[PATCH net-next] netlink: don't forget to release a rhashtable

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH net-next] netlink: don't forget to release a rhashtable_iter structure
@ 2016-09-06 18:23 Andrei Vagin
  2016-09-07  0:41 ` David Miller
  0 siblings, 1 reply; 6+ messages in thread
From: Andrei Vagin @ 2016-09-06 18:23 UTC (permalink / raw)
  To: netdev; +Cc: David S. Miller, Andrei Vagin, Herbert Xu

This bug was detected by kmemleak:
unreferenced object 0xffff8804269cc3c0 (size 64):
  comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
  hex dump (first 32 bytes):
    a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
    00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
  backtrace:
    [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
    [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
    [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
Signed-off-by: Andrei Vagin <avagin@openvz.org>
---
 net/netlink/diag.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/netlink/diag.c b/net/netlink/diag.c
index 3e3e253..951670c 100644
--- a/net/netlink/diag.c
+++ b/net/netlink/diag.c
@@ -127,6 +127,7 @@ stop:
 		goto done;
 
 	rhashtable_walk_exit(hti);
+	kfree(hti);
 	cb->args[2] = 0;
 	num++;
 
-- 
2.5.5

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH net-next] netlink: don't forget to release a rhashtable_iter structure
  2016-09-06 18:23 [PATCH net-next] netlink: don't forget to release a rhashtable_iter structure Andrei Vagin
@ 2016-09-07  0:41 ` David Miller
  2016-09-07  4:28   ` Andrei Vagin
  2016-09-07  4:31   ` [PATCH net-next v2] " Andrei Vagin
  0 siblings, 2 replies; 6+ messages in thread
From: David Miller @ 2016-09-07  0:41 UTC (permalink / raw)
  To: avagin; +Cc: netdev, herbert

From: Andrei Vagin <avagin@openvz.org>
Date: Tue,  6 Sep 2016 11:23:39 -0700

> This bug was detected by kmemleak:
> unreferenced object 0xffff8804269cc3c0 (size 64):
>   comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
>   hex dump (first 32 bytes):
>     a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
>     00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
>   backtrace:
>     [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
>     [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
>     [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]
> 
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
> Signed-off-by: Andrei Vagin <avagin@openvz.org>

Hmmm, why isn't this handled by netlink_diag_dump_done()?

It seems like the intent is to have the hashtable iter be cached
across multiple __netlink_diag_dump() calls within a single
netlink_diag_dump invocation.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH net-next] netlink: don't forget to release a rhashtable_iter structure
  2016-09-07  0:41 ` David Miller
@ 2016-09-07  4:28   ` Andrei Vagin
  2016-09-07  4:31   ` [PATCH net-next v2] " Andrei Vagin
  1 sibling, 0 replies; 6+ messages in thread
From: Andrei Vagin @ 2016-09-07  4:28 UTC (permalink / raw)
  To: David Miller; +Cc: avagin, netdev, herbert

On Tue, Sep 06, 2016 at 05:41:37PM -0700, David Miller wrote:
> From: Andrei Vagin <avagin@openvz.org>
> Date: Tue,  6 Sep 2016 11:23:39 -0700
> 
> > This bug was detected by kmemleak:
> > unreferenced object 0xffff8804269cc3c0 (size 64):
> >   comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
> >   hex dump (first 32 bytes):
> >     a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
> >     00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
> >   backtrace:
> >     [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
> >     [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
> >     [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]
> > 
> > Cc: Herbert Xu <herbert@gondor.apana.org.au>
> > Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
> > Signed-off-by: Andrei Vagin <avagin@openvz.org>
> 
> Hmmm, why isn't this handled by netlink_diag_dump_done()?
> 
> It seems like the intent is to have the hashtable iter be cached
> across multiple __netlink_diag_dump() calls within a single
> netlink_diag_dump invocation.

I read the code again and I think you are right. I didn't get the
idea at the first time.

