lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1251189105.7261.4.camel@penberg-laptop>
Date:	Tue, 25 Aug 2009 11:31:45 +0300
From:	Pekka Enberg <penberg@...helsinki.fi>
To:	Catalin Marinas <catalin.marinas@....com>
Cc:	Vegard Nossum <vegard.nossum@...il.com>,
	Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org
Subject: Re: WARNING: kmemcheck: Caught 32-bit read from uninitialized
 memory  (f6f6e1a4), by kmemleak's scan_block()

On Tue, 2009-08-25 at 09:27 +0100, Catalin Marinas wrote:
> On Tue, 2009-08-25 at 11:08 +0300, Pekka Enberg wrote:
> > On Tue, 2009-08-25 at 10:04 +0200, Vegard Nossum wrote:
> > > 2009/8/25 Ingo Molnar <mingo@...e.hu>:
> > > > FYI, -tip testing triggered the following kmemcheck warning in
> > > > kmemleak:
> > > >
> > > > PM: Adding info for No Bus:vcsa7
> > > > WARNING: kmemcheck: Caught 32-bit read from uninitialized memory (f6f6e1a4)
> > > > d873f9f600000000c42ae4c1005c87f70000000070665f666978656400000000
> > > >  i i i i u u u u i i i i i i i i i i i i i i i i i i i i i u u u
> [...]
> > > Already the patch to make kmemcheck and kmemleak mutually exclusive is
> > > underway. It is not surprising that kmemleak is scanning uninitialized
> > > memory. But if you say that you have tried it before, it is strange
> > > that it didn't appear until now.
> > 
> > Why isn't it surprising? Yes, it's non-fatal for kmemleak to scan
> > uninitialized memory but we could be looking at non-initialized struct
> > member that's a bug waiting to happen elsewhere in the code (that
> > doesn't trigger often).
> 
> It isn't surprising to me either. Kmemleak scans the memory periodically
> but it cannot know whether such memory was initialised or not to avoid
> scanning it. So I would expect such warnings if both kmemleak and
> kmemcheck are enabled. Scanning uninitialised memory is fine with
> kmemleak, it just increases the number of false negatives (with
> SLAB_DEBUG enabled, however, the allocated blocks are pre-initialised).
> 
> So kmemleak and kmemcheck should be exclusive, unless there is a way for
> kmemleak to validate an address with kmemcheck before deciding whether
> to scan a memory block.

It's possible. Look at the kmemcheck_shadow_lookup() and
kmemcheck_shadow_test() calls in kmemcheck_read_strict(), for example.

Vegard, what do you think? I think making kmemcheck and kmemleak play
nice with each other is useful for people like Ingo who do automated
testing.

			Pekka

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