Re: Memory (skb) leak in kernel 4.8-rc2

From: Frederic Dalleau
Date: Sun Aug 21 2016 - 08:10:12 EST


Hi Marcel, Johan,

I am unable to unload module bluetooth to verify that the second
leak is not a false positive; however, the one in btusb is a real
memory leak.

There was a bugzilla last week with that backtrace: https://bugzilla.kernel.org/show_bug.cgi?id=120691

At the time, I was thinking that the leak could originate from one of the req_complete_skb callback, but which one?

And today that the issue has popped again, I found that hci_req_sync_complete references the skb in hdev->req_skb. It is called (via hci_req_run_skb) from either __hci_cmd_sync_ev which will pass the skb to the caller, or __hci_req_sync which leaks.

I have a patch on the grill.

Best Regards,
Frédéric