Search Linux Wireless

Re: [PATCH] cfg80211: clear cfg80211_inform_bss() from kmemleak reports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2009-09-04 at 07:04 +0200, Johannes Berg wrote:
> On Thu, 2009-09-03 at 13:43 -0700, Luis R. Rodriguez wrote:
> > On Thu, Sep 03, 2009 at 11:17:17AM -0700, Johannes Berg wrote:
> > > On Thu, 2009-09-03 at 11:13 -0700, Luis R. Rodriguez wrote:
> > > 
> > > > What I meant is it gobbles it up and spits another thing out. When it
> > > > gobbles it up the routine then uses kref_put().
> > > > 
> > > > > Why can it not track this?
> > > > 
> > > > It probably can, just not sure if it follows kref_put(), I was under
> > > > the impression here it doesn't and because of it we were getting false
> > > > positives. Catalin, can you confirm?
> > > 
> > > Ah I'd think that if it can't track it then that's because we use a
> > > pointer to the middle of the struct to keep track of it much of the
> > > time.
> > 
> > So you agree with the patch but not the commit log entry?
> 
> I'm not sure -- I think kmemleak should be able to figure it out, and if
> you were using IBSS then we actually have a leak that we need to plug,
> but otherwise I'd prefer to get some more input from Catalin first.

First of all, kmemleak_ignore() is not the right function to mark a
false positive as it completely ignores an object even though it may
have pointers to others. The kmemleak_not_leak() function should be
used. However, there are only two places in the kernel where this was
actually needed (one of them is a real leak but we ignore it as it makes
the code more complicated).

So, I think we should try to figure out why kmemleak reports it. There
are a few common cases:
     1. transient false positive - this should disappear after a few
        scans
     2. a pointer leading to the reported object is stored in an area of
        memory not scanned by kmemleak - most commonly pages allocated
        explicitly (alloc_pages etc.) as kmemleak doesn't track these.
        The preferred solution is to inform kmemleak about such page
        (kmemleak_alloc/kmemleak_free) rather than marking the false
        positive
     3. a pointer leading to the reported object isn't actually pointing
        to anywhere inside the structure (i.e. using the physical
        address). Here we would use kmemleak_not_leak()

> Catalin, is it conceivable that kmemleak reports false positives if we
> use a struct like
> 
> struct pubbss {
> ...
> };
> 
> struct bss {
> ...
> struct pubbss pub;
> };
> 
> and then keep track of &bss->pub; pointers instead of bss directly?

It should not report  false positive here. That's a pretty common case
with struct list_head, struct device etc. and kmemleak handles them
properly - if there is a memory location pointing to *anywhere* inside a
structure, the object is considered referenced and not reported.

-- 
Catalin

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux