Bug 984556
| Summary: | libvirtd leaks memory in virCgroupMoveTask | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Chris Pelland <cpelland> |
| Component: | libvirt | Assignee: | Ján Tomko <jtomko> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 6.4 | CC: | acathrow, ajia, cpelland, cwei, dallan, dyuan, jsvarova, jtomko, pm-eus, xuzhang, ydu, zpeng |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-0.10.2-18.el6_4.10 | Doc Type: | Bug Fix |
| Doc Text: |
Prior to this update, the libvirtd daemon leaked memory in the virCgroupMoveTask() function. A fix has been provided which prevents libvirtd from incorrect management of memory allocations.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-09-19 18:08:01 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 978352 | ||
| Bug Blocks: | |||
|
Description
Chris Pelland
2013-07-15 13:27:57 UTC
Downstream patch posted: http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-July/msg00389.html Verify with libvirt-0.10.2-18.el6_4.10.x86_64, the bug is fixed, no memory leak.
Steps:
1. run libvirtd under valgrind:
valgrind --leak-check=full libvirtd
2. create a domain:
virsh create /dev/stdin <<EOF
<domain type='qemu'>
<name>duck</name>
<memory unit='MiB'>32</memory>
<os>
<type arch='x86_64' machine='pc'>hvm</type>
</os>
</domain>
EOF
Domain duck created from /dev/stdin
3. check the valgrind log:
# valgrind --leak-check=full libvirtd
==3159== Memcheck, a memory error detector
==3159== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==3159== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==3159== Command: libvirtd
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x672D580: __strcasestr_sse42 (in /lib64/libc-2.12.so)
==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x672D584: __strcasestr_sse42 (in /lib64/libc-2.12.so)
==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x672D58C: __strcasestr_sse42 (in /lib64/libc-2.12.so)
==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x34D7C0406D: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x34D7C04076: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Use of uninitialised value of size 8
==3159== at 0x34D7C040A9: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x34D7C040A7: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x34D7C040B7: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Conditional jump or move depends on uninitialised value(s)
==3159== at 0x34D7C040EF: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
==3159== Use of uninitialised value of size 8
==3159== at 0x34D7C040F1: numa_node_size64 (in /usr/lib64/libnuma.so.1)
==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1)
==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so)
==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so)
==3159==
^C==3159==
==3159== HEAP SUMMARY:
==3159== in use at exit: 1,644,245 bytes in 14,169 blocks
==3159== total heap usage: 156,381 allocs, 142,212 frees, 604,531,262 bytes allocated
==3159==
==3159== 48 bytes in 2 blocks are possibly lost in loss record 660 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B4AD: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159==
==3159== 78 bytes in 3 blocks are possibly lost in loss record 742 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4)
==3159== by 0x548EEED: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159==
==3159== 78 bytes in 3 blocks are possibly lost in loss record 743 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4)
==3159== by 0x548EF25: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159==
==3159== 180 bytes in 6 blocks are possibly lost in loss record 917 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B452: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159==
==3159== 864 bytes in 6 blocks are possibly lost in loss record 1,196 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x5487350: nl_object_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B364: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159== by 0x511E32C: ??? (in /usr/lib64/libvirt.so.0.10.2)
==3159==
==3159== 1,200 bytes in 3 blocks are possibly lost in loss record 1,216 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x5487350: nl_object_alloc (in /lib64/libnl.so.1.1.4)
==3159== by 0x548ED37: ??? (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4)
==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4)
==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4)
==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4)
==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0)
==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd)
==3159== by 0x511E32C: ??? (in /usr/lib64/libvirt.so.0.10.2)
==3159==
==3159== 1,840 bytes in 5 blocks are possibly lost in loss record 1,246 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x4011892: _dl_allocate_tls (in /lib64/ld-2.12.so)
==3159== by 0x5FE1068: pthread_create@@GLIBC_2.2.5 (in /lib64/libpthread-2.12.so)
==3159== by 0x5091D80: virThreadCreate (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x50926E3: virThreadPoolNew (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x516EFD9: virNetServerNew (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x423246: ??? (in /usr/sbin/libvirtd)
==3159== by 0x661CCDC: (below main) (in /lib64/libc-2.12.so)
==3159==
==3159== 1,840 bytes in 5 blocks are possibly lost in loss record 1,247 of 1,357
==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467)
==3159== by 0x4011892: _dl_allocate_tls (in /lib64/ld-2.12.so)
==3159== by 0x5FE1068: pthread_create@@GLIBC_2.2.5 (in /lib64/libpthread-2.12.so)
==3159== by 0x5091D80: virThreadCreate (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x50927CA: virThreadPoolNew (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x516EFD9: virNetServerNew (in /usr/lib64/libvirt.so.0.10.2)
==3159== by 0x423246: ??? (in /usr/sbin/libvirtd)
==3159== by 0x661CCDC: (below main) (in /lib64/libc-2.12.so)
==3159==
==3159== LEAK SUMMARY:
==3159== definitely lost: 0 bytes in 0 blocks
==3159== indirectly lost: 0 bytes in 0 blocks
==3159== possibly lost: 6,128 bytes in 33 blocks
==3159== still reachable: 1,638,117 bytes in 14,136 blocks
==3159== suppressed: 0 bytes in 0 blocks
==3159== Reachable blocks (those to which a pointer was found) are not shown.
==3159== To see them, rerun with: --leak-check=full --show-reachable=yes
==3159==
==3159== For counts of detected and suppressed errors, rerun with: -v
==3159== Use --track-origins=yes to see where uninitialised values come from
==3159== ERROR SUMMARY: 53 errors from 18 contexts (suppressed: 31 from 9)
No memory leak, change the status to verify.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-1272.html |