Monday, June 23, 2014

kmemleak in ubuntu


  1. kmemleak is a kernel debugging tool which is used for collecting memory leak information
  2. This kmemleak is kernel version of valgrind's memcheck --leak-check
  3. The orphan objects are not freed but only reported via /sys/kernel/debug/kmemleak
  4. Compile the kernel with CONFIG_DEBUG_KMEMLEAK.
Follow the instructions given in the following link for compiling a new kernel and installing in ubuntu machine.http://mitchtech.net/compile-linux-kernel-on-ubuntu-12-04-lts-detailed/
Step 1: Go to root shell mode by sudo -i
Step 2: Check kmemleak availability using dmesg | grep kmemleak 
dmesg | grep kmemleak
[    1.000175] kmemleak: Kernel memory leak detector initialized
[    1.000274] kmemleak: Automatic memory scanning thread started
Step 3: change the permission of /sys/kernel/debug/kmemleak. By default, it will read-only.
$ ls -l /sys/kernel/debug/kmemleak 
-r--r--r-- 1 root root 0 Jun 23 13:23 /sys/kernel/debug/kmemleak

$ chmod 777 /sys/kernel/debug/kmemleak
$ ls -l /sys/kernel/debug/kmemleak 
-rwxrwxrwx 1 root root 0 Jun 23 13:23 /sys/kernel/debug/kmemleak
Step 4: Compile the following kernel module
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/slab.h>

MODULE_LICENSE("GPL");

int __init ourinitmodule(void)
{
        int *a = NULL, *b = NULL;
        printk(KERN_ALERT "\n Welcome to sample application.... \n");
        b = kmalloc(1024, GFP_KERNEL);    //Intentionally kept for testing kmemleak
        a = kmalloc(1024, GFP_KERNEL);
        a[0] = 10;
        kfree(a);
        return 0;
}

void __exit ourcleanupmodule(void)
{
        printk(KERN_ALERT "\n Thanks....Exiting Application. \n");
}

module_init(ourinitmodule);
module_exit(ourcleanupmodule);
Step 5: Insert the module and unload using insmod & rmmod
Step 6: Wait for following message in dmesg
[  325.438226]
[  325.438226]  Welcome to sample application....
[  360.964221]
[  360.964221]  Thanks....Exiting Application.
[ 1263.301682] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
Since kmemleak's default scan frequency is 10 mins, Wait for 10 mins to get this message (Note: This frequency can be programmed, we will discuss this later.)
Step 7: Print memory leak report by $cat /sys/kernel/debug/kmemleak 
unreferenced object 0xe7801800 (size 1024):
  comm "insmod", pid 2700, jiffies 6359 (age 2367.608s)
  hex dump (first 32 bytes):
    00 1c 80 e7 24 0a 30 ff 24 0a 30 ff 24 0a 30 ff  ....$.0.$.0.$.0.
    24 0a 30 ff 24 0a 30 ff 24 0a 30 ff 24 0a 30 ff  $.0.$.0.$.0.$.0.
  backtrace:
    [<c15da9ec>] kmemleak_alloc+0x2c/0x60
    [<c114ae06>] kmem_cache_alloc_trace+0x96/0x130
    [<f847c028>] 0xf847c028
    [<c1003132>] do_one_initcall+0x112/0x160
    [<c10acb4a>] load_module+0x1e8a/0x2660
    [<c10ad398>] sys_init_module+0x78/0xb0
    [<c15f850d>] sysenter_do_call+0x12/0x28
    [<ffffffff>] 0xffffffff
From the above log, we observe that there are 1024 un-referenced bytes.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)