All of lore.kernel.org
 help / color / mirror / Atom feed
From: Catalin Marinas <catalin.marinas@arm.com>
To: Paul Menzel <pmenzel@molgen.mpg.de>
Cc: Dave Hansen <dave.hansen@intel.com>,
	LKML <linux-kernel@vger.kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org
Subject: Re: kmemleak detects leak in msr_build_context
Date: Fri, 14 Jan 2022 11:44:35 +0000	[thread overview]
Message-ID: <YeFiI1xhiZK7uU+Z@arm.com> (raw)
In-Reply-To: <41359b02-5f03-b822-9407-fb8d5ce44e70@molgen.mpg.de>

On Tue, Jan 11, 2022 at 10:05:43PM +0100, Paul Menzel wrote:
> Am 11.01.22 um 16:26 schrieb Dave Hansen:
> > On 1/10/22 23:49, Paul Menzel wrote:
> > > Running Linux from commit bf4eebf8cfa2 (Merge tag
> > > 'linux-kselftest-kunit-5.17-rc1' of
> > > git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest),
> > > kmemleak reported the leak below:
> > > 
> > > ```
> > > unreferenced object 0xffff8914823de500 (size 64):
> > >    comm "swapper/0", pid 1, jiffies 4294667581 (age 1253.406s)
> > >    hex dump (first 32 bytes):
> > >      00 00 00 00 00 00 00 00 04 10 01 c0 00 00 00 00  ................
> > >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> > >    backtrace:
> > >      [<000000007f3b05e9>] __kmalloc+0x177/0x330
> > >      [<0000000008104cca>] msr_build_context.constprop.0+0x32/0xbe
> > >      [<00000000012bab4e>] msr_save_cpuid_features+0x28/0x2f
> > >      [<00000000b7a2262e>] pm_check_save_msr+0x2e/0x40
> > >      [<00000000cbe9d92d>] do_one_initcall+0x44/0x200
> > >      [<0000000094deab7b>] kernel_init_freeable+0x1fc/0x273
> > >      [<00000000d3dbaa56>] kernel_init+0x16/0x160
> > >      [<0000000058c4a8b3>] ret_from_fork+0x22/0x30
[...]
> > I've taken a look through arch/x86/power/cpu.c, and nothing obvious
> > jumped out at me.  msr_build_context() could probably be cleaned up by
> > using kvrealloc(), but it hasn't been touched recently in a way that I
> > would expect things to leak.
[...]
> > I suspect this is a false positive from kmemleak.
> 
> Maybe Catalin can check.

I can't see anything obviously wrong with msr_build_context(), unless it
can somehow be called concurrently, the saved_msrs.array update wouldn't
be safe. Another place to look at is whether saved_context.saved_msrs is
getting corrupt somehow.

If you force another kmemleak scan (through echo scan > /sys/...), does
the leak report disappear? This would be a good indication of a false
positive, though this normally happens with structures that are changed
frequently.

A way to confirm (or rule out) a kmemleak false positive would be to
check that saved_context.saved_msrs.array still points to the
unreferenced object listed above (you may need some kernel
instrumentation). If it doesn't, we'd need to figure out what happened
with the previous array.

-- 
Catalin

      parent reply	other threads:[~2022-01-14 11:44 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-11  7:49 kmemleak detects leak in msr_build_context Paul Menzel
2022-01-11 15:26 ` Dave Hansen
2022-01-11 21:05   ` Paul Menzel
2022-01-11 23:16     ` Borislav Petkov
2022-01-14 11:09       ` Catalin Marinas
2022-01-14 11:44     ` Catalin Marinas [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YeFiI1xhiZK7uU+Z@arm.com \
    --to=catalin.marinas@arm.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=pmenzel@molgen.mpg.de \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.