** Description changed:
Hey, i got a memory leak on Ubuntu 18.04.2 even in console mode (no X/GUI)
the memory usage grows slowly to take all the available RAM when i let the
computer running over the night (with just top and irssi), and i have to reboot
to get things back to normal. I didn't have this problem on Ubuntu 17.10 but i
was still flooded with message about pci aer taking lots of disk space in the
logs, but pci=noaer fixed this problem and i had no memory leak.
The computer is a common laptop: HP Pavilion.
---
Kernel log gets spammed with AERs so owner uses "pci=noaer"; that was briefly
disabled to capture the AERs.
Memory seems to be consumed (~6 GB of 8GB) just by leaving PC overnight
booted just to console (systemd.unit=multi-user.target).
The memory leak doesn't affect Windows but owner is going to check
Windows Event Log for signs of AERs being logged.
---
- ## AERs (repeated several times per second)
+ Original suspect of AER is not guilty.
- [ 34.978011] pcieport 0000:00:1d.0: device [8086:9d1b] error
status/mask=00000001/00002000
- [ 34.978013] pcieport 0000:00:1d.0: [ 0] Receiver Error (First)
- [ 34.978038] pcieport 0000:00:1d.0: AER: Corrected error received:
0000:00:1d.0
- [ 34.978042] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected,
type=Physical Layer, (Receiver ID)
+ This turns out to be a bug in the rtlwifi driver where in some rare
+ circumstances it fails to free an sk_buf.
- ## PCI device
+ Reporter has been testing a DKMS build of rtlwfi with the fix applied
+ and confirms it solves the issue.
- +-1d.0-[04]----00.0 Realtek Semiconductor Co., Ltd. RTL8723BE PCIe
- Wireless Network Adapter [10ec:b723]
+ Upstream has the commit. Can we get this cherry-picked into all
+ releases?
- 00:1d.0 PCI bridge [0604]: Intel Corporation Device [8086:9d1b] (rev f1)
(prog-if 00 [Normal decode])
- Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
- Latency: 0, Cache Line Size: 64 bytes
- Interrupt: pin D routed to IRQ 125
- Bus: primary=00, secondary=04, subordinate=04, sec-latency=0
- I/O behind bridge: 00003000-00003fff
- Memory behind bridge: a4000000-a40fffff
- Prefetchable memory behind bridge: 00000000fff00000-00000000000fffff
- Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort+ <SERR- <PERR-
- BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B-
- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
- Capabilities: [40] Express (v2) Root Port (Slot+), MSI 00
- DevCap: MaxPayload 128 bytes, PhantFunc 0
- ExtTag- RBE+
- DevCtl: Report errors: Correctable- Non-Fatal- Fatal-
Unsupported-
- RlxdOrd- ExtTag- PhantFunc- AuxPwr- NoSnoop-
- MaxPayload 128 bytes, MaxReadReq 128 bytes
- DevSta: CorrErr+ UncorrErr- FatalErr- UnsuppReq- AuxPwr+
TransPend-
- LnkCap: Port #12, Speed 8GT/s, Width x1, ASPM L0s L1, Exit
Latency L0s <1us, L1 <16us
- ClockPM- Surprise- LLActRep+ BwNot+ ASPMOptComp+
- LnkCtl: ASPM L1 Enabled; RCB 64 bytes Disabled- CommClk+
- ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
- LnkSta: Speed 2.5GT/s, Width x1, TrErr- Train- SlotClk+
DLActive+ BWMgmt+ ABWMgmt-
- SltCap: AttnBtn- PwrCtrl- MRL- AttnInd- PwrInd- HotPlug-
Surprise-
- Slot #11, PowerLimit 10.000W; Interlock- NoCompl+
- SltCtl: Enable: AttnBtn- PwrFlt- MRL- PresDet- CmdCplt- HPIrq-
LinkChg-
- Control: AttnInd Unknown, PwrInd Unknown, Power-
Interlock-
- SltSta: Status: AttnBtn- PowerFlt- MRL- CmdCplt- PresDet+
Interlock-
- Changed: MRL- PresDet- LinkState+
- RootCtl: ErrCorrectable- ErrNon-Fatal- ErrFatal- PMEIntEna+
