Re: [PATCH v4] kmemleak: survive in a low-memory situation

From: Michal Hocko
Date: Wed Mar 27 2019 - 04:44:41 EST


On Tue 26-03-19 20:59:48, Qian Cai wrote:
[...]
> Unless there is a brave soul to reimplement the kmemleak to embed it's
> metadata into the tracked memory itself in a foreseeable future, this
> provides a good balance between enabling kmemleak in a low-memory
> situation and not introducing too much hackiness into the existing
> code for now. Another approach is to fail back the original allocation
> once kmemleak_alloc() failed, but there are too many call sites to
> deal with which makes it error-prone.

As long as there is an implicit __GFP_NOFAIL then kmemleak is simply
broken no matter what other gfp flags you play with. Has anybody looked
at some sort of preallocation where gfpflags_allow_blocking context
allocate objects into a pool that non-sleeping allocations can eat from?

> kmemleak: Cannot allocate a kmemleak_object structure
> kmemleak: Kernel memory leak detector disabled
> kmemleak: Automatic memory scanning thread ended
> RIP: 0010:__alloc_pages_nodemask+0x242a/0x2ab0
> Call Trace:
> allocate_slab+0x4d9/0x930
> new_slab+0x46/0x70
> ___slab_alloc+0x5d3/0x9c0
> __slab_alloc+0x12/0x20
> kmem_cache_alloc+0x30a/0x360
> create_object+0x96/0x9a0
> kmemleak_alloc+0x71/0xa0
> kmem_cache_alloc+0x254/0x360
> mempool_alloc_slab+0x3f/0x60
> mempool_alloc+0x120/0x329
> bio_alloc_bioset+0x1a8/0x510
> get_swap_bio+0x107/0x470
> __swap_writepage+0xab4/0x1650
> swap_writepage+0x86/0xe0
>
> Signed-off-by: Qian Cai <cai@xxxxxx>
> ---
>
> v4: Update the commit log.
> Fix a typo in comments per Christ.
> Consolidate the allocation.
> v3: Update the commit log.
> Simplify the code inspired by graph_trace_open() from ftrace.
> v2: Remove the needless checking for NULL objects in slab_post_alloc_hook()
> per Catalin.
>
> mm/kmemleak.c | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/mm/kmemleak.c b/mm/kmemleak.c
> index a2d894d3de07..7f4545ab1f84 100644
> --- a/mm/kmemleak.c
> +++ b/mm/kmemleak.c
> @@ -580,7 +580,16 @@ static struct kmemleak_object *create_object(unsigned long ptr, size_t size,
> struct rb_node **link, *rb_parent;
> unsigned long untagged_ptr;
>
> - object = kmem_cache_alloc(object_cache, gfp_kmemleak_mask(gfp));
> + /*
> + * The tracked memory was allocated successful, if the kmemleak object
> + * failed to allocate for some reasons, it ends up with the whole
> + * kmemleak disabled, so try it harder.
> + */
> + gfp = (in_atomic() || irqs_disabled()) ?
> + gfp_kmemleak_mask(gfp) | GFP_ATOMIC :
> + gfp_kmemleak_mask(gfp) | __GFP_DIRECT_RECLAIM;


The comment for in_atomic says:
* Are we running in atomic context? WARNING: this macro cannot
* always detect atomic context; in particular, it cannot know about
* held spinlocks in non-preemptible kernels. Thus it should not be
* used in the general case to determine whether sleeping is possible.
* Do not use in_atomic() in driver code.

--
Michal Hocko
SUSE Labs