[thirdparty/kernel/stable-queue.git] / releases / 4.14.111 / mm-slab.c-kmemleak-no-scan-alien-caches.patch

From 158cc58764359f2b91f5183fdd38244eea303c7a Mon Sep 17 00:00:00 2001
From: Qian Cai <cai@lca.pw>
Date: Tue, 5 Mar 2019 15:42:03 -0800
Subject: mm/slab.c: kmemleak no scan alien caches

[ Upstream commit 92d1d07daad65c300c7d0b68bbef8867e9895d54 ]

Kmemleak throws endless warnings during boot due to in
__alloc_alien_cache(),

    alc = kmalloc_node(memsize, gfp, node);
    init_arraycache(&alc->ac, entries, batch);
    kmemleak_no_scan(ac);

Kmemleak does not track the array cache (alc->ac) but the alien cache
(alc) instead, so let it track the latter by lifting kmemleak_no_scan()
out of init_arraycache().

There is another place that calls init_arraycache(), but
alloc_kmem_cache_cpus() uses the percpu allocation where will never be
considered as a leak.

  kmemleak: Found object by alias at 0xffff8007b9aa7e38
  CPU: 190 PID: 1 Comm: swapper/0 Not tainted 5.0.0-rc2+ #2
  Call trace:
   dump_backtrace+0x0/0x168
   show_stack+0x24/0x30
   dump_stack+0x88/0xb0
   lookup_object+0x84/0xac
   find_and_get_object+0x84/0xe4
   kmemleak_no_scan+0x74/0xf4
   setup_kmem_cache_node+0x2b4/0x35c
   __do_tune_cpucache+0x250/0x2d4
   do_tune_cpucache+0x4c/0xe4
   enable_cpucache+0xc8/0x110
   setup_cpu_cache+0x40/0x1b8
   __kmem_cache_create+0x240/0x358
   create_cache+0xc0/0x198
   kmem_cache_create_usercopy+0x158/0x20c
   kmem_cache_create+0x50/0x64
   fsnotify_init+0x58/0x6c
   do_one_initcall+0x194/0x388
   kernel_init_freeable+0x668/0x688
   kernel_init+0x18/0x124
   ret_from_fork+0x10/0x18
  kmemleak: Object 0xffff8007b9aa7e00 (size 256):
  kmemleak:   comm "swapper/0", pid 1, jiffies 4294697137
  kmemleak:   min_count = 1
  kmemleak:   count = 0
  kmemleak:   flags = 0x1
  kmemleak:   checksum = 0
  kmemleak:   backtrace:
       kmemleak_alloc+0x84/0xb8
       kmem_cache_alloc_node_trace+0x31c/0x3a0
       __kmalloc_node+0x58/0x78
       setup_kmem_cache_node+0x26c/0x35c
       __do_tune_cpucache+0x250/0x2d4
       do_tune_cpucache+0x4c/0xe4
       enable_cpucache+0xc8/0x110
       setup_cpu_cache+0x40/0x1b8
       __kmem_cache_create+0x240/0x358
       create_cache+0xc0/0x198
       kmem_cache_create_usercopy+0x158/0x20c
       kmem_cache_create+0x50/0x64
       fsnotify_init+0x58/0x6c
       do_one_initcall+0x194/0x388
       kernel_init_freeable+0x668/0x688
       kernel_init+0x18/0x124
  kmemleak: Not scanning unknown object at 0xffff8007b9aa7e38
  CPU: 190 PID: 1 Comm: swapper/0 Not tainted 5.0.0-rc2+ #2
  Call trace:
   dump_backtrace+0x0/0x168
   show_stack+0x24/0x30
   dump_stack+0x88/0xb0
   kmemleak_no_scan+0x90/0xf4
   setup_kmem_cache_node+0x2b4/0x35c
   __do_tune_cpucache+0x250/0x2d4
   do_tune_cpucache+0x4c/0xe4
   enable_cpucache+0xc8/0x110
   setup_cpu_cache+0x40/0x1b8
   __kmem_cache_create+0x240/0x358
   create_cache+0xc0/0x198
   kmem_cache_create_usercopy+0x158/0x20c
   kmem_cache_create+0x50/0x64
   fsnotify_init+0x58/0x6c
   do_one_initcall+0x194/0x388
   kernel_init_freeable+0x668/0x688
   kernel_init+0x18/0x124
   ret_from_fork+0x10/0x18

