rtlwifi: aggressive memory leak
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Linux |
Fix Released
|
Unknown
|
|||
linux (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Cosmic |
Fix Committed
|
Undecided
|
Connor Kuehl |
Bug Description
[Impact]
* Upstream commit 0a9f8f0a1ba9 "rtlwifi: fix btmpinfo timeout while processing C2H_BT_INFO" fixed a timeout message by adding a fast path which allowed commands to skip the queue to be processed immediately. However, the fast path doesn't free the sk_buff when it completes; this results in a memory leak when commands are fast-tracked.
[Test Case]
* This was tested in the bug report on a RTL8723BE card. As the system is running, a memory leak is observed until it gets to the point where a reboot is necessary.
* The following patch was applied and the ever-increasing memory consumption no longer experienced.
[Regression Potential]
* This was fixed in Linux 4.20 and participants in both the LP bug and the Github issue reports [1] have reported positive test results with just this patch applied.
[1] https:/
Original bug description follows:
---
Hey, i got a memory leak on Ubuntu 18.04.2 even in console mode (no X/GUI) the memory usage grows slowly to take all the available RAM when i let the computer running over the night (with just top and irssi), and i have to reboot to get things back to normal. I didn't have this problem on Ubuntu 17.10 but i was still flooded with message about pci aer taking lots of disk space in the logs, but pci=noaer fixed this problem and i had no memory leak.
The computer is a common laptop: HP Pavilion.
---
Kernel log gets spammed with AERs so owner uses "pci=noaer"; that was briefly disabled to capture the AERs.
Memory seems to be consumed (~6 GB of 8GB) just by leaving PC overnight booted just to console (systemd.
The memory leak doesn't affect Windows but owner is going to check Windows Event Log for signs of AERs being logged.
---
Original suspect of AER is not guilty.
This turns out to be a bug in the rtlwifi driver where in some rare circumstances it fails to free an sk_buf.
Reporter has been testing a DKMS build of rtlwfi with the fix applied and confirms it solves the issue.
Upstream has the commit. Can we get this cherry-picked into all releases?
commit 8cfa272b0d32116
Author: Larry Finger <email address hidden>
Date: Sat Nov 17 20:55:03 2018 -0600
rtlwifi: Fix leak of skb when processing C2H_BT_INFO
With commit 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing
C2H_BT_INFO"), calling rtl_c2hcmd_
the routine returns without freeing that skb, thereby leaking it.
This issue has been discussed at https:/
and the fix tested there.
Fixes: 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing C2H_BT_INFO")
Reported-
Cc: Francisco Machado Magalhães Neto <email address hidden>
Cc: Ping-Ke Shih <email address hidden>
Cc: Stable <email address hidden> # 4.18+
Signed-off-by: Larry Finger <email address hidden>
Signed-off-by: Kalle Valo <email address hidden>
diff --git a/drivers/
index f4122c8fdd97.
--- a/drivers/
+++ b/drivers/
@@ -2289,6 +2289,7 @@ void rtl_c2hcmd_
if (rtl_c2h_
+ kfree_skb(skb);
}
description: | updated |
description: | updated |
description: | updated |
summary: |
- Possible memory leak due to PCI AER faults even with pci=noaer + rtlwifi: aggresive memory leak |
description: | updated |
Changed in linux (Ubuntu): | |
status: | In Progress → Confirmed |
tags: | added: bionic |
Changed in linux (Ubuntu): | |
importance: | Undecided → High |
Changed in linux (Ubuntu): | |
assignee: | TJ (tj) → nobody |
Changed in linux: | |
status: | Unknown → Fix Released |
tags: | added: rls-bb-incoming |
Changed in linux (Ubuntu Cosmic): | |
status: | New → In Progress |
description: | updated |
Changed in linux (Ubuntu Cosmic): | |
status: | In Progress → Fix Committed |
tags: | added: cscc |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1831751
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.