Re: [BUG] 2.6.37-rc5 Memory leak in net/ipv4/udp.c

public inbox for netdev@vger.kernel.org
 help / color / mirror / Atom feed

From: Eric Dumazet <eric.dumazet@gmail.com>
To: "Lothar Waßmann" <LW@KARO-electronics.de>
Cc: netdev@vger.kernel.org
Subject: Re: [BUG] 2.6.37-rc5 Memory leak in net/ipv4/udp.c
Date: Fri, 17 Dec 2010 11:35:16 +0100	[thread overview]
Message-ID: <1292582116.2906.5.camel@edumazet-laptop> (raw)
In-Reply-To: <19723.14557.349975.821418@ipc1.ka-ro>

Le vendredi 17 décembre 2010 à 11:18 +0100, Lothar Waßmann a écrit :
> Hi,
> 
> the kernel memory leak detector spews the message:
> |kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
> cat /sys/kernel/debug/kmemleak
> |unreferenced object 0xc7a1c000 (size 5120):
> |  comm "swapper", pid 1, jiffies 4294937513 (age 2320.120s)
> |  hex dump (first 32 bytes):
> |    aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa  ................
> |    aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa  ................
> |  backtrace:
> |    [<c00112b8>] alloc_large_system_hash+0x188/0x224
> |    [<c001be14>] udp_table_init+0x44/0x180
> |    [<c001bf64>] udp_init+0x14/0x78
> |    [<c001c620>] inet_init+0x138/0x240
> |    [<c0030368>] do_one_initcall+0x58/0x1a8
> |    [<c00083c8>] kernel_init+0x98/0x14c
> |    [<c0037714>] kernel_thread_exit+0x0/0x8
> |    [<ffffffff>] 0xffffffff
> |unreferenced object 0xc7a26000 (size 5120):
> |  comm "swapper", pid 1, jiffies 4294937513 (age 2320.130s)
> |  hex dump (first 32 bytes):
> |    aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa  ................
> |    aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa  ................
> |  backtrace:
> |    [<c00112b8>] alloc_large_system_hash+0x188/0x224
> |    [<c001be14>] udp_table_init+0x44/0x180
> |    [<c001bff0>] udplite4_register+0x10/0x94
> |    [<c001c624>] inet_init+0x13c/0x240
> |    [<c0030368>] do_one_initcall+0x58/0x1a8
> |    [<c00083c8>] kernel_init+0x98/0x14c
> |    [<c0037714>] kernel_thread_exit+0x0/0x8
> |    [<ffffffff>] 0xffffffff
> 
> The offending code in net/ipv4/udp.c is:
> |void __init udp_table_init(struct udp_table *table, const char *name)
> |{
> |	unsigned int i;
> |
> |	if (!CONFIG_BASE_SMALL)
> |		table->hash = alloc_large_system_hash(name,
> |			2 * sizeof(struct udp_hslot),
> |			uhash_entries,
> |			21, /* one slot per 2 MB */
> |			0,
> |			&table->log,
> |			&table->mask,
> |			64 * 1024);
> |	/*
> |	 * Make sure hash table has the minimum size
> |	 */
> |	if (CONFIG_BASE_SMALL || table->mask < UDP_HTABLE_SIZE_MIN - 1) {
> |		table->hash = kmalloc(UDP_HTABLE_SIZE_MIN *
> |				      2 * sizeof(struct udp_hslot), GFP_KERNEL);
> In case of !CONFIG_BASE_SMALL and 'table->mask < UDP_HTABLE_SIZE_MIN - 1)'
> the memory allocated in the previous if clause becomes inacessible!
> 
> Shouldn't this be:
> |	if (!CONFIG_BASE_SMALL && table->mask >= UDP_HTABLE_SIZE_MIN - 1) {
> |		table->hash = alloc_large_system_hash(name,
> |			2 * sizeof(struct udp_hslot),
> |			uhash_entries,
> |			21, /* one slot per 2 MB */
> |			0,
> |			&table->log,
> |			&table->mask,
> |			64 * 1024);
> |	} else {
> |		table->hash = kmalloc(UDP_HTABLE_SIZE_MIN *
> |				      2 * sizeof(struct udp_hslot), GFP_KERNEL);
> [...]
> 
> 
> 
> Lothar Waßmann

Nothing we can do about it, there is no API to reverse the
alloc_large_system_hash() effect. We could call kmemleak api to at least
avoid this false alarm.

We really want a minimum size for the UDP hash table, because our algos
depend on this.

Why on your config alloc_large_system_hash() is allocating 5120 bytes, I
dont know :(

next prev parent reply	other threads:[~2010-12-17 10:35 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-12-17 10:18 [BUG] 2.6.37-rc5 Memory leak in net/ipv4/udp.c Lothar Waßmann
2010-12-17 10:35 ` Eric Dumazet [this message]
2010-12-17 11:11   ` Lothar Waßmann
2010-12-17 11:32     ` Eric Dumazet
2010-12-17 11:47       ` Lothar Waßmann
2010-12-17 11:56         ` Lothar Waßmann
2010-12-17 14:22           ` Eric Dumazet
2010-12-17 14:28             ` Lothar Waßmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1292582116.2906.5.camel@edumazet-laptop \
    --to=eric.dumazet@gmail.com \
    --cc=LW@KARO-electronics.de \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox