Hi Marcel,
On Sat, Aug 20, 2016, Marcel Holtmann wrote:
> > I am seeing two skb leaks in the BT sub-system for kernel 4.8-rc2. I
> > only recently re-enabled kmemleak, but I do not think I saw these
> > leaks in 4.7.
> >
> > The first leak is at btusb_recv_intr+0x12b/0x170 [btusb]. This
> > address refers to the call to bt_skb_alloc() in routine
> > btusb_recv_intr().
>
> do you have a backtrace for this one? Also which hardware is this?
>
> > The second leak is at hci_event_packet+0xb8/0x30b0 [bluetooth]. The
> > backtrace for this address is
> >
> > 0x13d38 is in hci_event_packet (net/bluetooth/hci_event.c:5254).
> > 5249 * various handlers may modify the original one through
> > 5250 * skb_pull() calls, etc.
> > 5251 */
> > 5252 if (req_complete_skb || event == HCI_EV_CMD_STATUS ||
> > 5253 event == HCI_EV_CMD_COMPLETE)
> > 5254 orig_skb = skb_clone(skb, GFP_KERNEL);
> > 5255
> > 5256 skb_pull(skb, HCI_EVENT_HDR_SIZE);
> > 5257
> > 5258 switch (event) {
> >
> > I am unable to unload module bluetooth to verify that the second
> > leak is not a false positive; however, the one in btusb is a real
> > memory leak.
>
> I can not see a leak. Maybe Johan has an idea.
Unfortunately I don't have any ideas either - there is no exit path from
hci_event_packet() after orig_skb has been allocated that would not
result in kfree_skb(orig_skb) being called first.
Johan
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
