Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4950466pxj; Tue, 22 Jun 2021 11:31:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxZX0d5zHjKe16G4tZKnDb7fdNGWVpbBbGQXLBfpeox3JB0VLmFfxmL0trEqf5LMkJwzKIf X-Received: by 2002:a05:6402:290b:: with SMTP id ee11mr6875308edb.325.1624386713693; Tue, 22 Jun 2021 11:31:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624386713; cv=none; d=google.com; s=arc-20160816; b=CVFARK1kcgmPHV72qBhZra9UFJkFyhbd2Z6Fq2mPJnSOqRmubzaedG7rCFAnGp9ADT P8ozu5Ay0A7lGGbTg/eu/13OuHDYoa1DX7eiwj6z/q8lhCb/tr/iBfUk0WFE6IBfELgY gwC/nxG60CCsp/5u0N4tT4Lsrjz+DgWDxYvFj8CouiDf03Ymz53+qOO7fiFpjctUzm6k v9IamRf08qrymzqRMgVTeTmBLxxJPQXWhQr23wEVCiLQ6AH2dVtfoOvCEFvAu2lHZgPE abndGmxdi5Kvq7gp2k4PvwoLmM9NYQNXa0sq9cOzP3HjnbpKRDDD+R6bAmQEpA5Pw0Nx rZ8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=6JFgiOQERZSIy0aWNl2Nl9CVI7uX5ANotzhjU2/vxGw=; b=s1/UirLODutzmJSHnTRRewwMlcMSVRqZdJ3yOW65bxlVE0Bt2N4rBx1uUVDqk797YE M2d69eWFvUkZK8nXdeNnya06JkU+0mQ0S+a8KZlX/iMixbwMjlF+0G/JkweHu1n9JcQD DMFICQt7VB11ER+KF/xa+UqjFgtlwHKmH5+xM7Hd0OAF4o9yG3Nk0jcDKYe3D+q+346X X3jK5Myzl3Ytza7DTt37vz2AVNkvnmt05fdVP5k8DDClABHoFHYXSPf85Fl8/Bp/QyZH 5aL+VmCHfCv3gsKVX7e3rq96c6qN9HAPJd5K8t/ZvUmwVObpuGolpOxewHOcCGDGZiAW pO3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jIbmPpEh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a13si17668239edx.298.2021.06.22.11.31.30; Tue, 22 Jun 2021 11:31:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=jIbmPpEh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232487AbhFVScP (ORCPT + 99 others); Tue, 22 Jun 2021 14:32:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44910 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231297AbhFVScO (ORCPT ); Tue, 22 Jun 2021 14:32:14 -0400 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2526C061574; Tue, 22 Jun 2021 11:29:57 -0700 (PDT) Received: by mail-wr1-x435.google.com with SMTP id n7so24796054wri.3; Tue, 22 Jun 2021 11:29:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6JFgiOQERZSIy0aWNl2Nl9CVI7uX5ANotzhjU2/vxGw=; b=jIbmPpEhJU74qAsdco+GdmvRW7QJEL+iz1azILolEbS/x6/m088dbH2Nhzl5jhr/uv etvI7XLpDyh+bk/6gXuIHY0qMATunpX6fjQ3NrttjO4u+HbNcinf7bkJCQxK8sTSc08K EoD9Afn5HGSgn+Bsc3DifuEAeAh+2YmhjR3IlZwggW4YcAmA9YQCwSPGdwxp3nKxdqb0 AQpC8x/zK57rBdJwxzz/0ypiXYBTz0TsUo7L7khGcxjucRoKlrGGs87Kw19J6/FIvrnb 9tkX8QHrq7pPq5oeKCHiUkpSBUye9lJpHvG33iEiCVYT4O+Za7+fJOl62iM2ikc3EotX D6bA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6JFgiOQERZSIy0aWNl2Nl9CVI7uX5ANotzhjU2/vxGw=; b=paUN1JQgOkHGrH9gDnIUcxdCdJIaPHCWjHPN8cbpST/fJn+Pl3QXWs5JbHWfqw9Q4y YJKdbm9XJRdYL9daGjL40gDjL0OKGCM7wy7WJxbQv8BRY3yP7jUDO1P5DZbZYebJwUtX U7TdNhftsMtWUAwuQMIjxsjTOGzDgzUrzPsSuVa4AkEe4ABcatLyUfcq3aMIwr2Be7Oo sNo4yEFPzxxM2BbvXHtaU7LoM16F2b1FdFbiBCCGHiX3RT53U9tha6+t2TxGNM55GNGk ZD9TdOfR7LsZ6PKfvC/rH/ZVepJ9Al2mMTk8OE7D9uiikpmzzrks46aq7I903qqCbdxT gQaA== X-Gm-Message-State: AOAM533ylD3ZWMDCcWKBXeRCfsj8tA+FLNxXA2+unrJypPuVJKcAu6ZP CcVpOKNrcDBw4yI+YFYbt5Oil6kUQFTkCGkUXMY= X-Received: by 2002:a5d:5741:: with SMTP id q1mr2127032wrw.65.1624386596637; Tue, 22 Jun 2021 11:29:56 -0700 (PDT) MIME-Version: 1.0 References: <20210616020901.2759466-1-mudongliangabcd@gmail.com> In-Reply-To: <20210616020901.2759466-1-mudongliangabcd@gmail.com> From: Alexander Aring Date: Tue, 22 Jun 2021 14:29:45 -0400 Message-ID: Subject: Re: [PATCH v2] ieee802154: hwsim: Fix memory leak in hwsim_add_one To: Dongliang Mu Cc: Stefan Schmidt , "David S. Miller" , Jakub Kicinski , linux-wpan - ML , kernel list , "open list:NETWORKING [GENERAL]" , syzbot+b80c9959009a9325cdff@syzkaller.appspotmail.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Tue, 15 Jun 2021 at 22:09, Dongliang Mu wrote: > > No matter from hwsim_remove or hwsim_del_radio_nl, hwsim_del fails to > remove the entry in the edges list. Take the example below, phy0, phy1 > and e0 will be deleted, resulting in e1 not freed and accessed in the > future. > > hwsim_phys > | > ------------------------------ > | | > phy0 (edges) phy1 (edges) > ----> e1 (idx = 1) ----> e0 (idx = 0) > > Fix this by deleting and freeing all the entries in the edges list > between hwsim_edge_unsubscribe_me and list_del(&phy->list). > > Reported-by: syzbot+b80c9959009a9325cdff@syzkaller.appspotmail.com > Fixes: 1c9f4a3fce77 ("ieee802154: hwsim: fix rcu handling") > Signed-off-by: Dongliang Mu Acked-by: Alexander Aring Thanks!