From: Catalin Marinas <catalin.marinas@arm.com>
To: "Paul E. McKenney" <paulmck@kernel.org>
Cc: Joel Fernandes <joel@joelfernandes.org>,
Christoph Paasch <cpaasch@apple.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, MPTCP Upstream <mptcp@lists.linux.dev>,
rcu@vger.kernel.org
Subject: Re: kmemleak handling of kfree_rcu
Date: Wed, 6 Sep 2023 22:37:40 +0100 [thread overview]
Message-ID: <ZPjxJJjuHJbPVyfT@arm.com> (raw)
In-Reply-To: <24f3d4fc-56c0-46bd-8e5b-af57f09fa777@paulmck-laptop>
On Wed, Sep 06, 2023 at 12:11:12PM -0700, Paul E. McKenney wrote:
> On Wed, Sep 06, 2023 at 06:15:49PM +0100, Catalin Marinas wrote:
> > On Wed, Sep 06, 2023 at 02:35:29PM +0000, Joel Fernandes wrote:
> > > On Tue, Sep 05, 2023 at 03:41:32PM +0100, Catalin Marinas wrote:
> > > > On Tue, Sep 05, 2023 at 11:17:25AM +0000, Joel Fernandes wrote:
> > > > > The correct fix then should probably be to mark the object as
> > > > > kmemleak_not_leak() until a grace period elapses. This will cause the object
> > > > > to not be reported but still be scanned until eventually the lower layers
> > > > > will remove the object from kmemleak-tracking after the grace period. Per the
> > > > > docs also, that API is used to prevent false-positives.
> > > >
> > > > This should work as well but I'd use kmemleak_ignore() instead of
> > > > kmemleak_not_leak(). The former, apart from masking the false positive,
> > > > also tells kmemleak not to scan the object. After a kvfree_rcu(), the
> > > > object shouldn't have any valid references to other objects, so not
> > > > worth scanning.
> > >
> > > Yes I am also OK with that, however to me I consider the object as alive as
> > > long as the grace period does not end. But I agree with you and it may not be
> > > worth tracking them or scanning them.
> >
> > I guess from an RCU perspective, the object is still alive. From the
> > kvfree_rcu() caller perspective though, it can disappear at any point
> > after the grace period, so it shouldn't rely on its content being valid
> > and referencing other objects (other than transiently e.g. in RCU list
> > traversal).
> >
> > It probably only matters if we have some very long grace periods (I'm
> > not up to date with the recent RCU developments). In such cases, the
> > object still being scanned could introduce false negatives. That's my
> > reasoning for suggesting kmemleak_ignore() rather than
> > kmemleak_not_leak().
>
> Very long RCU readers still result in very long RCU grace periods. And,
> after some tens of seconds, RCU CPU stall warnings. So don't let your
> RCU readers run for that long. But you knew that already. ;-)
That's still ok. I was more thinking of deferred freeing well past the
RCU readers completing.
> > @@ -3388,6 +3389,14 @@ void kvfree_call_rcu(struct rcu_head *head, void *ptr)
> > success = true;
> > }
> >
> > + /*
> > + * The kvfree_rcu() caller considers the pointer freed at this point
> > + * and likely removes any references to it. Since the the actual slab
> > + * freeing (and kmemleak_free()) is deferred, tell kmemleak to ignore
> > + * this object (no scanning or false positives reporting).
> > + */
> > + kmemleak_ignore(ptr);
>
> Do we want to un-ignore it at the end of the grace period? Or will that
> happen automatically when it is passed to kfree()? (My guess is that
> the answer to both questions is "yes", but I figured that I should ask.)
No need to un-ignore. This function only tells kmemleak it's not a
leak and doesn't have any interesting data to scan. Kmemleak still keeps
track of it until properly freed.
--
Catalin
next prev parent reply other threads:[~2023-09-06 21:37 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-30 16:37 Christoph Paasch
2023-09-04 21:22 ` Catalin Marinas
2023-09-05 11:17 ` Joel Fernandes
2023-09-05 14:41 ` Catalin Marinas
2023-09-06 14:35 ` Joel Fernandes
2023-09-06 17:15 ` Catalin Marinas
2023-09-06 19:11 ` Paul E. McKenney
2023-09-06 21:37 ` Catalin Marinas [this message]
2023-09-06 22:02 ` Paul E. McKenney
2023-09-06 23:10 ` Joel Fernandes
2023-09-12 13:15 ` Matthieu Baerts
2023-09-12 13:32 ` Joel Fernandes
2023-09-05 21:22 ` Christoph Paasch
2023-09-06 17:21 ` Catalin Marinas
2023-09-10 23:10 ` Joel Fernandes
2023-09-11 17:41 ` Christoph Paasch
2023-09-12 9:52 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZPjxJJjuHJbPVyfT@arm.com \
--to=catalin.marinas@arm.com \
--cc=akpm@linux-foundation.org \
--cc=cpaasch@apple.com \
--cc=joel@joelfernandes.org \
--cc=linux-mm@kvack.org \
--cc=mptcp@lists.linux.dev \
--cc=paulmck@kernel.org \
--cc=rcu@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox