Re: [PATCH 2.6.17-rc4 1/6] Base support for kmemleak

From: Ingo Molnar <mingo@elte.hu>
To: Catalin Marinas <catalin.marinas@gmail.com>
Cc: Andi Kleen <ak@suse.de>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2.6.17-rc4 1/6] Base support for kmemleak
Date: Fri, 26 May 2006 19:47:23 +0200	[thread overview]
Message-ID: <20060526174723.GD30208@elte.hu> (raw)
In-Reply-To: <b0943d9e0605260937j5a86d4dr4adcae6fc35c73fa@mail.gmail.com>

* Catalin Marinas <catalin.marinas@gmail.com> wrote:

> A problem I'm facing (also because I'm not familiar with the other 
> architectures) is detecting the effective stack boundaries of the 
> threads running or waiting in kernel mode. Scanning the whole stack 
> (8K) hides some possible leaks (because of no longer used local 
> variables) and not scanning the list at all can lead to false 
> positives. I would need to investigate this a bit more.

i was thinking about this too, and i wanted to suggest a different 
solution here: you could build a list of "temporary" objects that only 
get registered with the memleak proper once a thread exits a system call 
(or once a kernel thread goes back to its main loop). This means a 
(lightweight) callback in the syscall exit (or irq exit) path. This way 
you'd not have to scan kernel stacks at all, only .data and the objects 
themselves.

the stack boundary rules can be quite complex: for example on x86_64 you 
can have a pretty complex nesting of exception, interrupt and process 
stacks. In fact on SMP we dont even know the precise stack boundary for 
tasks that are running on some other CPU. [because we have no snapshot 
of their register state]

avoiding the scanning of the kernel stacks gets rid of some of the 
biggest source of natural entropy. (they contain strings and all sorts 
of other binary data that could accidentally match up with a kernel 
pointer)

	Ingo