Link: http://lkml.kernel.org/r/20190129184518.39808-1-cai@lca.pw
Fixes: 1fe00d50a9e8 ("slab: factor out initialization of array cache")
Signed-off-by: Qian Cai <cai@lca.pw>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 mm/slab.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/mm/slab.c b/mm/slab.c
index 09df506ae830..f4658468b23e 100644
--- a/mm/slab.c
+++ b/mm/slab.c
@@ -563,14 +563,6 @@ static void start_cpu_timer(int cpu)
 
 static void init_arraycache(struct array_cache *ac, int limit, int batch)
 {
-	/*
-	 * The array_cache structures contain pointers to free object.
-	 * However, when such objects are allocated or transferred to another
-	 * cache the pointers are not cleared and they could be counted as
-	 * valid references during a kmemleak scan. Therefore, kmemleak must
-	 * not scan such objects.
-	 */
-	kmemleak_no_scan(ac);
 	if (ac) {
 		ac->avail = 0;
 		ac->limit = limit;
@@ -586,6 +578,14 @@ static struct array_cache *alloc_arraycache(int node, int entries,
 	struct array_cache *ac = NULL;
 
 	ac = kmalloc_node(memsize, gfp, node);
+	/*
+	 * The array_cache structures contain pointers to free object.
+	 * However, when such objects are allocated or transferred to another
+	 * cache the pointers are not cleared and they could be counted as
+	 * valid references during a kmemleak scan. Therefore, kmemleak must
+	 * not scan such objects.
+	 */
+	kmemleak_no_scan(ac);
 	init_arraycache(ac, entries, batchcount);
 	return ac;
 }
@@ -680,6 +680,7 @@ static struct alien_cache *__alloc_alien_cache(int node, int entries,
 
