netdev
[Top] [All Lists]

Re: Memory leak in 2.6.11-rc1?

To: Patrick McHardy <kaber@xxxxxxxxx>
Subject: Re: Memory leak in 2.6.11-rc1?
From: Russell King <rmk+lkml@xxxxxxxxxxxxxxxx>
Date: Sun, 30 Jan 2005 18:01:46 +0000
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>, Robert.Olsson@xxxxxxxxxxx, akpm@xxxxxxxx, torvalds@xxxxxxxx, alexn@xxxxxxxxx, kas@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <41FD18C5.6090108@xxxxxxxxx>; from kaber@xxxxxxxxx on Sun, Jan 30, 2005 at 06:26:29PM +0100
Mail-followup-to: Patrick McHardy <kaber@xxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, Robert.Olsson@xxxxxxxxxxx, akpm@xxxxxxxx, torvalds@xxxxxxxx, alexn@xxxxxxxxx, kas@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
References: <20050127004732.5d8e3f62.akpm@xxxxxxxx> <16888.58622.376497.380197@xxxxxxxxxxxx> <20050127164918.C3036@xxxxxxxxxxxxxxxxxxxxxx> <20050127123326.2eafab35.davem@xxxxxxxxxxxxx> <20050128001701.D22695@xxxxxxxxxxxxxxxxxxxxxx> <20050127163444.1bfb673b.davem@xxxxxxxxxxxxx> <20050128085858.B9486@xxxxxxxxxxxxxxxxxxxxxx> <20050130132343.A25000@xxxxxxxxxxxxxxxxxxxxxx> <41FD17FE.6050007@xxxxxxxxx> <41FD18C5.6090108@xxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.2.5.1i
On Sun, Jan 30, 2005 at 06:26:29PM +0100, Patrick McHardy wrote:
> Patrick McHardy wrote:
> 
> > Russell King wrote:
> >
> >> I don't know if the code is using fragment lists in ip_fragment(), but
> >> on reading the code a question comes to mind: if we have a list of
> >> fragments, does each fragment skb have a valid (and refcounted) dst
> >> pointer before ip_fragment() does it's job?  If yes, then isn't the
> >> first ip_copy_metadata() in ip_fragment() going to overwrite this
> >> pointer without dropping the refcount?
> >>
> > Nice spotting. If conntrack isn't loaded defragmentation happens after
> > routing, so this is likely the cause.
> 
> OTOH, if conntrack isn't loaded forwarded packet are never defragmented,
> so frag_list should be empty. So probably false alarm, sorry.

I've just checked Phil's mails - both Phil and myself are using
netfilter on the troublesome boxen.

Also, since FragCreates is zero, and this does mean that the frag_list
is not empty in all cases so far where ip_fragment() has been called.
(Reading the code, if frag_list was empty, we'd have to create some
fragments, which increments the FragCreates statistic.)

-- 
Russell King
 Linux kernel    2.6 ARM Linux   - http://www.arm.linux.org.uk/
 maintainer of:  2.6 PCMCIA      - http://pcmcia.arm.linux.org.uk/
                 2.6 Serial core

<Prev in Thread] Current Thread [Next in Thread>