lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <201210151652486099657@gmail.com>
Date:	Mon, 15 Oct 2012 16:52:51 +0800
From:	"Jianpeng Ma" <majianpeng@...il.com>
To:	linux-kernel <linux-kernel@...r.kernel.org>
Subject: About reuse address space when __init func removed

Hi all,
	Today, I found some kernel message about memeleaking.As follows:
unreferenced object 0xffff8800b6e6b980 (size 64):
  comm "modprobe", pid 1137, jiffies 4294676166 (age 7326.499s)
  hex dump (first 32 bytes):
    01 04 01 00 00 00 00 00 00 00 98 b5 00 88 ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff816a3f16>] kmemleak_alloc+0x56/0xc0
    [<ffffffff8113bd43>] __kmalloc+0x173/0x310
    [<ffffffffa009a78a>] 0xffffffffa009a78a
    [<ffffffffa009ad95>] 0xffffffffa009ad95
    [<ffffffff81300985>] pci_device_probe+0x75/0xa0
    [<ffffffff814078c4>] driver_probe_device+0x84/0x380
    [<ffffffff81407c63>] __driver_attach+0xa3/0xb0
    [<ffffffff81405a96>] bus_for_each_dev+0x56/0x90
    [<ffffffff81407359>] driver_attach+0x19/0x20
    [<ffffffff81406e80>] bus_add_driver+0x1a0/0x2c0
    [<ffffffff81408195>] driver_register+0x75/0x150
    [<ffffffff812ffa1c>] __pci_register_driver+0x5c/0x70
    [<ffffffffa00a20a7>] nfsd_last_thread+0x47/0x70 [nfsd]
    [<ffffffff810001fa>] do_one_initcall+0x3a/0x170
    [<ffffffff810a7d1c>] sys_init_module+0x8c/0x200
    [<ffffffff816cc352>] system_call_fastpath+0x16/0x1b

But the problem is not memleak, but the stack.
I noticed "[<ffffffffa00a20a7>] nfsd_last_thread+0x47/0x70 [nfsd]".But the real module is mvsas.
Why the kernel print nfsd?

I added some debuginfo in func mvs_init.
diff --git a/drivers/scsi/mvsas/mv_init.c b/drivers/scsi/mvsas/mv_init.c
index cc59dff..d34ce01 100644
--- a/drivers/scsi/mvsas/mv_init.c
+++ b/drivers/scsi/mvsas/mv_init.c
@@ -821,6 +821,7 @@ static int __init mvs_init(void)
 {
        int rc;
        mvs_stt = sas_domain_attach_transport(&mvs_transport_ops);
+       printk(KERN_ERR"%s:0x%lx\n", __func__, _THIS_IP_);
        if (!mvs_stt)
                return -ENOMEM;

The result is "[    3.781487] mvs_init:0xffffffffa00a2000"

I think because the __init attribute.When mvs_init execd,those memeory removed and the address space alse removed.So after func nfsd_last_thread used those address.
Is it a bug?

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