6735, jiffies 4294949643 (age 73.268s) >> hex dump (first 32 bytes): >> 68 a1 d4 f0 00 02 20 00 01 00 00 00 00 00 00 00 h..... ......... >> 00 00 00 00 00 00 00 00 00 00 00 00 ff 7f 00 00 ................ >> backtrace: >> [] kmemleak_alloc+0x2c/0x60 >> [] __kmalloc+0x1c3/0x240 >> [] fib_default_rule_add+0x27/0x70 >> [] ip6mr_net_init+0x6f/0x140 >> [] ops_init+0x39/0x110 >> [] setup_net+0x5f/0xf0 >> [] copy_net_ns+0x74/0xf0 >> [] create_new_namespaces+0xd1/0x160 >> [] unshare_nsproxy_namespaces+0x5f/0xa0 >> [] sys_unshare+0x114/0x280 >> [] sysenter_do_call+0x12/0x28 >> [] 0xffffffff > > How is this memory unreferenced? fib_rule_default_add() adds > the allocated object to the ops->rules_list as it's very last > action. Perhaps we miss a synchronize_rcu() here... --- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index 58a4ba2..7b53f4a 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -176,6 +176,7 @@ void fib_rules_unregister(struct fib_rules_ops *ops) spin_unlock(&net->rules_mod_lock); call_rcu(&ops->rcu, fib_rules_put_rcu); + synchronize_rcu(); } EXPORT_SYMBOL_GPL(fib_rules_unregister);