CRSVisible-
- RootCap: CRSVisible-
- RootSta: PME ReqID 0000, PMEStatus- PMEPending-
- DevCap2: Completion Timeout: Range ABC, TimeoutDis+, LTR+, OBFF
Not Supported ARIFwd+
- DevCtl2: Completion Timeout: 50us to 50ms, TimeoutDis-, LTR+,
OBFF Disabled ARIFwd-
- LnkCtl2: Target Link Speed: 8GT/s, EnterCompliance- SpeedDis-
- Transmit Margin: Normal Operating Range,
EnterModifiedCompliance- ComplianceSOS-
- Compliance De-emphasis: -6dB
- LnkSta2: Current De-emphasis Level: -3.5dB,
EqualizationComplete-, EqualizationPhase1-
- EqualizationPhase2-, EqualizationPhase3-,
LinkEqualizationRequest-
- Capabilities: [80] MSI: Enable+ Count=1/1 Maskable- 64bit-
- Address: fee002d8 Data: 0000
- Capabilities: [90] Subsystem: Hewlett-Packard Company Device [103c:820a]
- Capabilities: [a0] Power Management version 3
- Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA
PME(D0+,D1-,D2-,D3hot+,D3cold+)
- Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME-
- Capabilities: [100 v1] Advanced Error Reporting
- UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt-
RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
- UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt+
RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
- UESvrt: DLP+ SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt-
RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol-
- CESta: RxErr+ BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr-
- CEMsk: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr+
- AERCap: First Error Pointer: 00, GenCap- CGenEn- ChkCap- ChkEn-
- Capabilities: [140 v1] Access Control Services
- ACSCap: SrcValid+ TransBlk+ ReqRedir+ CmpltRedir+ UpstreamFwd-
EgressCtrl- DirectTrans-
- ACSCtl: SrcValid- TransBlk- ReqRedir- CmpltRedir- UpstreamFwd-
EgressCtrl- DirectTrans-
- Capabilities: [220 v1] #19
- Kernel driver in use: pcieport
+ commit 8cfa272b0d321160ebb5b45073e39ef0a6ad73f2
+ Author: Larry Finger <larry.fin...@lwfinger.net>
+ Date: Sat Nov 17 20:55:03 2018 -0600
+ rtlwifi: Fix leak of skb when processing C2H_BT_INFO
+
+ With commit 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing
+ C2H_BT_INFO"), calling rtl_c2hcmd_enqueue() with rtl_c2h_fast_cmd() true,
+ the routine returns without freeing that skb, thereby leaking it.
+
+ This issue has been discussed at
https://github.com/lwfinger/rtlwifi_new/issues/401
+ and the fix tested there.
+
+ Fixes: 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing
C2H_BT_INFO")
+ Reported-and-tested-by: Francisco Machado Magalhães Neto
<franmagn...@gmail.com>
+ Cc: Francisco Machado Magalhães Neto <franmagn...@gmail.com>
+ Cc: Ping-Ke Shih <pks...@realtek.com>
+ Cc: Stable <sta...@vger.kernel.org> # 4.18+
+ Signed-off-by: Larry Finger <larry.fin...@lwfinger.net>
+ Signed-off-by: Kalle Valo <kv...@codeaurora.org>
- 04:00.0 Network controller [0280]: Realtek Semiconductor Co., Ltd. RTL8723BE
PCIe Wireless Network Adapter [10ec:b723]
- Subsystem: Hewlett-Packard Company RTL8723BE PCIe Wireless Network
Adapter [103c:81c1]
- Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
- Latency: 0, Cache Line Size: 64 bytes
- Interrupt: pin A routed to IRQ 19
- Region 0: I/O ports at 3000 [size=256]
- Region 2: Memory at a4000000 (64-bit, non-prefetchable) [size=16K]
- Capabilities: [40] Power Management version 3
- Flags: PMEClk- DSI- D1+ D2+ AuxCurrent=375mA
PME(D0+,D1+,D2+,D3hot+,D3cold+)
- Status: D0 NoSoftRst+ PME-Enable- DSel=0 DScale=0 PME-
- Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit+
