ipc ns: fix memory leak (idr) (7d6feeb2) · Commits · 戴 / test

We have apparently had a memory leak since "ipc: store ipcs into IDRs" in 2007. The idr of which 3 exist for each ipc namespace is never freed. This patch simply frees them when the ipcns is freed. I don't believe any idr_remove() are done from rcu (and could therefore be delayed until after this idr_destroy()), so the patch should be safe. Some quick testing showed no harm, and the memory leak fixed. Caught by kmemleak. Signed-off-by:

Serge E. Hallyn <serue@us.ibm.com> Signed-off-by:

Andrew Morton <akpm@linux-foundation.org> Signed-off-by:

Linus Torvalds <torvalds@linux-foundation.org>

ipc/msg.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -125,6 +125,7 @@ void msg_init_ns(struct ipc_namespace *ns)
		void msg_exit_ns(struct ipc_namespace *ns)
		{
		free_ipcs(ns, &msg_ids(ns), freeque);
		idr_destroy(&ns->ids[IPC_MSG_IDS].ipcs_idr);
		}
		#endif

ipc/sem.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -129,6 +129,7 @@ void sem_init_ns(struct ipc_namespace *ns)
		void sem_exit_ns(struct ipc_namespace *ns)
		{
		free_ipcs(ns, &sem_ids(ns), freeary);
		idr_destroy(&ns->ids[IPC_SEM_IDS].ipcs_idr);
		}
		#endif

ipc/shm.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -101,6 +101,7 @@ static void do_shm_rmid(struct ipc_namespace ns, struct kern_ipc_perm ipcp)
		void shm_exit_ns(struct ipc_namespace *ns)
		{
		free_ipcs(ns, &shm_ids(ns), do_shm_rmid);
		idr_destroy(&ns->ids[IPC_SHM_IDS].ipcs_idr);
		}
		#endif

Admin message