2.6.10-rc2-mm3-V0.7.31-3 memory leak (was Re: Debugging a memory leak
From: Valdis . Kletnieks
Date: Fri Nov 26 2004 - 21:15:58 EST
On Tue, 23 Nov 2004 15:38:58 PST, Andrew Morton said:
> Valdis.Kletnieks@xxxxxx wrote:
> >
> > Any advice how to shoot this one?
>
> Manfred's slab leak detector:
Ahh, many thanks - that helped quite a bit. I tracked down the problem -
it was in Ingo's VP patch.
sys_ioperm() would allocate an 8K bitmap and save it in ->io_bitmap_ptr.
Then when we hit exit_thread(), Ingo's code would zero the pointer and *then*
pass the freshly-zero'ed pointer to kfree() - which of course did nothing
particularly interesting. My fix was to save a copy of the pointer to
pass to kfree. Am seeing no more leaks.
(Interestingly enough, I'd never have spotted this if it hadn't been for
a gkrellm/i8krellm bug that caused a fork-bomb of 50 or so 'i8kfan' processes
each time it trimmed the fan speed, and each i8kfan leaked an 8K io_bitmap...)
Signed-off-by: Valdis Kletnieks <valdis.kletnieks@xxxxxx>
--- linux-2.6.10-rc2-mm3/arch/i386/kernel/process.c.memleak 2004-11-25 00:25:42.000000000 -0500
+++ linux-2.6.10-rc2-mm3/arch/i386/kernel/process.c 2004-11-25 02:15:09.000000000 -0500
@@ -344,10 +344,11 @@ void exit_thread(void)
if (unlikely(NULL != t->io_bitmap_ptr)) {
int cpu;
struct tss_struct *tss;
+ unsigned long *bitmap_ptr_copy = t->io_bitmap_ptr;
t->io_bitmap_ptr = NULL;
mb();
- kfree(t->io_bitmap_ptr);
+ kfree(bitmap_ptr_copy);
cpu = get_cpu();
tss = &per_cpu(init_tss, cpu);
Attachment:
pgp00000.pgp
Description: PGP signature