Date: Sat, 22 Jul 2017 22:38:13 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Daniel Bilik <ddb@neosystem.org> Cc: freebsd-net@freebsd.org Subject: Re: mbuf clusters leak in netinet6 Message-ID: <c66994e1-f58e-3ea0-60f1-f83a19ab80c0@yandex.ru> In-Reply-To: <20170722155157.b29206752f49422e40e58c5d@neosystem.cz> References: <20170721232112.82f6e78b76057312183be937@neosystem.cz> <5dadd0d0-d5ce-3a2c-7ad6-1c0a39a4a0e7@yandex.ru> <20170722155157.b29206752f49422e40e58c5d@neosystem.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
22.07.17 16:51, Daniel Bilik пишет: > On Sat, 22 Jul 2017 12:11:31 +0300 > "Andrey V. Elsukov" <bu7cher@yandex.ru> wrote: > >> Freeing mbuf is under pfil hook responsibility, if it returns nonzero >> value it must call m_freem(). So, it is bug in the ndpacket.c. > > Ah, thanks for clarifying this. It was quite unclear to me, because at > other place I've seen m_freem() is called after non-zero pfil_run_hooks() > result. [1] > > Nevertheless, I've patched and tested ndproxy as you suggested, and it > works fine, with no mbuf leaks. Pull request created. [2] This is because the "drop" label is shared between several places. Usually pfil hook does m_freem() and sets mbuf pointer to NULL. Check ip_output() or ip6_output(), also ipfw's pfil hook implementation: https://svnweb.freebsd.org/base/head/sys/netpfil/ipfw/ip_fw_pfil.c?annotate=308237#l295 -- WBR, Andrey V. Elsukov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c66994e1-f58e-3ea0-60f1-f83a19ab80c0>