Leaking memory warning when starting 'Show Plymouth Boot Screen'
Hi,
Inspecting dmesg following system boot, I observe the message refcount_t: decrement hit 0; leaking memory.
when starting 'Show Plymouth Boot Screen' with a vanilla 5.4.89 kernel, i.e. the latest available long term kernel. I don't observe the same with the 5.10 kernel, but I'm unable to switch to 5.10.x day-to-day until an issue with nouveau which renders my machine unusable is fixed.
I'm running an up-to-date Debian bullseye with Plymouth 0.9.5.
The trace around the 'leaking memory' message follows at the end.
Cheers, Phil
[ 12.014952] systemd[1]: Starting Show Plymouth Boot Screen...
[ 12.019414] ------------[ cut here ]------------
[ 12.019416] refcount_t: decrement hit 0; leaking memory.
[ 12.019437] WARNING: CPU: 1 PID: 375 at lib/refcount.c:236 refcount_dec_checked+0x2e/0x40
[ 12.019438] Modules linked in: xt_limit(E) xt_addrtype(E) xt_tcpudp(E) xt_conntrack(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) nft_compat(E) nft_counter(E) firewire_sbp2(E) msr(E) parport_pc(E) ppdev(E) nf_tables(E) lp(E) nfnetlink(E) parport(E) configfs(E) fuse(E) efivarfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) crypto_simd(E) cryptd(E) glue_helper(E) hid_apple(E) uas(E) usb_storage(E) hid_appleir(E) hid_generic(E) usbhid(E) hid(E) dm_crypt(E) dm_mod(E) sd_mod(E) sr_mod(E) cdrom(E) ohci_pci(E) nouveau(E) ahci(E) libahci(E) mxm_wmi(E) wmi(E) video(E) i2c_algo_bit(E) ttm(E) drm_kms_helper(E) libata(E) ehci_pci(E) ohci_hcd(E) scsi_mod(E) forcedeth(E) ehci_hcd(E) firewire_ohci(E) usbcore(E) i2c_nforce2(E) firewire_core(E) crc_itu_t(E) drm(E) button(E)
[ 12.019474] CPU: 1 PID: 375 Comm: iptables-restor Tainted: G E 5.4.89 #1
[ 12.019475] Hardware name: Apple Inc. MacBookPro5,5/Mac-F2268AC8, BIOS MBP55.88Z.00AC.B03.0906151708 06/15/09
[ 12.019477] RIP: 0010:refcount_dec_checked+0x2e/0x40
[ 12.019479] Code: 01 00 00 00 e8 93 ff ff ff 84 c0 75 01 c3 80 3d 81 b2 ce 00 00 75 f6 48 c7 c7 b8 c4 69 be c6 05 71 b2 ce 00 01 e8 50 ed c6 ff <0f> 0b c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 54 8b 06
[ 12.019480] RSP: 0018:ffffa6e000287938 EFLAGS: 00010282
[ 12.019481] RAX: 0000000000000000 RBX: ffff8e5f68fb2918 RCX: 0000000000000006
[ 12.019482] RDX: 0000000000000007 RSI: 0000000000000086 RDI: ffff8e5f7fd17680
[ 12.019483] RBP: ffffffffc08cc140 R08: 000000000000046d R09: 0000000000000000
[ 12.019484] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8e5f68fb2900
[ 12.019485] R13: ffffffffc0890080 R14: dead000000000100 R15: ffff8e5f68fb2f00
[ 12.019487] FS: 00007fa6b9035040(0000) GS:ffff8e5f7fd00000(0000) knlGS:0000000000000000
[ 12.019488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 12.019489] CR2: 00007fffdaf3e608 CR3: 000000023acac000 CR4: 00000000000406e0
[ 12.019490] Call Trace:
[ 12.019498] __nft_match_destroy.isra.0+0x57/0x90 [nft_compat]
