** Description changed: + [Impact] + + * Upstream commit 0a9f8f0a1ba9 "rtlwifi: fix btmpinfo timeout while + processing C2H_BT_INFO" fixed a timeout message by adding a fast path + which allowed commands to skip the queue to be processed immediately. + However, the fast path doesn't free the sk_buff when it completes; this + results in a memory leak when commands are fast-tracked. + + [Test Case] + + * This was tested in the bug report on a RTL8723BE card. As the system + is running, a memory leak is observed until it gets to the point where a + reboot is necessary. + + * The following patch was applied and the ever-increasing memory + consumption no longer experienced. + + [Regression Potential] + + * This was fixed in Linux 4.20 and participants in both the LP bug and + the Github issue reports [1] have reported positive test results with + just this patch applied. + + [1] https://github.com/lwfinger/rtlwifi_new/issues/401 + + + Original bug description follows: + --- + Hey, i got a memory leak on Ubuntu 18.04.2 even in console mode (no X/GUI) the memory usage grows slowly to take all the available RAM when i let the computer running over the night (with just top and irssi), and i have to reboot to get things back to normal. I didn't have this problem on Ubuntu 17.10 but i was still flooded with message about pci aer taking lots of disk space in the logs, but pci=noaer fixed this problem and i had no memory leak. The computer is a common laptop: HP Pavilion. --- Kernel log gets spammed with AERs so owner uses "pci=noaer"; that was briefly disabled to capture the AERs. Memory seems to be consumed (~6 GB of 8GB) just by leaving PC overnight booted just to console (systemd.unit=multi-user.target). The memory leak doesn't affect Windows but owner is going to check Windows Event Log for signs of AERs being logged. --- Original suspect of AER is not guilty. This turns out to be a bug in the rtlwifi driver where in some rare circumstances it fails to free an sk_buf. Reporter has been testing a DKMS build of rtlwfi with the fix applied and confirms it solves the issue. Upstream has the commit. Can we get this cherry-picked into all releases? commit 8cfa272b0d321160ebb5b45073e39ef0a6ad73f2 Author: Larry Finger <[email protected]> Date: Sat Nov 17 20:55:03 2018 -0600 - rtlwifi: Fix leak of skb when processing C2H_BT_INFO - - With commit 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing - C2H_BT_INFO"), calling rtl_c2hcmd_enqueue() with rtl_c2h_fast_cmd() true, - the routine returns without freeing that skb, thereby leaking it. - - This issue has been discussed at https://github.com/lwfinger/rtlwifi_new/issues/401 - and the fix tested there. - - Fixes: 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing C2H_BT_INFO") - Reported-and-tested-by: Francisco Machado Magalhães Neto <[email protected]> - Cc: Francisco Machado Magalhães Neto <[email protected]> - Cc: Ping-Ke Shih <[email protected]> - Cc: Stable <[email protected]> # 4.18+ - Signed-off-by: Larry Finger <[email protected]> - Signed-off-by: Kalle Valo <[email protected]> + rtlwifi: Fix leak of skb when processing C2H_BT_INFO + + With commit 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing + C2H_BT_INFO"), calling rtl_c2hcmd_enqueue() with rtl_c2h_fast_cmd() true, + the routine returns without freeing that skb, thereby leaking it. + + This issue has been discussed at https://github.com/lwfinger/rtlwifi_new/issues/401 + and the fix tested there. + + Fixes: 0a9f8f0a1ba9 ("rtlwifi: fix btmpinfo timeout while processing C2H_BT_INFO") + Reported-and-tested-by: Francisco Machado Magalhães Neto <[email protected]> + Cc: Francisco Machado Magalhães Neto <[email protected]> + Cc: Ping-Ke Shih <[email protected]> + Cc: Stable <[email protected]> # 4.18+ + Signed-off-by: Larry Finger <[email protected]> + Signed-off-by: Kalle Valo <[email protected]> diff --git a/drivers/net/wireless/realtek/rtlwifi/base.c b/drivers/net/wireless/realtek/rtlwifi/base.c index f4122c8fdd97..ef9b502ce576 100644 --- a/drivers/net/wireless/realtek/rtlwifi/base.c +++ b/drivers/net/wireless/realtek/rtlwifi/base.c @@ -2289,6 +2289,7 @@ void rtl_c2hcmd_enqueue(struct ieee80211_hw *hw, struct sk_buff *skb) - - if (rtl_c2h_fast_cmd(hw, skb)) { - rtl_c2h_content_parsing(hw, skb); + + if (rtl_c2h_fast_cmd(hw, skb)) { + rtl_c2h_content_parsing(hw, skb); + kfree_skb(skb); - return; - } + return; + }
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1831751 Title: rtlwifi: aggressive memory leak To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1831751/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
