Memory leak on UBI volume truncating

Submitter	Artem Bityutskiy
Date	Jan. 17, 2010, 10:43 a.m.
Message ID	<1263724992.8276.140.camel@localhost.localdomain>
Download	mbox \| patch
Permalink	/patch/43021/
State	New
Headers	show Return-Path: <linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:reply-to:to:cc:in-reply-to:references:content-type :date:message-id:mime-version:x-mailer:content-transfer-encoding; b=r/2lfUDQL+iuRBVtmh0DD/TCxRWsiuQ9o2xnf96vQ15QE9QO2d/zo0geIj6BZw0/rC iP3pCW5N72MEj9nsqJODasKNPTgynhTFl5BTY1SoMgGBuJ7wIDI0Dk+xuDVHcEO9J6S6 qIaVY3OFS5cfB8JHAz7ehZhrehDhENfGHTeQI= Subject: Re: Memory leak on UBI volume truncating From: Artem Bityutskiy <dedekind1@gmail.com> To: Marek Skuczynski <mareksk7@gmail.com> In-Reply-To: <1263724633.8276.135.camel@localhost.localdomain> References: <a328840c1001130628h4bb0f03auad84dd1564fc08a7@mail.gmail.com> <1263724633.8276.135.camel@localhost.localdomain> Date: Sun, 17 Jan 2010 12:43:12 +0200 Message-Id: <1263724992.8276.140.camel@localhost.localdomain> Mime-Version: 1.0 summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- _SUMMARY_ Cc: linux-mtd@lists.infradead.org Precedence: list Reply-To: dedekind1@gmail.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: linux-mtd-bounces@lists.infradead.org Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Comments

Artem Bityutskiy - Jan. 17, 2010, 10:43 a.m.

On Sun, 2010-01-17 at 12:37 +0200, Artem Bityutskiy wrote:
> Hi,
> 
> On Wed, 2010-01-13 at 15:28 +0100, Marek Skuczynski wrote:
> > Hello,
> >   I have prepare a simple volume update stress test (see test code below).
> >   This test has been run for kernel 2.6.23 with some updates from 2.6.28,
> >   and always after a few minutes the OOM killer was launched.
> > 
> >   What i found it that each an UBI volume truncate operation with
> > ubiupdatevol tool
> >   causes memory leak. I think this happens because:
> > 
> >   - ubi_start_update()  param "bytes" is equal 0
> > 
> >   - vol->updating flag is re-set to 0
> > 
> >   - vol->upd_buf is allocated regardless of vol->updating flag,
> >      but not released on device close by vol_cdev_release()
> > 
> >   I never run the test on a newer kernel version, so I cannot confirm
> > that this problem still exists.
> > 
> >   Please confirm, whether my findings are correct or not, thanks.
> 
> thanks for this finding. Looks like your analysis is right. Does this
> simple patch help?

Actually this even simpler patch should fix the issue. Could you please
test it and let me know if it helps.

Marek Skuczynski - Jan. 18, 2010, 8:36 a.m.

Hello Artem,
> On Sun, Jan 17, 2010 at 11:43 AM, Artem Bityutskiy <dedekind1@gmail.com> wrote:
>> On Sun, 2010-01-17 at 12:37 +0200, Artem Bityutskiy wrote:
>>> Hi,
>>>
>>> On Wed, 2010-01-13 at 15:28 +0100, Marek Skuczynski wrote:
>>> > Hello,
>>> >   I have prepare a simple volume update stress test (see test code below).
>>> >   This test has been run for kernel 2.6.23 with some updates from 2.6.28,
>>> >   and always after a few minutes the OOM killer was launched.
>>> >
>>> >   What i found it that each an UBI volume truncate operation with
>>> > ubiupdatevol tool
>>> >   causes memory leak. I think this happens because:
>>> >
>>> >   - ubi_start_update()  param "bytes" is equal 0
>>> >
>>> >   - vol->updating flag is re-set to 0
>>> >
>>> >   - vol->upd_buf is allocated regardless of vol->updating flag,
>>> >      but not released on device close by vol_cdev_release()
>>> >
>>> >   I never run the test on a newer kernel version, so I cannot confirm
>>> > that this problem still exists.
>>> >
>>> >   Please confirm, whether my findings are correct or not, thanks.
>>>
>>> thanks for this finding. Looks like your analysis is right. Does this
>>> simple patch help?
>>
>> Actually this even simpler patch should fix the issue. Could you please
>> test it and let me know if it helps.
>>
>> diff --git a/drivers/mtd/ubi/upd.c b/drivers/mtd/ubi/upd.c
>> index c1d7b88..425bf5a 100644
>> --- a/drivers/mtd/ubi/upd.c
>> +++ b/drivers/mtd/ubi/upd.c
>> @@ -155,6 +155,7 @@ int ubi_start_update(struct ubi_device *ubi, struct ubi_volume *vol,
>>                if (err)
>>                        return err;
>>                vol->updating = 0;
>> +               return 0;
>>        }
>>
>>        vol->upd_buf = vmalloc(ubi->leb_size);
>>
>> --

Thanks for you reply. It seems the fix solve the issue.

