mm/slab: Fix a kmemleak in kmem_cache_destroy()

xiaoleiwang123456 · tehcaster · commit 011568eb3117 · 2024-03-01T16:45:41.000+01:00
For earlier kmem cache creation, slab_sysfs_init() has not been called.
Consequently, kmem_cache_destroy() cannot utilize kobj_type::release to
release the kmem_cache structure. Therefore, tweak kmem_cache_release()
to use slab_kmem_cache_release() for releasing kmem_cache when slab_state
isn't FULL. This will fixes the memory leaks like following:

unreferenced object 0xffff0000c2d87080 (size 128):
   comm "swapper/0", pid 1, jiffies 4294893428
   hex dump (first 32 bytes):
     00 00 00 00 ad 4e ad de ff ff ff ff 6b 6b 6b 6b .....N......kkkk
     ff ff ff ff ff ff ff ff b8 ab 48 89 00 80 ff ff.....H.....
   backtrace (crc 8819d0f6):
     [&lt;ffff80008317a298&gt;] kmemleak_alloc+0xb0/0xc4
     [&lt;ffff8000807e553c&gt;] kmem_cache_alloc_node+0x288/0x3a8
     [&lt;ffff8000807e95f0&gt;] __kmem_cache_create+0x1e4/0x64c
     [&lt;ffff8000807216bc&gt;] kmem_cache_create_usercopy+0x1c4/0x2cc
     [&lt;ffff8000807217e0&gt;] kmem_cache_create+0x1c/0x28
     [&lt;ffff8000819f6278&gt;] arm_v7s_alloc_pgtable+0x1c0/0x6d4
     [&lt;ffff8000819f53a0&gt;] alloc_io_pgtable_ops+0xe8/0x2d0
     [&lt;ffff800084b2d2c4&gt;] arm_v7s_do_selftests+0xe0/0x73c
     [&lt;ffff800080016b68&gt;] do_one_initcall+0x11c/0x7ac
     [&lt;ffff800084a71ddc&gt;] kernel_init_freeable+0x53c/0xbb8
     [&lt;ffff8000831728d8&gt;] kernel_init+0x24/0x144
     [&lt;ffff800080018e98&gt;] ret_from_fork+0x10/0x20

Signed-off-by: Xiaolei Wang &lt;xiaolei.wang@windriver.com&gt;
Reviewed-by: Chengming Zhou &lt;chengming.zhou@linux.dev&gt;
Signed-off-by: Vlastimil Babka &lt;vbabka@suse.cz&gt;
diff --git a/mm/slab_common.c b/mm/slab_common.c
@@ -404,8 +404,12 @@ EXPORT_SYMBOL(kmem_cache_create);
  */
 static void kmem_cache_release(struct kmem_cache *s)
 {
-	sysfs_slab_unlink(s);
-	sysfs_slab_release(s);
+	if (slab_state >= FULL) {
+		sysfs_slab_unlink(s);
+		sysfs_slab_release(s);
+	} else {
+		slab_kmem_cache_release(s);
+	}
 }
 #else
 static void kmem_cache_release(struct kmem_cache *s)
diff --git a/mm/slub.c b/mm/slub.c
@@ -6794,14 +6794,12 @@ static int sysfs_slab_add(struct kmem_cache *s)
 
 void sysfs_slab_unlink(struct kmem_cache *s)
 {
-	if (slab_state >= FULL)
-		kobject_del(&s->kobj);
+	kobject_del(&s->kobj);
 }
 
 void sysfs_slab_release(struct kmem_cache *s)
 {
-	if (slab_state >= FULL)
-		kobject_put(&s->kobj);
+	kobject_put(&s->kobj);
 }
 
 /*

Original file line number	Diff line number	Diff line change
`@@ -6794,14 +6794,12 @@ static int sysfs_slab_add(struct kmem_cache *s)`
`6794`	`6794`
`6795`	`6795`	`void sysfs_slab_unlink(struct kmem_cache *s)`
`6796`	`6796`	`{`
`6797`		`- if (slab_state >= FULL)`
`6798`		`- kobject_del(&s->kobj);`
	`6797`	`+ kobject_del(&s->kobj);`
`6799`	`6798`	`}`
`6800`	`6799`
`6801`	`6800`	`void sysfs_slab_release(struct kmem_cache *s)`
`6802`	`6801`	`{`
`6803`		`- if (slab_state >= FULL)`
`6804`		`- kobject_put(&s->kobj);`
	`6802`	`+ kobject_put(&s->kobj);`
`6805`	`6803`	`}`
`6806`	`6804`
`6807`	`6805`	`/*`