OpenVZ Forum: Devel » [PATCH] Fix memory leak in inet

Home » Mailing lists » Devel » [PATCH] Fix memory leak in inet_hashtables.h when NUMA is on

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

[PATCH] Fix memory leak in inet_hashtables.h when NUMA is on [message #23735]

Fri, 23 November 2007 16:13

Pavel Emelianov
Messages: 1149
Registered: September 2006

Senior Member

The inet_ehash_locks_alloc() looks like this:

#ifdef CONFIG_NUMA
	if (size > PAGE_SIZE)
		x = vmalloc(...);
	else
#endif
		x = kmalloc(...);

Unlike it, the inet_ehash_locks_alloc() looks like this:

#ifdef CONFIG_NUMA
	if (size > PAGE_SIZE)
		vfree(x);
	else
#else
		kfree(x);
#endif

The error is obvious - if the NUMA is on and the size
is less than the PAGE_SIZE we leak the pointer (kfree is
inside the #else branch).

Compiler doesn't warn us because after the kfree(x) there's
a "x = NULL" assignment, so here's another (minor?) bug: we 
don't set x to NULL under certain circumstances.

Boring explanation, I know... Patch explains it better.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>

---

diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
index 469216d..37f6cb1 100644
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -186,9 +186,8 @@ static inline void inet_ehash_locks_free(struct inet_hashinfo *hashinfo)
 		if (size > PAGE_SIZE)
 			vfree(hashinfo->ehash_locks);
 		else
-#else
-		kfree(hashinfo->ehash_locks);
 #endif
+		kfree(hashinfo->ehash_locks);
 		hashinfo->ehash_locks = NULL;
 	}
 }

Report message to a moderator

Re: [PATCH] Fix memory leak in inet_hashtables.h when NUMA is on [message #23771 is a reply to message #23735]

Mon, 26 November 2007 12:36

Herbert Xu
Messages: 45
Registered: April 2007

Member

On Fri, Nov 23, 2007 at 07:13:11PM +0300, Pavel Emelyanov wrote:
> The inet_ehash_locks_alloc() looks like this:
> 
> #ifdef CONFIG_NUMA
> 	if (size > PAGE_SIZE)
> 		x = vmalloc(...);
> 	else
> #endif
> 		x = kmalloc(...);
> 
> Unlike it, the inet_ehash_locks_alloc() looks like this:
> 
> #ifdef CONFIG_NUMA
> 	if (size > PAGE_SIZE)
> 		vfree(x);
> 	else
> #else
> 		kfree(x);
> #endif
> 
> The error is obvious - if the NUMA is on and the size
> is less than the PAGE_SIZE we leak the pointer (kfree is
> inside the #else branch).
> 
> Compiler doesn't warn us because after the kfree(x) there's
> a "x = NULL" assignment, so here's another (minor?) bug: we 
> don't set x to NULL under certain circumstances.
> 
> Boring explanation, I know... Patch explains it better.
> 
> Signed-off-by: Pavel Emelyanov <xemul@openvz.org>

Good catch! Applied to net-2.6.  Thanks.
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Report message to a moderator

Previous Topic:	[PATCH net-2.6.25] Make macro to specify the ptype_base size
Next Topic:	[RFC] [PATCH] memory controller background reclamation

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sat Mar 25 10:54:21 GMT 2023

Total time taken to generate the page: 0.00868 seconds