From: John Fastabend <john.fastabend@gmail.com>
To: John Fastabend <john.fastabend@gmail.com>,
John Fastabend <john.fastabend@gmail.com>,
Kuniyuki Iwashima <kuniyu@amazon.com>,
xrivendell7@gmail.com
Cc: alexander@mihalicyn.com, bpf@vger.kernel.org,
daan.j.demeyer@gmail.com, davem@davemloft.net,
dhowells@redhat.com, edumazet@google.com,
john.fastabend@gmail.com, kuba@kernel.org, kuniyu@amazon.com,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
pabeni@redhat.com
Subject: Re: memory leak in unix_create1/copy_process/security_prepare_creds
Date: Tue, 19 Dec 2023 14:06:07 -0800 [thread overview]
Message-ID: <658213cf198a3_96d8820886@john.notmuch> (raw)
In-Reply-To: <6581fd3754b79_95e63208f@john.notmuch>
John Fastabend wrote:
> John Fastabend wrote:
> > Kuniyuki Iwashima wrote:
> > > From: xingwei lee <xrivendell7@gmail.com>
> > > Date: Tue, 19 Dec 2023 17:12:25 +0800
> > > > Hello I found a bug in net/af_unix in the lastest upstream linux
> > > > 6.7.rc5 and comfired in lastest net/net-next/bpf/bpf-next tree.
> > > > Titled "TITLE: memory leak in unix_create1” and I also upload the
> > > > repro.c and repro.txt.
> > > >
> > > > If you fix this issue, please add the following tag to the commit:
> > > > Reported-by: xingwei Lee <xrivendell7@gmail.com>
> > >
> > > Thanks for reporting!
> > >
> > > It seems 8866730aed510 forgot to add sock_put().
> > > I've confirmed that the diff below silenced kmemleak but will check
> > > more before posting a patch.
> >
> > Did it really silence the memleak?
>
> Yes reverting the patch fixed the issue for me.
The problem is we call proto update twice that bumps the refcnt
when adding a the same element to the map in the same slot. I'll fix
this on sockmap side so we can keep the current af_unix logic. Should
be able to push a fix tomorrow.
We probably never noticed for other socket types because its an
unusal replace to do same sock/same slot, but af_unix has this
side effect of incrementing the refcnt that doesn't exist elsewhere.
Thanks,
John
prev parent reply other threads:[~2023-12-19 22:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-19 9:12 memory leak in unix_create1/copy_process/security_prepare_creds xingwei lee
2023-12-19 15:50 ` Kuniyuki Iwashima
2023-12-19 19:54 ` John Fastabend
2023-12-19 20:29 ` John Fastabend
2023-12-19 22:06 ` John Fastabend [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=658213cf198a3_96d8820886@john.notmuch \
--to=john.fastabend@gmail.com \
--cc=alexander@mihalicyn.com \
--cc=bpf@vger.kernel.org \
--cc=daan.j.demeyer@gmail.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=kuniyu@amazon.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=xrivendell7@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).