Bug 1419684
Summary: | Using raid target leaks kernel memory | |||
---|---|---|---|---|
Product: | [Community] LVM and device-mapper | Reporter: | Zdenek Kabelac <zkabelac> | |
Component: | device-mapper | Assignee: | Nigel Croxon <ncroxon> | |
Status: | CLOSED UPSTREAM | QA Contact: | cluster-qe <cluster-qe> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 2.02.169 | CC: | agk, heinzm, jbrassow, msnitzer, prajnoha, zkabelac | |
Target Milestone: | --- | Flags: | rule-engine:
lvm-technical-solution?
|
|
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1519577 (view as bug list) | Environment: | ||
Last Closed: | 2017-11-30 23:38:15 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1519577 |
Description
Zdenek Kabelac
2017-02-06 18:27:35 UTC
Actually 'make check_local T=lvcreate-large-raid.sh' is the one which surely triggers problem. The resoning seems to be that bitmap_free() does not free hijacked bitmap pages: "(if (bp[k].map && !bp[k].hijacked) kfree(bp[k].map);" Currrent theory is, that bp[k].hijacked is not being reset properly before the bitmap is being destroyed. Hijackinga bitmap page becomes necessary under low memory conditions _but_ freeing it up on destroy must happen or leak. Instrumented and tested: never hit a bk[k].hijacked -> theory's wrong. Thinking twice, the leaks are being detected on initial bitmap_load() when kzalloc() is called from bitmap_checkpage() referencing the result via an auto ptr variable which can be conditionally used to free the allocation or set the repective slots reference in the bitmap page map array. I don't see where the any leakage is in that code path yet. I believe the bug is related to resize of bitmap whet the content of old bitmap map states were not released. With this patch I get these leak fixd: diff --git a/drivers/md/bitmap.c b/drivers/md/bitmap.c index d2121637b4ab..58ee21027709 100644 --- a/drivers/md/bitmap.c +++ b/drivers/md/bitmap.c @@ -2152,6 +2152,7 @@ int bitmap_resize(struct bitmap *bitmap, sector_t blocks, for (k = 0; k < page; k++) { kfree(new_bp[k].map); } + kfree(new_bp); /* restore some fields from old_counts */ bitmap->counts.bp = old_counts.bp; @@ -2202,6 +2203,14 @@ int bitmap_resize(struct bitmap *bitmap, sector_t blocks, block += old_blocks; } + if (bitmap->counts.bp != old_counts.bp) { + unsigned long k; + for (k = 0; k < old_counts.pages; k++) + if (!old_counts.bp[k].hijacked) + kfree(old_counts.bp[k].map); + kfree(old_counts.bp); + } + if (!init) { int i; while (block < (chunks << chunkshift)) { MD upstream kernel commit 0868b99c214a3d55486c700de7c3f770b7243e7c needs to be backported to rhel7 kernel. |