lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 30 Nov 2011 20:02:07 +0000
From:	"Wouter M. Koolen" <W.M.Koolen-Wijkstra@....nl>
To:	Catalin Marinas <catalin.marinas@....com>
CC:	"Wouter M. Koolen" <W.M.Koolen-Wijkstra@....nl>,
	tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	x86@...nel.org
Subject: Re: kmemleak: unreferenced object in copy_thread


On 11/30/2011 11:54 AM, Catalin Marinas wrote:
> I can't yet tell whether it's a false positive or not. Did the X
> server die? Is the process with pid 1415 still around? The leaked
> object looks like the thread stack (8K) and it should have been
> removed when the corresponding process was killed.
Hi Catalin,

Just got lucky and hit it again. This time it occurred without killing. 
Here's the splat:

unreferenced object 0xffff880003eda000 (size 8192):
   comm "Xorg", pid 1117, jiffies 4295143832 (age 34745.832s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 0f 00 00 00 0f 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<ffffffff813feeb1>] kmemleak_alloc+0x21/0x50
     [<ffffffff8111086b>] kmem_cache_alloc_trace+0xdb/0x1d0
     [<ffffffff81001fbe>] copy_thread+0x1be/0x260
     [<ffffffff81044953>] copy_process+0xee3/0x1520
     [<ffffffff810450d6>] do_fork+0x116/0x350
     [<ffffffff8100a7d3>] sys_clone+0x23/0x30
     [<ffffffff8141c173>] stub_clone+0x13/0x20
     [<ffffffffffffffff>] 0xffffffffffffffff

The process 1117 is still alive. It is

root      1117  2.1  1.3 147484 28152 tty7     Ss+  09:55  13:02 
/usr/bin/X :0 vt7 -br -nolisten tcp -auth /var/run/xauth/A:0-Tdu4bb


Actually, there now are several splats of a second kind, relating to 
i915 gem buffers (attached). This type of splat has been reported before in
https://lkml.org/lkml/2011/10/4/15
although that thread seems to be a dead end. Maybe these warnings have a 
common source?

What would be a good next step?

With kind regards,

Wouter Koolen

View attachment "kmemleak" of type "text/plain" (10046 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