Re: [BUG] kmemleak on __radix_tree_preload

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Catalin Marinas <catalin.marinas@arm.com>
To: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>,
	"Linux Kernel, Mailing List" <linux-kernel@vger.kernel.org>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>
Subject: Re: [BUG] kmemleak on __radix_tree_preload
Date: Wed, 7 May 2014 12:39:28 +0100	[thread overview]
Message-ID: <20140507113928.GB17253@arm.com> (raw)
In-Reply-To: <1399431488.13268.29.camel@kjgkr>

On Wed, May 07, 2014 at 03:58:08AM +0100, Jaegeuk Kim wrote:
> And then when I tested again with Catalin's patch, it still throws the
> following warning.
> Is it false alarm?

BTW, you can try this kmemleak branch:

git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64.git kmemleak

> unreferenced object 0xffff880004226da0 (size 576):
>   comm "fsstress", pid 14590, jiffies 4295191259 (age 706.308s)
>   hex dump (first 32 bytes):
>     01 00 00 00 81 ff ff ff 00 00 00 00 00 00 00 00  ................
>     50 89 34 81 ff ff ff ff b8 6d 22 04 00 88 ff ff  P.4......m".....
>   backtrace:
>     [<ffffffff816c02e8>] kmemleak_update_trace+0x58/0x80
>     [<ffffffff81349517>] radix_tree_node_alloc+0x77/0xa0
>     [<ffffffff81349718>] __radix_tree_create+0x1d8/0x230
>     [<ffffffff8113286c>] __add_to_page_cache_locked+0x9c/0x1b0
>     [<ffffffff811329a8>] add_to_page_cache_lru+0x28/0x80
>     [<ffffffff81132f58>] grab_cache_page_write_begin+0x98/0xf0
>     [<ffffffffa02e4bf4>] f2fs_write_begin+0xb4/0x3c0 [f2fs]
>     [<ffffffff81131b77>] generic_perform_write+0xc7/0x1c0
>     [<ffffffff81133b7d>] __generic_file_aio_write+0x1cd/0x3f0
>     [<ffffffff81133dfe>] generic_file_aio_write+0x5e/0xe0
>     [<ffffffff81195c5a>] do_sync_write+0x5a/0x90
>     [<ffffffff811968d2>] vfs_write+0xc2/0x1d0
>     [<ffffffff81196daf>] SyS_write+0x4f/0xb0
>     [<ffffffff816dead2>] system_call_fastpath+0x16/0x1b
>     [<ffffffffffffffff>] 0xffffffffffffffff

OK, it shows that the allocation happens via add_to_page_cache_locked()
and I guess it's page_cache_tree_insert() which calls
__radix_tree_create() (the latter reusing the preloaded node). I'm not
familiar enough to this code (radix-tree.c and filemap.c) to tell where
the node should have been freed, who keeps track of it.

At a quick look at the hex dump (assuming that the above leak is struct
radix_tree_node):

	.path = 1
	.count = -0x7f (or 0xffffff81 as unsigned int)
	union {
		{
			.parent = NULL
			.private_data = 0xffffffff81348950
		}
		{
			.rcu_head.next = NULL
			.rcu_head.func = 0xffffffff81348950
		}
	}

The count is a bit suspicious.

>From the union, it looks most likely like rcu_head information. Is
radix_tree_node_rcu_free() function at the above rcu_head.func?

Could you please send us your .config file?

Also, if you run echo scan > /sys/kernel/debug/kmemleak a few times, do
any of the above leaks disappear (in case the above are some transient
rcu freeing reports; normally this shouldn't happen as the objects are
still referred but I'll look at the relevant code once I have your
.config).

Thanks.

-- 
Catalin

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

next prev parent reply	other threads:[~2014-05-07 11:40 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-04-25  1:45 Jaegeuk Kim
2014-05-01 17:06 ` Catalin Marinas
2014-05-01 18:41   ` Johannes Weiner
2014-05-07  2:58     ` Jaegeuk Kim
2014-05-07 11:39       ` Catalin Marinas [this message]
2014-05-08  9:16         ` Jaegeuk Kim
2014-05-08  9:26           ` Catalin Marinas
2014-05-08  9:37             ` Jaegeuk Kim
2014-05-08 10:24               ` Catalin Marinas
2014-05-08 15:00                 ` Paul E. McKenney
2014-05-08 15:29                   ` Catalin Marinas
2014-05-08 15:53                     ` Paul E. McKenney
2014-05-08 16:52                       ` Catalin Marinas
2014-05-09  0:06                         ` Jaegeuk Kim
2014-05-08 17:52                       ` Johannes Weiner
2014-05-08 21:40                         ` Catalin Marinas
2014-05-09  0:01                     ` Jaegeuk Kim
2014-05-09  9:45                       ` Catalin Marinas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140507113928.GB17253@arm.com \
    --to=catalin.marinas@arm.com \
    --cc=hannes@cmpxchg.org \
    --cc=jaegeuk.kim@samsung.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox