kmemleak not always catching stuff

From: Steven Rostedt
Date: Fri Sep 01 2017 - 18:33:22 EST


Hi,

Recently kmemleak discovered a bug in my code where an allocated
trampoline for a ftrace function tracer wasn't freed due to an exit
path. The thing is, kmemleak was able to catch this 100% when it was
triggered by one of my ftrace selftests that happen at bootup. But when
I trigger the issue from user space after bootup finished, it would not
catch it.

Now I was thinking that it may be due to the fact that the trampoline
is allocated with module_alloc(), and that has some magic kasan goo in
it. But when forcing the issue with adding the following code:

void **pblah;
void *blah;

pblah = kmalloc(sizeof(*pblah), GFP_KERNEL);
blah = module_alloc(PAGE_SIZE);
*pblah = blah;
printk("allocated blah %p\n", blah);
kfree(pblah);

in a path that I could control, it would catch it only after doing it
several times. I was never able to have kmemleak catch the actual bug
from user space no matter how many times I triggered it.

# dmesg |grep kmemleak
[ 16.746832] kmemleak: Kernel memory leak detector initialized
[ 16.746888] kmemleak: Automatic memory scanning thread started

And then I would do:

# echo scan=on > /sys/kernel/debug/kmemleak

[do the test]

# echo scan > /sys/kernel/debug/kmemleak

Most of the times it found nothing. Even when I switched the above from
module_alloc() to kmalloc().

Is this normal?

-- Steve