[FS#3376] Memory leak in cfg80211/mac80211 in trunk on TP Archer c7 v2

OpenWrt Bugs openwrt-bugs at lists.openwrt.org
Sat Oct 10 07:18:54 EDT 2020


THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.

A new Flyspray task has been opened.  Details are below. 

User who did this - tobiaswaldvogel (tobiaswaldvogel) 

Attached to Project - OpenWrt/LEDE Project
Summary - Memory leak in cfg80211/mac80211 in trunk on TP Archer c7 v2
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To - 
Operating System - All
Severity - High
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details -  - Device TP Archer c7 v2
 - Software OpenWrt SNAPSHOT r14651+16-23c7fb7600
 - How to reproduce: Just wait a few hours (Usually just 6 hours)
 - I tried both ath10k drivers (ath10k and ath10k-ct) with the same result

After compiling the current trunk for  TP Archer c7 v2 there seems to be a memory leak in the kernel.
The memory usage is creeping up over a few hours until it triggers an OOM and a reboot.
There is no user space process consuming the memory and an analysis with kmemleak showed always the following entries:

unreferenced object 0x84639900 (size 176):
  comm "hostapd", pid 1622, jiffies 5733 (age 112.956s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 85 5f f0 00 00 00 00 00  ........._......
    00 00 00 00 00 00 00 00 40 22 00 1b 00 07 00 00  ........@"......
  backtrace:
    [] kmem_cache_alloc+0xf4/0x23c
    [] __build_skb+0x34/0xd0
    [] __netdev_alloc_skb+0xf8/0x1ac
    [] ieee80211_mgmt_tx+0x120/0x5a0 [mac80211]
    [] nl80211_parse_chandef+0x1bb8/0x2be8 [cfg80211]


gdb resolved this to

ieee80211_mgmt_tx (backports-5.8-1/net/mac80211/offchannel.c:890).
885			ret = -EBUSY;
886			goto out_unlock;
887		}
888	
889		skb = dev_alloc_skb(local->hw.extra_tx_headroom + params->len);
890		if (!skb) {
891			ret = -ENOMEM;
892			goto out_unlock;
893		}
894		skb_reserve(skb, local->hw.extra_tx_headroom);


nl80211_tx_mgmt (backports-5.8-1/net/wireless/nl80211.c:10990).
10985			}
10986		}
10987	
10988		params.chan = chandef.chan;
10989		err = cfg80211_mlme_mgmt_tx(rdev, wdev, &params, &cookie);
10990		if (err)
10991			goto free_msg;
10992	
10993		if (msg) {
10994			if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,


As far as I understood this belongs to the remain_on_channel functionality
But unfortunately I was unable to spot why the skb is not released


More information can be found at the following URL:
https://bugs.openwrt.org/index.php?do=details&task_id=3376

You are receiving this message because you have requested it from the Flyspray bugtracking system.  If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.



More information about the openwrt-bugs mailing list