lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5716E1F5.1020109@codeaurora.org>
Date:	Tue, 19 Apr 2016 18:57:09 -0700
From:	Nikhilesh Reddy <reddyn@...eaurora.org>
To:	linux-fsdevel <linux-fsdevel@...r.kernel.org>,
	Al Viro <viro@...iv.linux.org.uk>,
	Greg KH <gregkh@...uxfoundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	arve@...roid.com, riandrews@...roid.com
Subject: Re: Umount failing due to a file leak on 3.18 Android


Adding Arve Hjønnevåg and Riley Andrews


I am looking into a bug that results in umount failures ( since there
is a mount ref from the leaked file that is never freed on the mount )

The issue seems to be a result of the following callstack

      39.958104:   <6> Call trace:
      39.958108:   <2> [<ffffffc0001baa58>] fput+0x1e0/0x1f8
      39.958113:   <2> [<ffffffc0001b6ce8>] filp_close+0xa0/0xb8
      39.958119:   <2> [<ffffffc0001d3ca8>] put_files_struct+0x88/0xf0
      39.958123:   <2> [<ffffffc000973c40>]
binder_deferred_func+0x6a8/0x704
      39.958129:   <2> [<ffffffc0000ba32c>] process_one_work+0x238/0x3f0
      39.958133:   <2> [<ffffffc0000bb160>] worker_thread+0x2f8/0x418

What seems to occur is that once in a while a file ( say a.txt) is
fput in the above stack
right as the task is being killed

And then we see that the  fput schedules a delayed_fput_work on this
file

But when the function delayed_fput() is actually run :
     the file that was put i.e this a.txt is not in the delayed_fput_list

Any chance you can help me get to the bottom of this leak?
I dont understand why the delayed_fput_list is missing the file.

Is there some sort of race condition?


I will appreciate any pointers you can give me to debug this issue
Thanks so much in advance for your help.


-- 
Thanks
Nikhilesh Reddy

Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