2014-06-16 17:49:24

by Nicholas Krause

[permalink] [raw]
Subject: [PATCH] infiniband: Fixes memory leak in send_flowc

Signed-off-by: Nicholas Krause <[email protected]>
---
drivers/infiniband/hw/cxgb4/cm.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/infiniband/hw/cxgb4/cm.c b/drivers/infiniband/hw/cxgb4/cm.c
index 5e153f6..867e664 100644
--- a/drivers/infiniband/hw/cxgb4/cm.c
+++ b/drivers/infiniband/hw/cxgb4/cm.c
@@ -455,8 +455,11 @@ static void send_flowc(struct c4iw_ep *ep, struct sk_buff *skb)
unsigned int flowclen = 80;
struct fw_flowc_wr *flowc;
int i;
-
skb = get_skb(skb, flowclen, GFP_KERNEL);
+ if (!skb) {
+ kfree_skb(skb);
+ return;
+ }
flowc = (struct fw_flowc_wr *)__skb_put(skb, flowclen);

flowc->op_to_nparams = cpu_to_be32(FW_WR_OP(FW_FLOWC_WR) |
--
1.9.1


2014-06-16 18:18:23

by Steve Wise

[permalink] [raw]
Subject: Re: [PATCH] infiniband: Fixes memory leak in send_flowc

On 6/16/2014 12:49 PM, Nicholas Krause wrote:
> Signed-off-by: Nicholas Krause <[email protected]>
> ---
> drivers/infiniband/hw/cxgb4/cm.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/infiniband/hw/cxgb4/cm.c b/drivers/infiniband/hw/cxgb4/cm.c
> index 5e153f6..867e664 100644
> --- a/drivers/infiniband/hw/cxgb4/cm.c
> +++ b/drivers/infiniband/hw/cxgb4/cm.c
> @@ -455,8 +455,11 @@ static void send_flowc(struct c4iw_ep *ep, struct sk_buff *skb)
> unsigned int flowclen = 80;
> struct fw_flowc_wr *flowc;
> int i;
> -

Please add back the above blank line.

> skb = get_skb(skb, flowclen, GFP_KERNEL);
> + if (!skb) {
> + kfree_skb(skb);

Let's do a pr_warn() here;

pr_warn(MOD "%s failed to allocate skb.\n", __func__);


> + return;
> + }
> flowc = (struct fw_flowc_wr *)__skb_put(skb, flowclen);
>
> flowc->op_to_nparams = cpu_to_be32(FW_WR_OP(FW_FLOWC_WR) |

2014-06-16 23:44:09

by David Rientjes

[permalink] [raw]
Subject: Re: [PATCH] infiniband: Fixes memory leak in send_flowc

On Mon, 16 Jun 2014, Steve Wise wrote:

> On 6/16/2014 12:49 PM, Nicholas Krause wrote:
> > Signed-off-by: Nicholas Krause <[email protected]>
> > ---
> > drivers/infiniband/hw/cxgb4/cm.c | 5 ++++-
> > 1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/infiniband/hw/cxgb4/cm.c
> > b/drivers/infiniband/hw/cxgb4/cm.c
> > index 5e153f6..867e664 100644
> > --- a/drivers/infiniband/hw/cxgb4/cm.c
> > +++ b/drivers/infiniband/hw/cxgb4/cm.c
> > @@ -455,8 +455,11 @@ static void send_flowc(struct c4iw_ep *ep, struct
> > sk_buff *skb)
> > unsigned int flowclen = 80;
> > struct fw_flowc_wr *flowc;
> > int i;
> > -
>
> Please add back the above blank line.
>
> > skb = get_skb(skb, flowclen, GFP_KERNEL);
> > + if (!skb) {
> > + kfree_skb(skb);
>
> Let's do a pr_warn() here;
>
> pr_warn(MOD "%s failed to allocate skb.\n", __func__);
>

No need, if the allocation from skbuff_head_cache fails in the slab
allocator, the page allocator will loop forever for orders less than
PAGE_ALLOC_COSTLY_ORDER or spew a page allocation failure warning with a
stack trace that indicated the high order page allocation failed in this
path.

>
> > + return;
> > + }
> > flowc = (struct fw_flowc_wr *)__skb_put(skb, flowclen);
> > flowc->op_to_nparams = cpu_to_be32(FW_WR_OP(FW_FLOWC_WR) |

2014-06-17 00:09:32

by David Rientjes

[permalink] [raw]
Subject: Re: [PATCH] infiniband: Fixes memory leak in send_flowc

On Mon, 16 Jun 2014, Nick Krause wrote:

> If that is the case ,David I would mark bug id 44631 as closed due to no
> need for my if statement.

You don't want to depend on the implementation of the page allocator to
never return NULL for orders < PAGE_ALLOC_COSTLY_ORDER with GFP_KERNEL, it
could possibly change in the future and we wouldn't catch your dependency
in send_flowc(). The size object size of the skbuff_head_cache slab cache
could also change. You don't need the suggested pr_warn(), though, since
the page allocation failure warning would also be noisy enough.

2014-06-17 00:37:00

by David Rientjes

[permalink] [raw]
Subject: Re: [PATCH] infiniband: Fixes memory leak in send_flowc

On Mon, 16 Jun 2014, Nick Krause wrote:

> That's true David,
> I will resend this parch without the use of the pr_warn.

There's no patch to resend if you don't use pr_warn(). kfree_skb(skb) is
unnecessary if !skb, look at the first thing it checks:

void kfree_skb(struct sk_buff *skb)
{
if (unlikely(!skb))
return;
...
}

Thus, I don't see the memory leak you're referring to.

2014-06-17 14:00:19

by Steve Wise

[permalink] [raw]
Subject: RE: [PATCH] infiniband: Fixes memory leak in send_flowc



> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On
> Behalf Of David Rientjes
> Sent: Monday, June 16, 2014 7:37 PM
> To: Nick Krause
> Cc: Steve Wise; [email protected]; [email protected]; [email protected];
> [email protected]; [email protected]; [email protected]
> Subject: Re: [PATCH] infiniband: Fixes memory leak in send_flowc
>
> On Mon, 16 Jun 2014, Nick Krause wrote:
>
> > That's true David,
> > I will resend this parch without the use of the pr_warn.
>
> There's no patch to resend if you don't use pr_warn(). kfree_skb(skb) is
> unnecessary if !skb, look at the first thing it checks:
>
> void kfree_skb(struct sk_buff *skb)
> {
> if (unlikely(!skb))
> return;
> ...
> }
>
> Thus, I don't see the memory leak you're referring to.

send_flowc() still needs to handle a NULL return from get_skb(). That is what the bug
report is addressing...

Steve.