Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp1223737pxv; Fri, 25 Jun 2021 08:05:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJys3Og1ycVyuHrPP0R529F3zueAlbKWNEyLSyJ65+571nD11tK1pkftM/bRnud8oUrmWlNp X-Received: by 2002:a17:906:35c7:: with SMTP id p7mr11223572ejb.277.1624633530800; Fri, 25 Jun 2021 08:05:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624633530; cv=none; d=google.com; s=arc-20160816; b=bCZqMe8IDfJexJvzDOnhs3j/4R9Uk1QyUhQmezhW+w/v6g2dLWySNFQhugMjFalZBA eFlI9pHeIGnooSz8rnPKiGWBuwj2fAGgNhjyL+d4gKgM5G21MhwHcniAIIN6R/mbHafJ QhATz4bKbfd8lpyQjnvDHBjEYBHeajizDyf0Ts0tSV74oS8/1XCEst36sbt90T7elMmF teXATKhauIcdiXmKZe08dmU3ERm87sPbmmVL9jKoCD26T+85GpGp4Drtyol92Qljf9hV UH8s3UqZZl479gsBJnqaEquObNclX1LflWaVIE20f2xLJnx9eghL/VQRuZoufMLfcZzL 8YdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=T2z51HD+vQiu+BUt6KRZDSOxfsvAOMqqwGd+UoCnOWs=; b=swk2qS/Bl2WLOker1mmjZNaU+YTEGluJvkDsN+D72BI8BT2ij7EfKhUFFFWNog7PlX 2C8wmRpEjXbEmOzxzfGVfnUEB3vf1Im/wfcCCdKh1RlY4dfLXcL7xyzNvvqRNbVZa3yf WLU+suipuFilMYVR7v2uo9iKXyErxc67M9WdQCyy1MpyANMSWNCqZWlq2qFSsGgc+sKh VKsB3oMZ7ib2im7buQBf04o58dSvyyeMRshi2kKjlZhz3WJV6bjP9PGi+ZueKxfAmgqX Lkc15wJcrFYeo0zTpY/Q6QUZwkK0EdGCPdUaF75lwDS3YtMJ4CNnPf6UGFaTzFbs97eY g/3A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id hy17si6176401ejc.45.2021.06.25.08.05.07; Fri, 25 Jun 2021 08:05:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231849AbhFYPEC (ORCPT + 99 others); Fri, 25 Jun 2021 11:04:02 -0400 Received: from mail.kernel.org ([198.145.29.99]:33022 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231858AbhFYPD5 (ORCPT ); Fri, 25 Jun 2021 11:03:57 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id C42CA6197D; Fri, 25 Jun 2021 15:01:35 +0000 (UTC) Date: Fri, 25 Jun 2021 16:01:33 +0100 From: Catalin Marinas To: Rustam Kovhaev Cc: Dmitry Vyukov , Andrew Morton , Linux-MM , LKML , Greg Kroah-Hartman Subject: Re: kmemleak memory scanning Message-ID: <20210625150132.GF20835@arm.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 24, 2021 at 10:36:50AM -0700, Rustam Kovhaev wrote: > On Wed, Jun 16, 2021 at 11:25:22AM -0700, Rustam Kovhaev wrote: > > On Tue, Jun 15, 2021 at 07:15:24AM +0200, Dmitry Vyukov wrote: > > > On Mon, Jun 14, 2021 at 10:31 PM Rustam Kovhaev wrote: > > > > > > > > hello Catalin, Andrew! > > > > > > > > while troubleshooting a false positive syzbot kmemleak report i have > > > > noticed an interesting behavior in kmemleak and i wonder whether it is > > > > behavior by design and should be documented, or maybe something to > > > > improve. > > > > apologies if some of the questions do not make sense, i am still going > > > > through kmemleak code.. > > > > > > > > a) kmemleak scans struct page (kmemleak.c:1462), but it does not scan > > > > the actual contents (page_address(page)) of the page. > > > > if we allocate an object with kmalloc(), then allocate page with > > > > alloc_page(), and if we put kmalloc pointer somewhere inside that page, > > > > kmemleak will report kmalloc pointer as a false positive. > > > > should we improve kmemleak and make it scan page contents? > > > > or will this bring too many false negatives? > > > > > > Hi Rustam, > > > > > > Nice debugging! > > > I assume lots of pages are allocated for slab and we don't want to > > > scan the whole page if only a few slab objects are alive on the page. > > > However alloc_pages() can be called by end kernel code as well. > > > I grepped for any kmemleak annotations around existing calls to > > > alloc_pages, but did not find any... > > > Does it require an explicit kmemleak_alloc() after allocating the page > > > and kmemleak_free () before freeing the page? > > > > hi Dmitry, thank you! > > yes, as Catalin has pointed out, there are a few places where we call > > kmemleak_alloc()/kmemleak_free() explicitly in order for the pages to be > > scanned, like in blk_mq_alloc_rqs() > > > > > If there are more than one use case for this, I guess we could add > > > some GFP flag for this maybe. > > > > and this way kernel users won't have to use kmemleak fuctions mentioned > > above including some or most kmemleak_not_leak() calls and basically > > kmemleak will be kind of "transparent" to them? and they will only need > > to use the GFP flag to instruct kmemleak to scan the page contents? > > it sounds like a good idea to me.. > > > > i've been thinking about this and it seems like in the scenario where we > want kmemleak to scan only some part of the page, we will have to either > do separate alloc_page() calls with different flags or use > kmemleak_scan_area() to limit the memory scan area. maybe this approach > won't simplify things and will produce more code instead of reducing it Since page allocation is not tracked by kmemleak, you can always do an explicit kmemleak_alloc() call with a smaller size than a full page. -- Catalin