Re: Kernel oops+crash on repeated auditd restarts
On Fri, 2012-04-20 at 23:14 -0300, Marcelo Cerri wrote:
The patch below increments the reference count of a mark when it is
added to the destroy list. It seems to solve the issue and it doesn't
seem to cause any memory leak. Please, can you make some tests in your
environments and let me know if there is any problem with this patch.
That is almost certainly the wrong thing to do. This test program
should show a memory leak with your patch. If it doesn't show a memory
leak then something is screwed up in inotify as well.
#include <errno.h>
#include <unistd.h>
#include <sys/inotify.h>
int main(void)
{
int fd;
int rc;
struct inotify_event event[10];
fd = inotify_init();
if (fd < 0)
return errno;
while(1) {
rc = inotify_add_watch(fd, "/tmp", IN_CLOSE_WRITE);
if (rc < 0)
return errno;
rc = inotify_rm_watch(fd, rc);
if (rc)
return errno;
rc = read(fd, event, sizeof(event));
if (rc < 0)
return errno;
}
return 0;
}
The lifetime of an object is supposed to be from fsnotify_init_mark()
until it's matching reference is dropped in fsnotify_mark_destroy(). It
sounds to me like we are calling put somewhere in the audit code when we
didn't previously call a get....