lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 10 Jul 2018 17:17:06 +0200
From:   Paul Menzel <pmenzel@...gen.mpg.de>
To:     Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Paul Mackerras <paulus@...ba.org>,
        Michael Ellerman <mpe@...erman.id.au>
Cc:     linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Several suspected memory leaks

Dear Liunx folks,


On a the IBM S822LC (8335-GTA) with Ubuntu 18.04 I built Linux master
– 4.18-rc4+, commit 092150a2 (Merge branch 'for-linus'
of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid) – with
kmemleak. Several issues are found.

```
$ grep KMEMLEAK /boot/config-4.18.0-rc4+
CONFIG_HAVE_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK=y
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=10000
# CONFIG_DEBUG_KMEMLEAK_TEST is not set
# CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF is not set
$ dmesg | grep leak
[    4.978757] kmemleak: Kernel memory leak detector initialized
[    4.978761] kmemleak: Automatic memory scanning thread started
[  682.317540] kmemleak: 78 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[ 1894.998535] kmemleak: 10 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[ 2501.158464] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[ 6744.633712] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
```

Here is the first part, please find the Linux messages and the full
kmemleak output attached.

```
$ sudo cat /sys/kernel/debug/kmemleak
unreferenced object 0xc000007fdc540000 (size 16384):
  comm "swapper/0", pid 0, jiffies 4294892301 (age 1327.108s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<0000000007135d64>] hash__map_kernel_page+0x30c/0x4d0
    [<0000000071677858>] __ioremap_at+0x108/0x140
    [<000000000023e921>] __ioremap_caller+0x130/0x180
    [<000000009dbc3923>] icp_native_init_one_node+0x5cc/0x760
    [<0000000015f3168a>] icp_native_init+0x70/0x13c
    [<00000000655550ed>] xics_init+0x38/0x1ac
    [<0000000088dbf9d1>] pnv_init_IRQ+0x30/0x5c
    [<000000005fad1946>] init_IRQ+0x40/0x54
    [<000000006abd7834>] start_kernel+0x448/0x684
    [<00000000f8d483c1>] start_here_common+0x1c/0x520
unreferenced object 0xc000007fdc530000 (size 16384):
  comm "swapper/0", pid 0, jiffies 4294892309 (age 1327.076s)
  hex dump (first 32 bytes):
    00 00 00 7f dc 4a 40 00 00 00 00 00 00 00 00 00  .....J@.........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000002cdcd2db>] vmap_page_range_noflush+0x670/0x880
    [<0000000041cc3e80>] map_vm_area+0x58/0xb0
    [<00000000b92ed8c4>] __vmalloc_node_range+0x1cc/0x3f0
    [<00000000f6cf150a>] __vmalloc+0x50/0x60
    [<0000000027a0846e>] alloc_large_system_hash+0x3b8/0x554
    [<00000000ef0d6278>] vfs_caches_init+0xd4/0x138
    [<0000000055b60f04>] start_kernel+0x60c/0x684
    [<00000000f8d483c1>] start_here_common+0x1c/0x520
unreferenced object 0xc000000007bd8000 (size 16384):
  comm "init", pid 1, jiffies 4294895064 (age 1316.236s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000006ee9b8a3>] move_page_tables+0xd6c/0x13d0
    [<0000000091930c94>] shift_arg_pages+0xc8/0x220
    [<000000009cfa5804>] setup_arg_pages+0x26c/0x380
    [<00000000ee516bf8>] load_elf_binary+0x600/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc000000007bc8000 (size 16384):
  comm "init", pid 1, jiffies 4294895064 (age 1316.236s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000001cb1e8bb>] __handle_mm_fault+0x34c/0x2f20
    [<0000000028b41470>] handle_mm_fault+0x1f0/0x4e0
    [<00000000f5d2a8db>] __do_page_fault+0x274/0xf90
    [<0000000094f967e0>] handle_page_fault+0x18/0x38
    [<00000000a38200c8>] 0xc000007fce3bbaf0
    [<00000000c3aa995f>] load_elf_binary+0x99c/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc000007fb84d0000 (size 16384):
  comm "systemd-journal", pid 1796, jiffies 4294895847 (age 1313.168s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000006ee9b8a3>] move_page_tables+0xd6c/0x13d0
    [<0000000091930c94>] shift_arg_pages+0xc8/0x220
    [<000000009cfa5804>] setup_arg_pages+0x26c/0x380
    [<00000000ee516bf8>] load_elf_binary+0x600/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc000007fb84b0000 (size 16384):
  comm "systemd-journal", pid 1796, jiffies 4294895847 (age 1313.168s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000001cb1e8bb>] __handle_mm_fault+0x34c/0x2f20
    [<0000000028b41470>] handle_mm_fault+0x1f0/0x4e0
    [<00000000f5d2a8db>] __do_page_fault+0x274/0xf90
    [<0000000094f967e0>] handle_page_fault+0x18/0x38
    [<00000000cc288b87>] 0xc000007f95657af0
    [<00000000c3aa995f>] load_elf_binary+0x99c/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc000007f92fe8000 (size 16384):
  comm "lvmetad", pid 1802, jiffies 4294895860 (age 1313.116s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000006ee9b8a3>] move_page_tables+0xd6c/0x13d0
    [<0000000091930c94>] shift_arg_pages+0xc8/0x220
    [<000000009cfa5804>] setup_arg_pages+0x26c/0x380
    [<00000000ee516bf8>] load_elf_binary+0x600/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc000007f92ff0000 (size 16384):
  comm "lvmetad", pid 1802, jiffies 4294895860 (age 1313.116s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<000000001cb1e8bb>] __handle_mm_fault+0x34c/0x2f20
    [<0000000028b41470>] handle_mm_fault+0x1f0/0x4e0
    [<00000000f5d2a8db>] __do_page_fault+0x274/0xf90
    [<0000000094f967e0>] handle_page_fault+0x18/0x38
    [<000000009b19a1a9>] 0xc000007f95633af0
    [<00000000c3aa995f>] load_elf_binary+0x99c/0x29ac
    [<000000005bbeae4b>] search_binary_handler+0x114/0x330
    [<00000000c39037ab>] __do_execve_file.isra.8+0x8a4/0x10b0
    [<0000000044d8a16f>] sys_execve+0x58/0x70
    [<000000001deb923d>] system_call+0x5c/0x70
unreferenced object 0xc0000000052f0000 (size 16384):
  comm "blkmapd", pid 1808, jiffies 4294895896 (age 1312.976s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000bc285bbf>] __pud_alloc+0x80/0x270
    [<00000000464ece1a>] copy_page_range+0x97c/0xcf0
    [<00000000470f82ab>] copy_process.isra.6.part.7+0x1458/0x2cd0
    [<000000001784ab04>] _do_fork+0xf4/0x7e0
    [<00000000b8327d67>] ppc_clone+0x8/0xc
[…]
```

Please tell me how to continue. Is this the right subsystem?


Kind regards,

Paul

View attachment "20180710–linux_4.18-rc4+–kmemleak.txt" of type "text/plain" (63386 bytes)

View attachment "20180710–linux_4.18-rc4+–linux_messages.txt" of type "text/plain" (68044 bytes)

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5174 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