* new leaks in bridging code. [not found] <533730f2396e8_1c4bb46874192e@209.249.196.67.mail> @ 2014-03-29 21:01 ` Dave Jones 2014-03-30 2:28 ` Toshiaki Makita 0 siblings, 1 reply; 4+ messages in thread From: Dave Jones @ 2014-03-29 21:01 UTC (permalink / raw) To: netdev; +Cc: makita.toshiaki yesterdays bridging changes introduced leaks in the exit paths.. ** CID 1194948: Resource leak (RESOURCE_LEAK) /net/bridge/br_vlan.c: 196 in br_allowed_ingress() /net/bridge/br_vlan.c: 218 in br_allowed_ingress() /net/bridge/br_vlan.c: 220 in br_allowed_ingress() *** CID 1194948: Resource leak (RESOURCE_LEAK) /net/bridge/br_vlan.c: 196 in br_allowed_ingress() 190 191 /* Frame had a tag with VID 0 or did not have a tag. 192 * See if pvid is set on this port. That tells us which 193 * vlan untagged or priority-tagged traffic belongs to. 194 */ 195 if (pvid == VLAN_N_VID) >>> CID 1194948: Resource leak (RESOURCE_LEAK) >>> Returning without freeing "skb" leaks the storage that it points to. 196 return false; 197 198 /* PVID is set on this port. Any untagged or priority-tagged 199 * ingress frame is considered to belong to this vlan. 200 */ 201 *vid = pvid; /net/bridge/br_vlan.c: 218 in br_allowed_ingress() 212 213 return true; 214 } 215 216 /* Frame had a valid vlan tag. See if vlan is allowed */ 217 if (test_bit(*vid, v->vlan_bitmap)) >>> CID 1194948: Resource leak (RESOURCE_LEAK) >>> Returning without freeing "skb" leaks the storage that it points to. 218 return true; 219 220 return false; 221 } 222 223 /* Called under RCU. */ /net/bridge/br_vlan.c: 220 in br_allowed_ingress() 214 } 215 216 /* Frame had a valid vlan tag. See if vlan is allowed */ 217 if (test_bit(*vid, v->vlan_bitmap)) 218 return true; 219 >>> CID 1194948: Resource leak (RESOURCE_LEAK) >>> Returning without freeing "skb" leaks the storage that it points to. 220 return false; 221 } 222 223 /* Called under RCU. */ 224 bool br_allowed_egress(struct net_bridge *br, 225 const struct net_port_vlans *v, ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: new leaks in bridging code. 2014-03-29 21:01 ` new leaks in bridging code Dave Jones @ 2014-03-30 2:28 ` Toshiaki Makita 2014-03-30 2:47 ` Dave Jones 0 siblings, 1 reply; 4+ messages in thread From: Toshiaki Makita @ 2014-03-30 2:28 UTC (permalink / raw) To: Dave Jones; +Cc: netdev, makita.toshiaki On Sat, 2014-03-29 at 17:01 -0400, Dave Jones wrote: > yesterdays bridging changes introduced leaks in the exit paths.. > The patch has nothing to do with this memory leak. It has existed since br_allowed_ingress was introduced. I'm working on fixing it. http://marc.info/?t=139598775400004&r=1&w=2 Thanks, Toshiaki Makita ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: new leaks in bridging code. 2014-03-30 2:28 ` Toshiaki Makita @ 2014-03-30 2:47 ` Dave Jones 2014-03-31 3:54 ` Toshiaki Makita 0 siblings, 1 reply; 4+ messages in thread From: Dave Jones @ 2014-03-30 2:47 UTC (permalink / raw) To: Toshiaki Makita; +Cc: netdev, makita.toshiaki On Sun, Mar 30, 2014 at 11:28:21AM +0900, Toshiaki Makita wrote: > On Sat, 2014-03-29 at 17:01 -0400, Dave Jones wrote: > > yesterdays bridging changes introduced leaks in the exit paths.. > > > The patch has nothing to do with this memory leak. Good point, the checker only picked up it as 'new' because of the additional call to vlan_untag. > It has existed since br_allowed_ingress was introduced. > I'm working on fixing it. > http://marc.info/?t=139598775400004&r=1&w=2 Great! (I'm behind on email so hadn't seen this thread). Thanks, Dave ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: new leaks in bridging code. 2014-03-30 2:47 ` Dave Jones @ 2014-03-31 3:54 ` Toshiaki Makita 0 siblings, 0 replies; 4+ messages in thread From: Toshiaki Makita @ 2014-03-31 3:54 UTC (permalink / raw) To: Dave Jones, Toshiaki Makita; +Cc: netdev (2014/03/30 11:47), Dave Jones wrote: > On Sun, Mar 30, 2014 at 11:28:21AM +0900, Toshiaki Makita wrote: > > On Sat, 2014-03-29 at 17:01 -0400, Dave Jones wrote: > > > yesterdays bridging changes introduced leaks in the exit paths.. > > > > > The patch has nothing to do with this memory leak. > > Good point, the checker only picked up it as 'new' because of the > additional call to vlan_untag. > > > It has existed since br_allowed_ingress was introduced. > > I'm working on fixing it. > > http://marc.info/?t=139598775400004&r=1&w=2 > > Great! (I'm behind on email so hadn't seen this thread). > Considering more deeply about why your checker claimed that vlan_untag() in br_allowed_ingress() is bad, I got an idea that it should have pointed out not resource leakage but double free of skb. vlan_untag() may free skbs, but we also free skbs in caller side (br_handle_frame_finish()) without updating skb pointers to NULL. I'll also fix this problem. Thanks, Toshiaki Makita ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-03-31 3:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <533730f2396e8_1c4bb46874192e@209.249.196.67.mail>
2014-03-29 21:01 ` new leaks in bridging code Dave Jones
2014-03-30 2:28 ` Toshiaki Makita
2014-03-30 2:47 ` Dave Jones
2014-03-31 3:54 ` Toshiaki Makita
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).