Regards,
 Marek

Artem Bityutskiy - Jan. 18, 2010, 10:03 a.m.

On Mon, 2010-01-18 at 09:36 +0100, Marek Skuczynski wrote:
> Hello Artem,
> > On Sun, Jan 17, 2010 at 11:43 AM, Artem Bityutskiy <dedekind1@gmail.com> wrote:
> >> On Sun, 2010-01-17 at 12:37 +0200, Artem Bityutskiy wrote:
> >>> Hi,
> >>>
> >>> On Wed, 2010-01-13 at 15:28 +0100, Marek Skuczynski wrote:
> >>> > Hello,
> >>> >   I have prepare a simple volume update stress test (see test code below).
> >>> >   This test has been run for kernel 2.6.23 with some updates from 2.6.28,
> >>> >   and always after a few minutes the OOM killer was launched.
> >>> >
> >>> >   What i found it that each an UBI volume truncate operation with
> >>> > ubiupdatevol tool
> >>> >   causes memory leak. I think this happens because:
> >>> >
> >>> >   - ubi_start_update()  param "bytes" is equal 0
> >>> >
> >>> >   - vol->updating flag is re-set to 0
> >>> >
> >>> >   - vol->upd_buf is allocated regardless of vol->updating flag,
> >>> >      but not released on device close by vol_cdev_release()
> >>> >
> >>> >   I never run the test on a newer kernel version, so I cannot confirm
> >>> > that this problem still exists.
> >>> >
> >>> >   Please confirm, whether my findings are correct or not, thanks.
> >>>
> >>> thanks for this finding. Looks like your analysis is right. Does this
> >>> simple patch help?
> >>
> >> Actually this even simpler patch should fix the issue. Could you please
> >> test it and let me know if it helps.
> >>
> >> diff --git a/drivers/mtd/ubi/upd.c b/drivers/mtd/ubi/upd.c
> >> index c1d7b88..425bf5a 100644
> >> --- a/drivers/mtd/ubi/upd.c
> >> +++ b/drivers/mtd/ubi/upd.c
> >> @@ -155,6 +155,7 @@ int ubi_start_update(struct ubi_device *ubi, struct ubi_volume *vol,
> >>                if (err)
> >>                        return err;
> >>                vol->updating = 0;
> >> +               return 0;
> >>        }
> >>
> >>        vol->upd_buf = vmalloc(ubi->leb_size);
> >>
> >> --
> 
> Thanks for you reply. It seems the fix solve the issue.

Cool. I'll push the fix and also send it to -stable a bit later. Thanks
for catching this.

Artem Bityutskiy - Jan. 28, 2010, 3:07 p.m.

On Mon, 2010-01-18 at 09:36 +0100, Marek Skuczynski wrote:
> >> diff --git a/drivers/mtd/ubi/upd.c b/drivers/mtd/ubi/upd.c
> >> index c1d7b88..425bf5a 100644
> >> --- a/drivers/mtd/ubi/upd.c
> >> +++ b/drivers/mtd/ubi/upd.c
> >> @@ -155,6 +155,7 @@ int ubi_start_update(struct ubi_device *ubi, struct ubi_volume *vol,
> >>                if (err)
> >>                        return err;
> >>                vol->updating = 0;
> >> +               return 0;
> >>        }
> >>
> >>        vol->upd_buf = vmalloc(ubi->leb_size);
> >>
> >> --
> 
> Thanks for you reply. It seems the fix solve the issue.

FYI, the fix is merged to the Linus's tree.

Thanks.

Patch

diff --git a/drivers/mtd/ubi/upd.c b/drivers/mtd/ubi/upd.c
index c1d7b88..425bf5a 100644
--- a/drivers/mtd/ubi/upd.c
+++ b/drivers/mtd/ubi/upd.c
@@ -155,6 +155,7 @@  int ubi_start_update(struct ubi_device *ubi, struct ubi_volume *vol,
                if (err)
                        return err;
                vol->updating = 0;
+               return 0;
        }

        vol->upd_buf = vmalloc(ubi->leb_size);

Patchwork Memory leak on UBI volume truncating

Comments

Patch