[ 12.019502] ? synchronize_rcu_expedited+0x2e2/0x370
[ 12.019510] nf_tables_rule_destroy+0x54/0x90 [nf_tables]
[ 12.019515] __nf_tables_abort+0x203/0x970 [nf_tables]
[ 12.019520] nf_tables_abort+0x12/0x30 [nf_tables]
[ 12.019523] nfnetlink_rcv_batch+0x306/0x8b0 [nfnetlink]
[ 12.019528] ? __nla_validate_parse+0x51/0x850
[ 12.019531] ? apparmor_capable+0x4a/0xe0
[ 12.019534] nfnetlink_rcv+0x15e/0x17c [nfnetlink]
[ 12.019537] netlink_unicast+0x1a0/0x260
[ 12.019539] netlink_sendmsg+0x232/0x400
[ 12.019542] sock_sendmsg+0x5e/0x60
[ 12.019544] ____sys_sendmsg+0x227/0x270
[ 12.019545] ? copy_msghdr_from_user+0xc8/0x170
[ 12.019547] ___sys_sendmsg+0x7c/0xc0
[ 12.019550] ? mem_cgroup_charge_statistics+0x55/0xf0
[ 12.019552] ? mem_cgroup_commit_charge+0x5c/0x180
[ 12.019554] ? security_capable+0x36/0x50
[ 12.019557] ? release_sock+0x19/0x90
[ 12.019558] ? sock_setsockopt+0xd2/0xd30
[ 12.019560] __sys_sendmsg+0x59/0xa0
[ 12.019564] do_syscall_64+0x52/0x160
[ 12.019567] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 12.019570] RIP: 0033:0x7fa6b913b2c3
[ 12.019572] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 89 54 24 1c 48
[ 12.019573] RSP: 002b:00007ffdc1bdf5a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 12.019575] RAX: ffffffffffffffda RBX: 00007ffdc1bdf5b0 RCX: 00007fa6b913b2c3
[ 12.019576] RDX: 0000000000000000 RSI: 00007ffdc1be0640 RDI: 0000000000000003
[ 12.019576] RBP: 00007ffdc1be0cc0 R08: 0000000000000004 R09: 00007fa6b917b530
[ 12.019577] R10: 00007ffdc1be062c R11: 0000000000000246 R12: 0000000000000001
[ 12.019578] R13: 000000000001f000 R14: 00007ffdc1bdf5c0 R15: 00007ffdc1be4180
[ 12.019580] ---[ end trace 863c50fa735f1d77 ]---
[ 12.019584] ------------[ cut here ]------------
[ 12.019585] refcount_t: underflow; use-after-free.
[ 12.019592] WARNING: CPU: 1 PID: 375 at lib/refcount.c:190 refcount_sub_and_test_checked+0x48/0x50
[ 12.019593] Modules linked in: xt_limit(E) xt_addrtype(E) xt_tcpudp(E) xt_conntrack(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) libcrc32c(E) nft_compat(E) nft_counter(E) firewire_sbp2(E) msr(E) parport_pc(E) ppdev(E) nf_tables(E) lp(E) nfnetlink(E) parport(E) configfs(E) fuse(E) efivarfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc32c_generic(E) crc16(E) mbcache(E) jbd2(E) crypto_simd(E) cryptd(E) glue_helper(E) hid_apple(E) uas(E) usb_storage(E) hid_appleir(E) hid_generic(E) usbhid(E) hid(E) dm_crypt(E) dm_mod(E) sd_mod(E) sr_mod(E) cdrom(E) ohci_pci(E) nouveau(E) ahci(E) libahci(E) mxm_wmi(E) wmi(E) video(E) i2c_algo_bit(E) ttm(E) drm_kms_helper(E) libata(E) ehci_pci(E) ohci_hcd(E) scsi_mod(E) forcedeth(E) ehci_hcd(E) firewire_ohci(E) usbcore(E) i2c_nforce2(E) firewire_core(E) crc_itu_t(E) drm(E) button(E)
[ 12.019616] CPU: 1 PID: 375 Comm: iptables-restor Tainted: G W E 5.4.89 #1
[ 12.019617] Hardware name: Apple Inc. MacBookPro5,5/Mac-F2268AC8, BIOS MBP55.88Z.00AC.B03.0906151708 06/15/09
[ 12.019619] RIP: 0010:refcount_sub_and_test_checked+0x48/0x50
[ 12.019620] Code: 31 e4 44 89 e0 41 5c c3 eb f8 44 0f b6 25 cb b2 ce 00 45 84 e4 75 e8 48 c7 c7 90 c4 69 be c6 05 b8 b2 ce 00 01 e8 96 ed c6 ff <0f> 0b eb d4 0f 1f 40 00 48 89 fe bf 01 00 00 00 eb a6 66 0f 1f 44
[ 12.019621] RSP: 0018:ffffa6e000287928 EFLAGS: 00010282
[ 12.019622] RAX: 0000000000000000 RBX: ffff8e5f68fb2e58 RCX: 0000000000000006
[ 12.019623] RDX: 0000000000000007 RSI: 0000000000000086 RDI: ffff8e5f7fd17680
[ 12.019624] RBP: ffffffffc08cc140 R08: 000000000000049f R09: 0000000000000000
[ 12.019625] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 12.019626] R13: ffffffffc0890080 R14: dead000000000100 R15: ffff8e5f68fb2720
[ 12.019627] FS: 00007fa6b9035040(0000) GS:ffff8e5f7fd00000(0000) knlGS:0000000000000000
[ 12.019628] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 12.019629] CR2: 00007fffdaf3e608 CR3: 000000023acac000 CR4: 00000000000406e0
[ 12.019630] Call Trace:
[ 12.019632] refcount_dec_checked+0xd/0x40
[ 12.019634] __nft_match_destroy.isra.0+0x57/0x90 [nft_compat]
[ 12.019638] nf_tables_rule_destroy+0x54/0x90 [nf_tables]
[ 12.019643] __nf_tables_abort+0x203/0x970 [nf_tables]
[ 12.019647] nf_tables_abort+0x12/0x30 [nf_tables]
[ 12.019649] nfnetlink_rcv_batch+0x306/0x8b0 [nfnetlink]
[ 12.019652] ? __nla_validate_parse+0x51/0x850
[ 12.019654] ? apparmor_capable+0x4a/0xe0
[ 12.019656] nfnetlink_rcv+0x15e/0x17c [nfnetlink]
[ 12.019658] netlink_unicast+0x1a0/0x260
[ 12.019660] netlink_sendmsg+0x232/0x400
[ 12.019662] sock_sendmsg+0x5e/0x60
[ 12.019663] ____sys_sendmsg+0x227/0x270
[ 12.019665] ? copy_msghdr_from_user+0xc8/0x170
[ 12.019667] ___sys_sendmsg+0x7c/0xc0
[ 12.019668] ? mem_cgroup_charge_statistics+0x55/0xf0
[ 12.019670] ? mem_cgroup_commit_charge+0x5c/0x180
[ 12.019671] ? security_capable+0x36/0x50
[ 12.019673] ? release_sock+0x19/0x90
[ 12.019674] ? sock_setsockopt+0xd2/0xd30
[ 12.019676] __sys_sendmsg+0x59/0xa0
[ 12.019678] do_syscall_64+0x52/0x160
[ 12.019680] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 12.019681] RIP: 0033:0x7fa6b913b2c3
[ 12.019683] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 89 54 24 1c 48
[ 12.019684] RSP: 002b:00007ffdc1bdf5a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 12.019685] RAX: ffffffffffffffda RBX: 00007ffdc1bdf5b0 RCX: 00007fa6b913b2c3
[ 12.019686] RDX: 0000000000000000 RSI: 00007ffdc1be0640 RDI: 0000000000000003
[ 12.019687] RBP: 00007ffdc1be0cc0 R08: 0000000000000004 R09: 00007fa6b917b530
[ 12.019688] R10: 00007ffdc1be062c R11: 0000000000000246 R12: 0000000000000001
[ 12.019689] R13: 000000000001f000 R14: 00007ffdc1bdf5c0 R15: 00007ffdc1be4180
[ 12.019690] ---[ end trace 863c50fa735f1d78 ]---
[ 12.040752] systemd[1]: Started Show Plymouth Boot Screen.