Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp2497675pxf; Sun, 14 Mar 2021 00:30:11 -0800 (PST) X-Google-Smtp-Source: ABdhPJydzcm8Xk0j12vmw+oeQadIiqGse0TOtRPikP+L5XkmebDJXC5wwAg6rgUbAGxiokzh3bOV X-Received: by 2002:a17:906:688:: with SMTP id u8mr17258440ejb.38.1615710611089; Sun, 14 Mar 2021 00:30:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615710611; cv=none; d=google.com; s=arc-20160816; b=yshi2lGzJyOOQnQIc0H83M8UCwD98louLpFjv8J3EFoyBWB85uz4NuVFEkA8dPu37X qAPLhfC27Wy/H1u4OZNDJLKCoyePD18/dAo306DjVK4L4iolxj9deEbWauPofkGU0wWH nU5krxI6OHJLs7B2gnHPYrtUgXyEZIraKWH+MdcICfCFUj2aNV35DAAF87svzPAYBkPN o392vk8dwxiOgG2heNY6q7vwy78Pqd8L+34hCj+xQVr85sKma5+LxSEI/R/e+2Ol+CJZ KEj0z4b+3eSuVQIVh0oaFGLQYO6JOirn6Dp1cLYDhmGTrZdFdXYfysgz7pqE4yKVu3o3 p0aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:date:cc:to:from:subject:message-id:dkim-signature; bh=HEGwvNj8hmctDu6Y38pjXgmnmgSAbCOwl+eKGB6BT7Q=; b=uPX4EKdNT2QirL/xkwRBpdlasTwQHqj7coAShw1ITI4L2YOx1J7p4jAO8LYOrKHbqq ue5fVgcN5dfbPvmF1AIe5r5kD152FmWiEgrqG0K6g5fUErrCXeIzhs+8xRVQSRe0mfhq md5IKzJoAdRd/EoKEuDTxH3UIHuX9YBoCTHiT/sP7WWpPKrFNDCd2bhKk9bmDnn7V7X0 1bZxOb68KikBgCcE6cC/vrVxGBALZhKn+pwMtonXDogZ7SsPvxMwRqU9Iv9ZSnFdyudT OOmehf0D+MIIjluEaavizTWx7ddr1Lr+IxqjzX2o16vmDy4kVbD+47tBmnOPCAuiV8xU WpjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=RdLk0ZGQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t10si8163203ejf.297.2021.03.14.00.29.47; Sun, 14 Mar 2021 00:30:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=RdLk0ZGQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234609AbhCNIXd (ORCPT + 99 others); Sun, 14 Mar 2021 04:23:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60212 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231597AbhCNIXN (ORCPT ); Sun, 14 Mar 2021 04:23:13 -0400 Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 677D1C061574; Sun, 14 Mar 2021 00:23:13 -0800 (PST) Received: by mail-ej1-x62d.google.com with SMTP id c10so61085828ejx.9; Sun, 14 Mar 2021 00:23:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:subject:from:to:cc:date:user-agent:mime-version :content-transfer-encoding; bh=HEGwvNj8hmctDu6Y38pjXgmnmgSAbCOwl+eKGB6BT7Q=; b=RdLk0ZGQksxI2qNvYW7NMxAFT6zQ527v6R5E47ewr9400SYRWWlG3YZATM8d2ftmBG BGt7ax+FT2fm5djbbtMQ2Bd+LwKWNSWHHDwpfwZ5tYnA5InDFT+AzeS+dsPyjEHllYGh nABziG+E2ALGjH00WUh3izIyJDcQ9sDS4i55tbU9yULVKiXHmBXZl+cSsVeoQQst5MzS 0MN//bfodurvqR9CaSAJz3iMtx/IK7fh2OGzpLnZCPtj0IgeqKilV3NrhpTxqwictoWu F2Nk9A6hBPGxIOIgh2soY8j/fYPS9pOs0IxJj+sb14bJOyGWU+D+XsJpoLDBykjr681e /7fA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:user-agent :mime-version:content-transfer-encoding; bh=HEGwvNj8hmctDu6Y38pjXgmnmgSAbCOwl+eKGB6BT7Q=; b=O8Yj4jlUSd6f4QY154xcgEiurCQAYWWb5SpOhbv7iYH+Yt0/WuEJg0D0j0SpzyM94d u+cdtSm3PR5dBfCvgIC9BPmqcgA8j+3mayHceHuPq4TdCcBXkIOaRYicZHyBGCYbgDR2 PGJRrSJ/yyb05ptQN7sTCog51vAOakP+xDC0HIi4LFEChkiW92NrPu2AdVijSMdypJq1 y0E4E+XqbZtMOrukjSIvdB40LBNH4RPnvZdAXN1bEBz5GuwCYYjUqkpzZQo1P6UmBjAJ xPqi+7qm/09CCEVX/TEHZAdm6seS9mPb+1P3QScI0Ew2ijizbkztpcspBDoh0dlJFv+G W0Fg== X-Gm-Message-State: AOAM533s91ayg/dbKbherbQdiYOihw2N4kZ7T1umy0S1BFDxbDkuhHdt iP8F+XwMyoBz+I1ImgcsQHk= X-Received: by 2002:a17:906:1c13:: with SMTP id k19mr17848112ejg.457.1615710192163; Sun, 14 Mar 2021 00:23:12 -0800 (PST) Received: from TRWS9215 ([88.245.22.54]) by smtp.gmail.com with ESMTPSA id gz20sm5516205ejc.25.2021.03.14.00.23.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 14 Mar 2021 00:23:11 -0800 (PST) Message-ID: Subject: [BUG] net: rds: rds_send_probe memory leak From: Fatih Yildirim To: santosh.shilimkar@oracle.com, davem@davemloft.net, kuba@kernel.org Cc: gregkh@linuxfoundation.org, netdev@vger.kernel.org, linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com, linux-kernel@vger.kernel.org Date: Sun, 14 Mar 2021 11:23:10 +0300 Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.30.5-1.1 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Santosh, I've been working on a memory leak bug reported by syzbot. https://syzkaller.appspot.com/bug?id=39b72114839a6dbd66c1d2104522698a813f9ae2 It seems that memory allocated in rds_send_probe function is not freed. Let me share my observations. rds_message is allocated at the beginning of rds_send_probe function. Then it is added to cp_send_queue list of rds_conn_path and refcount is increased by one. Next, in rds_send_xmit function it is moved from cp_send_queue list to cp_retrans list, and again refcount is increased by one. Finally in rds_loop_xmit function refcount is increased by one. So, total refcount is 4. However, rds_message_put is called three times, in rds_send_probe, rds_send_remove_from_sock and rds_send_xmit functions. It seems that one more rds_message_put is needed. Would you please check and share your comments on this issue? Thanks, Fatih