From: "Serge E. Hallyn" <serue@us.ibm.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
linux-kernel@vger.kernel.org,
"Eric W. Biederman" <ebiederm@xmission.com>,
Sukadev Bhattiprolu <sukadev@us.ibm.com>,
Oleg Nesterov <oleg@redhat.com>
Subject: Re: Possible memory leak via alloc_pid()
Date: Wed, 29 Jul 2009 19:36:58 -0500 [thread overview]
Message-ID: <20090730003658.GA27040@us.ibm.com> (raw)
In-Reply-To: <20090729170315.f62066c0.akpm@linux-foundation.org>
Quoting Andrew Morton (akpm@linux-foundation.org):
> On Wed, 8 Jul 2009 22:33:31 +0100
> Catalin Marinas <catalin.marinas@arm.com> wrote:
>
> > Hi,
> >
> > There's a kmemleak report of a struct pid allocation in alloc_pid()
> > which somehow gets lost:
> >
> > unreferenced object 0xc307aa00 (size 44):
> > comm "gdm", pid 2734, jiffies 4294902040
> > backtrace:
> > [<c01e721a>] create_object+0xfa/0x250
> > [<c01e73cd>] kmemleak_alloc+0x5d/0x70
> > [<c01e0ad6>] kmem_cache_alloc+0x156/0x1a0
> > [<c01552f9>] alloc_pid+0x19/0x350
> > [<c013e6e0>] copy_process+0x800/0x1230
> > [<c013f17f>] do_fork+0x6f/0x370
> > [<c0101986>] sys_clone+0x36/0x40
> > [<c010319c>] sysenter_do_call+0x12/0x38
> > [<ffffffff>] 0xffffffff
> >
> > This is the gdm fork for starting Xorg (with pid 2739). It first
> > logged me in automatically, after which I logged out and gdm started
> > another Xorg. The pid structure for the first Xorg is reported as a
> > leak. The Xorg with pid 2739 is no longer present on my system.
> >
> > Using gdb vmlinux /proc/kcore shows that the pid->count is 2, so
> > that's why it probably wasn't freed by put_pid():
> >
> > (gdb) print ({struct pid}0xc307aa00)
> > $20 = {count = {counter = 2}, level = 0, tasks = {{first = 0x0}, {
> > first = 0x0}, {first = 0x0}}, rcu = {next = 0xc24bfd64,
> > func = 0xc0154e90 <delayed_put_pid>}, numbers = {{nr = 2739,
> > ns = 0xc0737540, pid_chain = {next = 0x0, pprev = 0x200200}}}}
> >
> > Note that kmemleak is aware of and scans pid_hash (which was recorded
> > in kmemleak as a 16KB object).
> >
>
> Thanks. Let's cc some recent pid fiddlers.
Hi,
thanks for the report. Note that kernel modules can increment those
counds through find_get_pid(). Can you send your kernel .config and
the output of lsmod?
thanks,
-serge
next prev parent reply other threads:[~2009-07-30 0:37 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-08 21:33 Possible memory leak via alloc_pid() Catalin Marinas
2009-07-30 0:03 ` Andrew Morton
2009-07-30 0:36 ` Serge E. Hallyn [this message]
2009-07-30 9:16 ` Catalin Marinas
2009-07-30 21:29 ` Oleg Nesterov
2009-07-31 10:16 ` Catalin Marinas
2009-08-02 21:35 ` Oleg Nesterov
2009-08-03 1:44 ` Eric W. Biederman
2009-08-10 16:55 ` Catalin Marinas
2009-08-10 19:21 ` Eric W. Biederman
2009-09-11 11:35 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090730003658.GA27040@us.ibm.com \
--to=serue@us.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=catalin.marinas@arm.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=sukadev@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox