Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3540570pxj;
        Tue, 15 Jun 2021 03:16:11 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxmwMScDhfx3peydVG+SD0HozDcobtuONzXB6VGb07R0+trK6wcDC4R6NDW9dYy1uItHLtL
X-Received: by 2002:a02:8807:: with SMTP id r7mr21313792jai.12.1623752171546;
        Tue, 15 Jun 2021 03:16:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1623752171; cv=none;
        d=google.com; s=arc-20160816;
        b=QVmL9S571Em/vFWWcUivru6SP8oqgrRD0uOuxP42eiz2ff5QZqu4U/KKz2uanXxL0B
         tY9tF67oyzgutn8jpomej9VqjMdxsZ70x+s7aqHSDlVV17sJ4yhnpzu1JdM7Um7INjKd
         iSbmo0K8ac4uvbm5Mg4oSDTUqtVI9DumRFoDIBGDlboGOv6AXc08Z/ngPuw0yl1dxI2Y
         E48K8VX9Z9xEGpEhAg8+9xNXX+KyZWSFhX+c/bkaPwtDz5liL3EWvx46UzknHUpicaJJ
         OKBBFq0OIpPelUOU3qV+BuovMc5jKpaegslD+9vlQcMfC+Sm3oxl4gFdjwfObF+ROhHK
         jbSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=hGBYdiahzf5+ulYu1R9PsZncCVKVAo9lVYBazkWeBfc=;
        b=EW3gvnM2Tgm3YzJiFD96HK93pP/L5R2NHVUduEvoMtdWYtYG2m9kznp2b6DMvSoVsb
         pRqxzO82DYmNm/3SuhN1k7b/XstEpmGsQafez2zZ3RSKO7aqWrgxJfdCa5KIZ4C3waua
         97yAQgQHqEuPILhePFs1nTXTFihn6iY0DY4xpQSp7V5W3BLH4Q3LImOh2eSBW6tZmT3G
         4/1C/Nn8ursY7WtsO2JnyBx+TBs55ZZEBMk/tIRzlDZhrzE4V7jRiFikd8n7VAKTBlGX
         3Gl5pIzO2q0o5QXviQWwptjkpCNWvoAGwkg53WIw83iRtAM41cXY8ODy9tDAXPO/GiNo
         +0dw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m12si18563943ild.137.2021.06.15.03.15.59;
        Tue, 15 Jun 2021 03:16:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231403AbhFOKRY (ORCPT <rfc822;lwx169@gmail.com> + 99 others);
        Tue, 15 Jun 2021 06:17:24 -0400
Received: from mail.kernel.org ([198.145.29.99]:36224 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S231289AbhFOKRX (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 15 Jun 2021 06:17:23 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 51BB861443;
        Tue, 15 Jun 2021 10:15:18 +0000 (UTC)
Date:   Tue, 15 Jun 2021 11:15:15 +0100
From:   Catalin Marinas <catalin.marinas@arm.com>
To:     Rustam Kovhaev <rkovhaev@gmail.com>
Cc:     Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org, dvyukov@google.com,
        gregkh@linuxfoundation.org
Subject: Re: kmemleak memory scanning
Message-ID: <20210615101515.GC26027@arm.com>
References: <YMe8ktUsdtwFKHuF@nuc10>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YMe8ktUsdtwFKHuF@nuc10>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Rustam,

On Mon, Jun 14, 2021 at 01:31:14PM -0700, Rustam Kovhaev wrote:
> a) kmemleak scans struct page (kmemleak.c:1462), but it does not scan
> the actual contents (page_address(page)) of the page.
> if we allocate an object with kmalloc(), then allocate page with
> alloc_page(), and if we put kmalloc pointer somewhere inside that page, 
> kmemleak will report kmalloc pointer as a false positive.
> should we improve kmemleak and make it scan page contents?
> or will this bring too many false negatives?

This is indeed on purpose otherwise (1) we'd get a lot of false
negatives and (2) the scanning would take significantly longer. There
are a lot more pages allocated for user processes than used in the
kernel, we don't need to scan them all.

We do have a few places where we explicitly call kmemleak_alloc():
neigh_hash_alloc(), alloc_page_ext(), blk_mq_alloc_rqs(),
early_amd_iommu_init().

> b) when kmemleak object gets created (kmemleak.c:598) it gets checksum
> of 0, by the time user requests kmemleak "scan" via debugfs the pointer
> will be most likely changed to some value by the kernel and during
> first scan kmemleak won't report the object as orphan even if it did not
> find any reference to it, because it will execute update_checksum() and
> after that will proceed to updating object->count (kmemleak.c:1502).
> and so the user will have to initiate a second "scan" via debugfs and
> only then kmemleak will produce the report.
> should we document this?

That's a mitigation against false positives. Lot's of objects that get
allocated just prior to a memory scan have a tendency to be reported as
leaks before they get referenced via e.g. a list (and the in-object
list_head structure updated). So you'd need to get the checksum
identical in two consecutive scans to report it as a leak.

We should probably document this.

-- 
Catalin