- Address: 0000000000000000 Data: 0000
- Capabilities: [70] Express (v2) Endpoint, MSI 00
- DevCap: MaxPayload 128 bytes, PhantFunc 0, Latency L0s <4us, L1
<64us
- ExtTag- AttnBtn- AttnInd- PwrInd- RBE+ FLReset-
SlotPowerLimit 10.000W
- DevCtl: Report errors: Correctable- Non-Fatal- Fatal-
Unsupported-
- RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop-
- MaxPayload 128 bytes, MaxReadReq 512 bytes
- DevSta: CorrErr- UncorrErr- FatalErr- UnsuppReq- AuxPwr+
TransPend-
- LnkCap: Port #0, Speed 2.5GT/s, Width x1, ASPM L0s L1, Exit
Latency L0s <512ns, L1 <64us
- ClockPM+ Surprise- LLActRep- BwNot- ASPMOptComp-
- LnkCtl: ASPM L0s L1 Enabled; RCB 64 bytes Disabled- CommClk+
- ExtSynch- ClockPM+ AutWidDis- BWInt- AutBWInt-
- LnkSta: Speed 2.5GT/s, Width x1, TrErr- Train- SlotClk+
DLActive- BWMgmt- ABWMgmt-
- DevCap2: Completion Timeout: Not Supported, TimeoutDis+, LTR+,
OBFF Via message/WAKE#
- DevCtl2: Completion Timeout: 50us to 50ms, TimeoutDis+, LTR+,
OBFF Disabled
- LnkCtl2: Target Link Speed: 2.5GT/s, EnterCompliance- SpeedDis-
- Transmit Margin: Normal Operating Range,
EnterModifiedCompliance- ComplianceSOS-
- Compliance De-emphasis: -6dB
- LnkSta2: Current De-emphasis Level: -6dB,
EqualizationComplete-, EqualizationPhase1-
- EqualizationPhase2-, EqualizationPhase3-,
LinkEqualizationRequest-
- Capabilities: [100 v2] Advanced Error Reporting
- UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt-
RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
- UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt-
RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
- UESvrt: DLP+ SDES+ TLP- FCP+ CmpltTO- CmpltAbrt- UnxCmplt-
RxOF+ MalfTLP+ ECRC- UnsupReq- ACSViol-
- CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr-
- CEMsk: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr+
- AERCap: First Error Pointer: 00, GenCap+ CGenEn- ChkCap+ ChkEn-
- Capabilities: [140 v1] Device Serial Number 00-23-b7-fe-ff-4c-e0-00
- Capabilities: [150 v1] Latency Tolerance Reporting
- Max snoop latency: 3145728ns
- Max no snoop latency: 3145728ns
- Capabilities: [158 v1] L1 PM Substates
- L1SubCap: PCI-PM_L1.2+ PCI-PM_L1.1+ ASPM_L1.2+ ASPM_L1.1+
L1_PM_Substates+
- PortCommonModeRestoreTime=150us PortTPowerOnTime=150us
- L1SubCtl1: PCI-PM_L1.2- PCI-PM_L1.1- ASPM_L1.2- ASPM_L1.1-
- T_CommonMode=0us LTR1.2_Threshold=0ns
- L1SubCtl2: T_PwrOn=10us
- Kernel driver in use: rtl8723be
-
- # nogui boot, free memory reported at startup:
- total used free shared buff/cache available
- 8055940 239824 7335792 3256 480324 7567576
- 2097148 0 2097148
- # after leaving overnight (user used 'free -m')
- 7867 6836 230 3 800 763
- 2047 0 2047
-
- This will likely need a custom kernel build that enables DEBUG_MEMLEAK,
- see https://www.kernel.org/doc/html/v4.18/dev-tools/kmemleak.html for
- how to make use of it.
+ diff --git a/drivers/net/wireless/realtek/rtlwifi/base.c
b/drivers/net/wireless/realtek/rtlwifi/base.c
+ index f4122c8fdd97..ef9b502ce576 100644
+ --- a/drivers/net/wireless/realtek/rtlwifi/base.c
+ +++ b/drivers/net/wireless/realtek/rtlwifi/base.c
+ @@ -2289,6 +2289,7 @@ void rtl_c2hcmd_enqueue(struct ieee80211_hw *hw, struct
sk_buff *skb)
+
+ if (rtl_c2h_fast_cmd(hw, skb)) {
+ rtl_c2h_content_parsing(hw, skb);
+ + kfree_skb(skb);
+ return;
+ }
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1831751
Title:
rtlwifi: aggresive memory leak
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831751/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