Thanks,
Andrei

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH net-next v2] netlink: don't forget to release a rhashtable_iter structure
  2016-09-07  0:41 ` David Miller
  2016-09-07  4:28   ` Andrei Vagin
@ 2016-09-07  4:31   ` Andrei Vagin
  2016-09-07  4:55     ` Herbert Xu
  2016-09-08  0:29     ` David Miller
  1 sibling, 2 replies; 6+ messages in thread
From: Andrei Vagin @ 2016-09-07  4:31 UTC (permalink / raw)
  To: netdev; +Cc: David S. Miller, Andrei Vagin, Herbert Xu

This bug was detected by kmemleak:
unreferenced object 0xffff8804269cc3c0 (size 64):
  comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
  hex dump (first 32 bytes):
    a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
    00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
  backtrace:
    [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
    [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
    [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]

v2: don't remove a reference on a rhashtable_iter structure to
    release it from netlink_diag_dump_done

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
Signed-off-by: Andrei Vagin <avagin@openvz.org>
---
 net/netlink/diag.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/net/netlink/diag.c b/net/netlink/diag.c
index 3e3e253..b2f0e98 100644
--- a/net/netlink/diag.c
+++ b/net/netlink/diag.c
@@ -127,7 +127,6 @@ stop:
 		goto done;
 
 	rhashtable_walk_exit(hti);
-	cb->args[2] = 0;
 	num++;
 
 mc_list:
-- 
2.5.5

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH net-next v2] netlink: don't forget to release a rhashtable_iter structure
  2016-09-07  4:31   ` [PATCH net-next v2] " Andrei Vagin
@ 2016-09-07  4:55     ` Herbert Xu
  2016-09-08  0:29     ` David Miller
  1 sibling, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2016-09-07  4:55 UTC (permalink / raw)
  To: Andrei Vagin; +Cc: netdev, David S. Miller

On Tue, Sep 06, 2016 at 09:31:17PM -0700, Andrei Vagin wrote:
> This bug was detected by kmemleak:
> unreferenced object 0xffff8804269cc3c0 (size 64):
>   comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
>   hex dump (first 32 bytes):
>     a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
>     00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
>   backtrace:
>     [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
>     [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
>     [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]
> 
> v2: don't remove a reference on a rhashtable_iter structure to
>     release it from netlink_diag_dump_done
> 
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
> Signed-off-by: Andrei Vagin <avagin@openvz.org>

Acked-by: Herbert Xu <herbert@gondor.apana.org.au>

Thanks for catching this!
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH net-next v2] netlink: don't forget to release a rhashtable_iter structure
  2016-09-07  4:31   ` [PATCH net-next v2] " Andrei Vagin
  2016-09-07  4:55     ` Herbert Xu
@ 2016-09-08  0:29     ` David Miller
  1 sibling, 0 replies; 6+ messages in thread
From: David Miller @ 2016-09-08  0:29 UTC (permalink / raw)
  To: avagin; +Cc: netdev, herbert

From: Andrei Vagin <avagin@openvz.org>
Date: Tue,  6 Sep 2016 21:31:17 -0700

> This bug was detected by kmemleak:
> unreferenced object 0xffff8804269cc3c0 (size 64):
>   comm "criu", pid 1042, jiffies 4294907360 (age 13.713s)
>   hex dump (first 32 bytes):
>     a0 32 cc 2c 04 88 ff ff 00 00 00 00 00 00 00 00  .2.,............
>     00 01 00 00 00 00 ad de 00 02 00 00 00 00 ad de  ................
>   backtrace:
>     [<ffffffff8184dffa>] kmemleak_alloc+0x4a/0xa0
>     [<ffffffff8124720f>] kmem_cache_alloc_trace+0x10f/0x280
>     [<ffffffffa02864cc>] __netlink_diag_dump+0x26c/0x290 [netlink_diag]
> 
> v2: don't remove a reference on a rhashtable_iter structure to
>     release it from netlink_diag_dump_done
> 
> Cc: Herbert Xu <herbert@gondor.apana.org.au>
> Fixes: ad202074320c ("netlink: Use rhashtable walk interface in diag dump")
> Signed-off-by: Andrei Vagin <avagin@openvz.org>

Applied, thanks.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2016-09-08  0:29 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-06 18:23 [PATCH net-next] netlink: don't forget to release a rhashtable_iter structure Andrei Vagin
2016-09-07  0:41 ` David Miller
2016-09-07  4:28   ` Andrei Vagin
2016-09-07  4:31   ` [PATCH net-next v2] " Andrei Vagin
2016-09-07  4:55     ` Herbert Xu
2016-09-08  0:29     ` David Miller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.