Re: [PATCH v4 1/4] mm/slub: enable debugging memory wasting of kmalloc

[Feng Tang <feng.tang@intel.com>]

On Mon, Sep 05, 2022 at 02:29:51PM +0800, Vlastimil Babka wrote:
> On 9/5/22 04:55, Feng Tang wrote:
> > On Sun, Sep 04, 2022 at 06:58:49PM +0800, Hyeonggon Yoo wrote:
> >> On Sun, Sep 04, 2022 at 05:42:33PM +0800, Feng Tang wrote:
> >> > On Sun, Sep 04, 2022 at 05:03:34PM +0800, Hyeonggon Yoo wrote:
> >> > [...]
> >> > > > > 
> >> > > > > This patch is okay but with patch 4, init_object() initializes redzone/poison area
> >> > > > > using s->object_size, and init_kmalloc_object() fixes redzone/poison area using orig_size.
> >> > > > > Why not do it in init_object() in the first time?
> >> > > > > 
> >> > > > > Also, updating redzone/poison area after alloc_single_from_new_slab()
> >> > > > > (outside list_lock, after adding slab to list) will introduce races with validation.
> >> > > > > 
> >> > > > > So I think doing set_orig_size()/init_kmalloc_object() in alloc_debug_processing() would make more sense.
> >> > > > 
> >> > > > Yes, this makes sense, and in v3, kmalloc redzone/poison setup was
> >> > > > done in alloc_debug_processing() (through init_object()). When
> >> > > > rebasing to v4, I met the classical problem: how to pass 'orig_size'
> >> > > > parameter :)
> >> > > > 
> >> > > > In latest 'for-next' branch, one call path for alloc_debug_processing()
> >> > > > is
> >> > > >   ___slab_alloc
> >> > > >     get_partial
> >> > > >       get_any_partial
> >> > > >         get_partial_node
> >> > > >           alloc_debug_processing
> >> > > > 
> >> > > > Adding 'orig_size' paramter to all these function looks horrible, and
> >> > > > I couldn't figure out a good way and chosed to put those ops after
> >> > > > 'set_track()'
> >> > > 
> >> > > IMO adding a parameter to them isn't too horrible...
> >> > > I don't see better solution than adding a parameter with current implementation.
> >> > > (Yeah, the code is quite complicated...)
> >> > > 
> >> > > It won't affect performance to meaningful degree as most of
> >> > > allocations will be served from cpu slab or percpu partial list. 
> >> > 
> >> > Thanks for the suggestion! I'm fine with it and just afraid other
> >> > developers may dislike the extra parameter. 
> >> > 
> >> > The race condition you mentioned is a valid concern, and I have thought
> >> > about it, one way is moving the set_orig_size() after the redzone/poision
> >> > setup, and in 'check_object()' we can detect whether the 'orig_size' is
> >> > set, and skip that check if it's not set yet. As the manual validate_slab
> >> > triggered from sysfs interface is a rare debug activity, I think skipping
> >> > one object shouldn't hurt much.
> >> 
> >> That will require smp_wmb()/smp_rmb() pair to make sure that
> >> effects of set_orig_size() to be visible after redzone/poison setup.
> > 
> > Yes, synchronization is needed here.
> > 
> >> Isn't it simpler to add a parameter?
> > 
> > OK, I can go this way in v5 if other developers are fine. thanks
> 
> How about get_partial() instantiates an on-stack structure that contains
> gfpflags, ret_slab, orig_size and passes pointer to that to all the nested
> functions.
> 
> Would be similar to "struct alloc_context" in page allocation.
> Something like "struct partial_context pc"?

Yep! This would make the parameters passing much tidier. Will try
this way. 

More aggressively is to also embed the 'kmem_cache' parameter into
it, but this may make the code look ambiguous.

Thanks,
Feng