Bug 224371

Summary: vxlan leaks memory
Product: Base System Reporter: ben
Component: kernAssignee: Andrey V. Elsukov <ae>
Status: Closed FIXED    
Severity: Affects Some People CC: ae, eugen
Priority: --- Keywords: patch
Version: CURRENT   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch none

Description ben 2017-12-15 19:27:13 UTC 
Created attachment 188865 [details]
patch

With learning enabled, vxlan(4) can leak memory by allocating duplicate ftable entries.
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-12-16 14:37:18 UTC 
A commit references this bug:

Author: ae
Date: Sat Dec 16 14:36:21 UTC 2017
New revision: 326898
URL: https://svnweb.freebsd.org/changeset/base/326898

Log:
  Fix possible memory leak.

  vxlan_ftable entries are sorted in ascending order, due to wrong arguments
  order it is possible to stop search before existing element will be found.
  Then new element will be allocated in vxlan_ftable_update_locked() and can
  be inserted in the list second time or trigger MPASS() assertion with
  enabled INVARIANTS.

  PR:		224371
  MFC after:	1 week

Changes:
  head/sys/net/if_vxlan.c
Comment 2 commit-hook freebsd_committer freebsd_triage 2017-12-24 02:06:11 UTC 
A commit references this bug:

Author: ae
Date: Sun Dec 24 02:05:19 UTC 2017
New revision: 327141
URL: https://svnweb.freebsd.org/changeset/base/327141

Log:
  MFC r326898:
    Fix possible memory leak.

    vxlan_ftable entries are sorted in descending order, due to wrong arguments
    order it is possible to stop search before existing element will be found.
    Then new element will be allocated in vxlan_ftable_update_locked() and can
    be inserted in the list second time or trigger MPASS() assertion with
    enabled INVARIANTS.

    PR:		224371

Changes:
_U  stable/11/
  stable/11/sys/net/if_vxlan.c
Comment 3 commit-hook freebsd_committer freebsd_triage 2017-12-24 02:07:14 UTC 
A commit references this bug:

Author: ae
Date: Sun Dec 24 02:06:17 UTC 2017
New revision: 327142
URL: https://svnweb.freebsd.org/changeset/base/327142

Log:
  MFC r326898:
    Fix possible memory leak.

    vxlan_ftable entries are sorted in descending order, due to wrong arguments
    order it is possible to stop search before existing element will be found.
    Then new element will be allocated in vxlan_ftable_update_locked() and can
    be inserted in the list second time or trigger MPASS() assertion with
    enabled INVARIANTS.

    PR:		224371

Changes:
_U  stable/10/
  stable/10/sys/net/if_vxlan.c
Comment 4 Andrey V. Elsukov freebsd_committer freebsd_triage 2017-12-24 02:07:27 UTC 
Fixed in head/, stable/11 and stable/10. Thanks!