Date: Wed, 17 Apr 2013 13:17:40 -0700 From: Jeremy Chadwick <jdc@koitsu.org> To: Chris Forgeron <cforgeron@acsi.ca> Cc: Gleb Smirnoff <glebius@FreeBSD.org>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>, Jack Vogel <jack.vogel@intel.com>, John Baldwin <jhb@freebsd.org> Subject: Re: kern/165903: mbuf leak Message-ID: <20130417201739.GA11022@icarus.home.lan> In-Reply-To: <46D80686C389884BB0C047851038EC456D8C3FC5@AA-EX0.acsi.ca> References: <46D80686C389884BB0C047851038EC456D8BCEBC@AA-EX0.acsi.ca> <20130410235347.GA38492@icarus.home.lan> <20130411000818.GA38803@icarus.home.lan> <46D80686C389884BB0C047851038EC456D8C0EF0@AA-EX0.acsi.ca> <20130413235031.GA8212@icarus.home.lan> <46D80686C389884BB0C047851038EC456D8C0F52@AA-EX0.acsi.ca> <20130415104238.GP76816@FreeBSD.org> <46D80686C389884BB0C047851038EC456D8C3001@AA-EX0.acsi.ca> <20130416164658.GA81268@icarus.home.lan> <46D80686C389884BB0C047851038EC456D8C3FC5@AA-EX0.acsi.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 17, 2013 at 05:38:12PM +0000, Chris Forgeron wrote: > Hello, > > I'm happy to report that the patch from Gleb has fixed the problem. > > My system had 256 mbuf clusters in use at boot, and after a day, still only has 256 mbuf clusters in use. > > From the patch, I see we are now dropping these packets (?) - Was the issue that the packets were being queued up for further work, but nothing was being done with them? Not exactly. Please open up the source file and follow along. At line 538, a call to mtod() is performed, which is what allocates the memory for the mbuf used for the ARP header. Now go to lines 543 and 549. These are error checks for certain kinds of ARP headers which are either malformed (line 543) or should not be honoured (line 549). When these error checks proved true, the code simply did "return" to get out of the function it was in (in_arpinput()), but never issued m_freem() to free the previously-allocated mbuf, hence leaking mbufs. The patch changes the "return" into "goto drop". The drop label is at line 873, which is where you'll find the m_freem(), followed immediately by the function returning. -- | Jeremy Chadwick jdc@koitsu.org | | UNIX Systems Administrator http://jdc.koitsu.org/ | | Mountain View, CA, US | | Making life hard for others since 1977. PGP 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130417201739.GA11022>