Hi,
I'm trying to get kmemleak more robust and with the latest patches (not
pushed yet) it seems to no longer show so many random leaks. However, I
get a lot of leaks reported in the iwlwifi code, about 4800 and they do
not disappear from any subsequent memory scanning (as is usually the
case with false positives). There are a lot of kmalloc's of < 512 bytes
and /proc/slabinfo seems to be in line with this:
kmalloc-512 5440 5481
This happens shortly after booting. Note that if an object is freed,
kmemleak no longer tracks it and therefore no reporting. But in this
case it looks like the iwlwifi code really allocated ~4800 blocks. Is it
normal for this code to keep so many blocks allocated? If yes, it is
probably kmemleak missing some root object in the references tree.
I'm not familiar with this code so any help is greatly appreciated.
The majority of kmemleak traces look like this:
unreferenced object 0xc1be3d40 (size 512):
comm "iwlagn", pid 1571, jiffies 4294903229
backtrace:
[<c01e1f0b>] kmemleak_alloc+0x14b/0x290
[<c01db2e5>] __kmalloc+0x125/0x1e0
[<f95c77ef>] iwl_tx_queue_init+0x3f/0x310 [iwlcore]
[<f95c9276>] iwl_txq_ctx_reset+0x206/0x5a0 [iwlcore]
[<f95c199a>] iwl_hw_nic_init+0xba/0x110 [iwlcore]
[<f9765263>] __iwl_up+0xb3/0x340 [iwlagn]
[<f9765d72>] iwl_bg_up+0x32/0x50 [iwlagn]
[<c0150d7d>] worker_thread+0x1ad/0x2d0
[<c01555dc>] kthread+0x7c/0x90
[<c0103cb7>] kernel_thread_helper+0x7/0x10
[<ffffffff>] 0xffffffff
For a full kmemleak log and dmesg, see:
http://homepage.ntlworld.com/cmarinas/kmemleak-3
http://homepage.ntlworld.com/cmarinas/dmesg-3
Thanks.
--
Catalin
Hi Catalin,
On Thu, 2009-07-02 at 14:32 -0700, Catalin Marinas wrote:
> Hi,
>
> I'm trying to get kmemleak more robust and with the latest patches (not
I just compiled my 2.6.31 kernel with kmemleak but did not yet look into
how it works ... I do see a lot of messages though.
> pushed yet) it seems to no longer show so many random leaks. However, I
> get a lot of leaks reported in the iwlwifi code, about 4800 and they do
> not disappear from any subsequent memory scanning (as is usually the
> case with false positives). There are a lot of kmalloc's of < 512 bytes
> and /proc/slabinfo seems to be in line with this:
>
> kmalloc-512 5440 5481
>
> This happens shortly after booting. Note that if an object is freed,
> kmemleak no longer tracks it and therefore no reporting. But in this
> case it looks like the iwlwifi code really allocated ~4800 blocks. Is it
> normal for this code to keep so many blocks allocated? If yes, it is
> probably kmemleak missing some root object in the references tree.
Yes - this sounds about right. You tested with 5100 hardware which by
default initializes 20 TX queues. For each of these queues it maintains
a 256 buffer array of commands with 356 bytes used for each command.
The 20 * 256 gives me 5120 ... would that explain the ~4800?
Reinette
Hi Reinette,
On Thu, 2009-07-02 at 15:25 -0700, reinette chatre wrote:
> On Thu, 2009-07-02 at 14:32 -0700, Catalin Marinas wrote:
> > I'm trying to get kmemleak more robust and with the latest patches (not
>
> I just compiled my 2.6.31 kernel with kmemleak but did not yet look into
> how it works ... I do see a lot of messages though.
There are some patches in the latest mainline git tree to make it less
verbose and some pending patches in my kmemleak branch (on
git://linux-arm.org/linux-2.6.git).
Basically, it basically tracks all the allocated memory blocks. It scans
starting with the data sections and stacks for pointers to (anywhere
inside of) allocated memory blocks. The blocks found are scanned as well
until it finishes scanning. If a memory block wasn't referred via any
pointer during a scan, it is reported as a suspected leak (you can look
at Documentation/kmemleak.txt).
> > This happens shortly after booting. Note that if an object is freed,
> > kmemleak no longer tracks it and therefore no reporting. But in this
> > case it looks like the iwlwifi code really allocated ~4800 blocks. Is it
> > normal for this code to keep so many blocks allocated? If yes, it is
> > probably kmemleak missing some root object in the references tree.
>
> Yes - this sounds about right. You tested with 5100 hardware which by
> default initializes 20 TX queues. For each of these queues it maintains
> a 256 buffer array of commands with 356 bytes used for each command.
>
> The 20 * 256 gives me 5120 ... would that explain the ~4800?
OK, thanks. It could be a bug in kmemleak but I'll do some more testing
tonight and let you know.
It may be that I missed tracing some kmalloc calls.
Thanks.
--
Catalin
Hi Reinette,
On Thu, 2009-07-02 at 15:25 -0700, reinette chatre wrote:
> On Thu, 2009-07-02 at 14:32 -0700, Catalin Marinas wrote:
> > pushed yet) it seems to no longer show so many random leaks. However, I
> > get a lot of leaks reported in the iwlwifi code, about 4800 and they do
> > not disappear from any subsequent memory scanning (as is usually the
> > case with false positives). There are a lot of kmalloc's of < 512 bytes
> > and /proc/slabinfo seems to be in line with this:
[...]
> Yes - this sounds about right. You tested with 5100 hardware which by
> default initializes 20 TX queues. For each of these queues it maintains
> a 256 buffer array of commands with 356 bytes used for each command.
With the latest kmemleak changes which I pushed to Linus they
disappeared. I missed the kmalloc_large in slub and probably some of the
root objects that keep references to others weren't scanned (maybe the
kzalloc call in wiphy_new was missed as it links to all the bulk of the
reported objects in the iwlwifi code).
Thanks.
--
Catalin