 	alc = kmalloc_node(memsize, gfp, node);
 	if (alc) {
+		kmemleak_no_scan(alc);
 		init_arraycache(&alc->ac, entries, batch);
 		spin_lock_init(&alc->lock);
 	}
-- 
2.19.1
Commit	Line	Data
04fd09d4 SL	1	From 158cc58764359f2b91f5183fdd38244eea303c7a Mon Sep 17 00:00:00 2001
	2	From: Qian Cai <cai@lca.pw>
	3	Date: Tue, 5 Mar 2019 15:42:03 -0800
	4	Subject: mm/slab.c: kmemleak no scan alien caches
	5
	6	[ Upstream commit 92d1d07daad65c300c7d0b68bbef8867e9895d54 ]
	7
	8	Kmemleak throws endless warnings during boot due to in
	9	__alloc_alien_cache(),
	10
	11	alc = kmalloc_node(memsize, gfp, node);
	12	init_arraycache(&alc->ac, entries, batch);
	13	kmemleak_no_scan(ac);
	14
	15	Kmemleak does not track the array cache (alc->ac) but the alien cache
	16	(alc) instead, so let it track the latter by lifting kmemleak_no_scan()
	17	out of init_arraycache().
	18
	19	There is another place that calls init_arraycache(), but
	20	alloc_kmem_cache_cpus() uses the percpu allocation where will never be
	21	considered as a leak.
	22
	23	kmemleak: Found object by alias at 0xffff8007b9aa7e38
	24	CPU: 190 PID: 1 Comm: swapper/0 Not tainted 5.0.0-rc2+ #2
	25	Call trace:
	26	dump_backtrace+0x0/0x168
	27	show_stack+0x24/0x30
	28	dump_stack+0x88/0xb0
	29	lookup_object+0x84/0xac
	30	find_and_get_object+0x84/0xe4
	31	kmemleak_no_scan+0x74/0xf4
	32	setup_kmem_cache_node+0x2b4/0x35c
	33	__do_tune_cpucache+0x250/0x2d4
	34	do_tune_cpucache+0x4c/0xe4
	35	enable_cpucache+0xc8/0x110
	36	setup_cpu_cache+0x40/0x1b8
	37	__kmem_cache_create+0x240/0x358
	38	create_cache+0xc0/0x198
	39	kmem_cache_create_usercopy+0x158/0x20c
	40	kmem_cache_create+0x50/0x64
	41	fsnotify_init+0x58/0x6c
	42	do_one_initcall+0x194/0x388
	43	kernel_init_freeable+0x668/0x688
	44	kernel_init+0x18/0x124
	45	ret_from_fork+0x10/0x18
	46	kmemleak: Object 0xffff8007b9aa7e00 (size 256):
	47	kmemleak: comm "swapper/0", pid 1, jiffies 4294697137
	48	kmemleak: min_count = 1
	49	kmemleak: count = 0
	50	kmemleak: flags = 0x1
	51	kmemleak: checksum = 0
	52	kmemleak: backtrace:
	53	kmemleak_alloc+0x84/0xb8
	54	kmem_cache_alloc_node_trace+0x31c/0x3a0
	55	__kmalloc_node+0x58/0x78
	56	setup_kmem_cache_node+0x26c/0x35c
	57	__do_tune_cpucache+0x250/0x2d4
	58	do_tune_cpucache+0x4c/0xe4
	59	enable_cpucache+0xc8/0x110
	60	setup_cpu_cache+0x40/0x1b8
	61	__kmem_cache_create+0x240/0x358
	62	create_cache+0xc0/0x198
	63	kmem_cache_create_usercopy+0x158/0x20c
	64	kmem_cache_create+0x50/0x64
65	fsnotify_init+0x58/0x6c
66	do_one_initcall+0x194/0x388
67	kernel_init_freeable+0x668/0x688
68	kernel_init+0x18/0x124
69	kmemleak: Not scanning unknown object at 0xffff8007b9aa7e38
70	CPU: 190 PID: 1 Comm: swapper/0 Not tainted 5.0.0-rc2+ #2
71	Call trace:
72	dump_backtrace+0x0/0x168
73	show_stack+0x24/0x30
74	dump_stack+0x88/0xb0
75	kmemleak_no_scan+0x90/0xf4
76	setup_kmem_cache_node+0x2b4/0x35c
77	__do_tune_cpucache+0x250/0x2d4
78	do_tune_cpucache+0x4c/0xe4
79	enable_cpucache+0xc8/0x110
80	setup_cpu_cache+0x40/0x1b8
81	__kmem_cache_create+0x240/0x358
82	create_cache+0xc0/0x198
83	kmem_cache_create_usercopy+0x158/0x20c
84	kmem_cache_create+0x50/0x64
85	fsnotify_init+0x58/0x6c
86	do_one_initcall+0x194/0x388
87	kernel_init_freeable+0x668/0x688
88	kernel_init+0x18/0x124
89	ret_from_fork+0x10/0x18
90
91	Link: http://lkml.kernel.org/r/20190129184518.39808-1-cai@lca.pw
92	Fixes: 1fe00d50a9e8 ("slab: factor out initialization of array cache")
93	Signed-off-by: Qian Cai <cai@lca.pw>
94	Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
95	Cc: Christoph Lameter <cl@linux.com>
96	Cc: Pekka Enberg <penberg@kernel.org>
97	Cc: David Rientjes <rientjes@google.com>
98	Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
99	Cc: Catalin Marinas <catalin.marinas@arm.com>
100	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
101	Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
102	Signed-off-by: Sasha Levin <sashal@kernel.org>
103	---
104	mm/slab.c \| 17 +++++++++--------
105	1 file changed, 9 insertions(+), 8 deletions(-)
106
107	diff --git a/mm/slab.c b/mm/slab.c
108	index 09df506ae830..f4658468b23e 100644
109	--- a/mm/slab.c
110	+++ b/mm/slab.c
111	@@ -563,14 +563,6 @@ static void start_cpu_timer(int cpu)
112
113	static void init_arraycache(struct array_cache *ac, int limit, int batch)
114	{
115	- /*
116	- * The array_cache structures contain pointers to free object.
117	- * However, when such objects are allocated or transferred to another
118	- * cache the pointers are not cleared and they could be counted as
119	- * valid references during a kmemleak scan. Therefore, kmemleak must
120	- * not scan such objects.
121	- */
122	- kmemleak_no_scan(ac);
123	if (ac) {
124	ac->avail = 0;
125	ac->limit = limit;
126	@@ -586,6 +578,14 @@ static struct array_cache *alloc_arraycache(int node, int entries,
127	struct array_cache *ac = NULL;
128
129	ac = kmalloc_node(memsize, gfp, node);
130	+ /*
131	+ * The array_cache structures contain pointers to free object.
132	+ * However, when such objects are allocated or transferred to another
133	+ * cache the pointers are not cleared and they could be counted as
134	+ * valid references during a kmemleak scan. Therefore, kmemleak must
135	+ * not scan such objects.
136	+ */
137	+ kmemleak_no_scan(ac);
138	init_arraycache(ac, entries, batchcount);
139	return ac;
140	}
141	@@ -680,6 +680,7 @@ static struct alien_cache *__alloc_alien_cache(int node, int entries,
142
143	alc = kmalloc_node(memsize, gfp, node);
144	if (alc) {
145	+ kmemleak_no_scan(alc);
146	init_arraycache(&alc->ac, entries, batch);
147	spin_lock_init(&alc->lock);
148	}
149	--
150	2.19.1
151