From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.33)
	id 1C6xjz-0007fM-Qs
	for qemu-devel@nongnu.org; Mon, 13 Sep 2004 16:47:59 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.33)
	id 1C6xjy-0007ew-Ok
	for qemu-devel@nongnu.org; Mon, 13 Sep 2004 16:47:59 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.33) id 1C6xjy-0007et-KL
	for qemu-devel@nongnu.org; Mon, 13 Sep 2004 16:47:58 -0400
Received: from [65.19.178.186] (helo=pythonhacker.is-a-geek.net)
	by monty-python.gnu.org with esmtp (Exim 4.34) id 1C6xdM-0006vc-FV
	for qemu-devel@nongnu.org; Mon, 13 Sep 2004 16:41:08 -0400
Subject: Re: [Qemu-devel] memory leak in user mode network stack
From: Darryl Dixon <esrever_otua@pythonhacker.is-a-geek.net>
In-Reply-To: <200409131646.i8DGk1WO020624@tiger2.tools.intra>
References: <200409131646.i8DGk1WO020624@tiger2.tools.intra>
Content-Type: multipart/alternative; boundary="=-WIf7h2n0VOOQ5187Sa7f"
Message-Id: <1095108026.3155.0.camel@unixadmindazfc2.chh.co.nz>
Mime-Version: 1.0
Date: Tue, 14 Sep 2004 08:40:27 +1200
Reply-To: esrever_otua@pythonhacker.is-a-geek.net, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Juergen Keil <jk@tools.de>, qemu-devel@nongnu.org


--=-WIf7h2n0VOOQ5187Sa7f
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

I can verify this behaviour; I have a bug filed on the savannah site.


D


On Tue, 2004-09-14 at 04:46, Juergen Keil wrote:

> Hi,
> 
> apparently there is a qemu memory leak when -user-net is used.  ftp'ing a
> ~500Mbyte file from the host os to the guest os increases memory usage for
> the "qemu -m 256" process from ~280mb to almost 2gb.
> 
> It seems the problem is in slirp/if.c, if_start().  If fetches queued mbuf's,
> sends them, but does not return the mbufs to the free mbuf pool.
> 
> 
> Shouldn't if_start() return mbufs to the free mbuf pool after transmitting
> the data, like this?
> 
> Index: if.c
> ===================================================================
> RCS file: /cvsroot/qemu/qemu/slirp/if.c,v
> retrieving revision 1.1
> diff -u -B -c -8 -r1.1 if.c
> cvs diff: conflicting specifications of output style
> *** if.c        22 Apr 2004 00:10:47 -0000      1.1
> --- if.c        13 Sep 2004 16:29:32 -0000
> ***************
> *** 310,320 ****
> --- 310,322 ----
>                 if (--ifm->ifq_so->so_queued == 0)
>                    /* If there's no more queued, reset nqueued */
>                    ifm->ifq_so->so_nqueued = 0;
>         }
>   
>         /* Encapsulate the packet for sending */
>           if_encap(ifm->m_data, ifm->m_len);
>   
> +       m_free(ifm);
> + 
>         if (if_queued)
>            goto again;
>   }
> 
> 
> 
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel

-- 
Darryl Dixon <esrever_otua@pythonhacker.is-a-geek.net>

--=-WIf7h2n0VOOQ5187Sa7f
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
  <META NAME="GENERATOR" CONTENT="GtkHTML/3.0.10">
</HEAD>
<BODY>
I can verify this behaviour; I have a bug filed on the savannah site.<BR>
<BR>
<BR>
D<BR>
<BR>
<BR>
On Tue, 2004-09-14 at 04:46, Juergen Keil wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE><FONT COLOR="#737373"><I>Hi,

apparently there is a qemu memory leak when -user-net is used.  ftp'ing a
~500Mbyte file from the host os to the guest os increases memory usage for
the &quot;qemu -m 256&quot; process from ~280mb to almost 2gb.

It seems the problem is in slirp/if.c, if_start().  If fetches queued mbuf's,
sends them, but does not return the mbufs to the free mbuf pool.


Shouldn't if_start() return mbufs to the free mbuf pool after transmitting
the data, like this?

Index: if.c
===================================================================
RCS file: /cvsroot/qemu/qemu/slirp/if.c,v
retrieving revision 1.1
diff -u -B -c -8 -r1.1 if.c
cvs diff: conflicting specifications of output style
*** if.c        22 Apr 2004 00:10:47 -0000      1.1
--- if.c        13 Sep 2004 16:29:32 -0000
***************
*** 310,320 ****
--- 310,322 ----
                if (--ifm-&gt;ifq_so-&gt;so_queued == 0)
                   /* If there's no more queued, reset nqueued */
                   ifm-&gt;ifq_so-&gt;so_nqueued = 0;
        }
  
        /* Encapsulate the packet for sending */
          if_encap(ifm-&gt;m_data, ifm-&gt;m_len);
  
+       m_free(ifm);
+ 
        if (if_queued)
           goto again;
  }



_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org</FONT>
<A HREF="http://lists.nongnu.org/mailman/listinfo/qemu-devel"><U>http://lists.nongnu.org/mailman/listinfo/qemu-devel</U></I></A></PRE>
</BLOCKQUOTE>
<PRE><TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
-- <BR>
Darryl Dixon &lt;<A HREF="mailto:esrever_otua@pythonhacker.is-a-geek.net"><U>esrever_otua@pythonhacker.is-a-geek.net</U></A>&gt;
</TD>
</TR>
</TABLE>
</PRE>
</BODY>
</HTML>

--=-WIf7h2n0VOOQ5187Sa7f--