Bug 984556
Summary: | libvirtd leaks memory in virCgroupMoveTask | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Chris Pelland <cpelland> |
Component: | libvirt | Assignee: | Ján Tomko <jtomko> |
Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.4 | CC: | acathrow, ajia, cpelland, cwei, dallan, dyuan, jsvarova, jtomko, pm-eus, xuzhang, ydu, zpeng |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | libvirt-0.10.2-18.el6_4.10 | Doc Type: | Bug Fix |
Doc Text: |
Prior to this update, the libvirtd daemon leaked memory in the virCgroupMoveTask() function. A fix has been provided which prevents libvirtd from incorrect management of memory allocations.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-19 18:08:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 978352 | ||
Bug Blocks: |
Description
Chris Pelland
2013-07-15 13:27:57 UTC
Downstream patch posted: http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-July/msg00389.html Verify with libvirt-0.10.2-18.el6_4.10.x86_64, the bug is fixed, no memory leak. Steps: 1. run libvirtd under valgrind: valgrind --leak-check=full libvirtd 2. create a domain: virsh create /dev/stdin <<EOF <domain type='qemu'> <name>duck</name> <memory unit='MiB'>32</memory> <os> <type arch='x86_64' machine='pc'>hvm</type> </os> </domain> EOF Domain duck created from /dev/stdin 3. check the valgrind log: # valgrind --leak-check=full libvirtd ==3159== Memcheck, a memory error detector ==3159== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. ==3159== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info ==3159== Command: libvirtd ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x672D580: __strcasestr_sse42 (in /lib64/libc-2.12.so) ==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x672D584: __strcasestr_sse42 (in /lib64/libc-2.12.so) ==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x672D58C: __strcasestr_sse42 (in /lib64/libc-2.12.so) ==3159== by 0x34D7C04064: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x34D7C0406D: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x34D7C04076: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Use of uninitialised value of size 8 ==3159== at 0x34D7C040A9: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x34D7C040A7: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x34D7C040B7: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Conditional jump or move depends on uninitialised value(s) ==3159== at 0x34D7C040EF: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ==3159== Use of uninitialised value of size 8 ==3159== at 0x34D7C040F1: numa_node_size64 (in /usr/lib64/libnuma.so.1) ==3159== by 0x34D7C05AA8: ??? (in /usr/lib64/libnuma.so.1) ==3159== by 0x400E544: _dl_init (in /lib64/ld-2.12.so) ==3159== by 0x4000B39: ??? (in /lib64/ld-2.12.so) ==3159== ^C==3159== ==3159== HEAP SUMMARY: ==3159== in use at exit: 1,644,245 bytes in 14,169 blocks ==3159== total heap usage: 156,381 allocs, 142,212 frees, 604,531,262 bytes allocated ==3159== ==3159== 48 bytes in 2 blocks are possibly lost in loss record 660 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B4AD: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== ==3159== 78 bytes in 3 blocks are possibly lost in loss record 742 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4) ==3159== by 0x548EEED: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== ==3159== 78 bytes in 3 blocks are possibly lost in loss record 743 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4) ==3159== by 0x548EF25: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== ==3159== 180 bytes in 6 blocks are possibly lost in loss record 917 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x547FC0E: nl_addr_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x5480357: nl_addr_build (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B452: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== ==3159== 864 bytes in 6 blocks are possibly lost in loss record 1,196 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x5487350: nl_object_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B364: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548B304: rtnl_addr_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE2408442: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== by 0x511E32C: ??? (in /usr/lib64/libvirt.so.0.10.2) ==3159== ==3159== 1,200 bytes in 3 blocks are possibly lost in loss record 1,216 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x5487350: nl_object_alloc (in /lib64/libnl.so.1.1.4) ==3159== by 0x548ED37: ??? (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481B3A: nl_cache_parse (in /lib64/libnl.so.1.1.4) ==3159== by 0x5486641: nl_recvmsgs (in /lib64/libnl.so.1.1.4) ==3159== by 0x5481E95: __cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548207B: nl_cache_pickup (in /lib64/libnl.so.1.1.4) ==3159== by 0x548E144: rtnl_link_alloc_cache (in /lib64/libnl.so.1.1.4) ==3159== by 0x3FE240842A: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x3FE2406F9E: ??? (in /usr/lib64/libnetcf.so.1.4.0) ==3159== by 0x4F22D8: ??? (in /usr/sbin/libvirtd) ==3159== by 0x511E32C: ??? (in /usr/lib64/libvirt.so.0.10.2) ==3159== ==3159== 1,840 bytes in 5 blocks are possibly lost in loss record 1,246 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x4011892: _dl_allocate_tls (in /lib64/ld-2.12.so) ==3159== by 0x5FE1068: pthread_create@@GLIBC_2.2.5 (in /lib64/libpthread-2.12.so) ==3159== by 0x5091D80: virThreadCreate (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x50926E3: virThreadPoolNew (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x516EFD9: virNetServerNew (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x423246: ??? (in /usr/sbin/libvirtd) ==3159== by 0x661CCDC: (below main) (in /lib64/libc-2.12.so) ==3159== ==3159== 1,840 bytes in 5 blocks are possibly lost in loss record 1,247 of 1,357 ==3159== at 0x4C25A28: calloc (vg_replace_malloc.c:467) ==3159== by 0x4011892: _dl_allocate_tls (in /lib64/ld-2.12.so) ==3159== by 0x5FE1068: pthread_create@@GLIBC_2.2.5 (in /lib64/libpthread-2.12.so) ==3159== by 0x5091D80: virThreadCreate (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x50927CA: virThreadPoolNew (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x516EFD9: virNetServerNew (in /usr/lib64/libvirt.so.0.10.2) ==3159== by 0x423246: ??? (in /usr/sbin/libvirtd) ==3159== by 0x661CCDC: (below main) (in /lib64/libc-2.12.so) ==3159== ==3159== LEAK SUMMARY: ==3159== definitely lost: 0 bytes in 0 blocks ==3159== indirectly lost: 0 bytes in 0 blocks ==3159== possibly lost: 6,128 bytes in 33 blocks ==3159== still reachable: 1,638,117 bytes in 14,136 blocks ==3159== suppressed: 0 bytes in 0 blocks ==3159== Reachable blocks (those to which a pointer was found) are not shown. ==3159== To see them, rerun with: --leak-check=full --show-reachable=yes ==3159== ==3159== For counts of detected and suppressed errors, rerun with: -v ==3159== Use --track-origins=yes to see where uninitialised values come from ==3159== ERROR SUMMARY: 53 errors from 18 contexts (suppressed: 31 from 9) No memory leak, change the status to verify. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-1272.html |