From: Sung-hun Kim <sfoon.kim@samsung.com>
Date: Tue, 27 Oct 2020 11:48:36 +0000 (+0900)
Subject: mm: LKSM: bug fix for kernel memory leak
X-Git-Tag: accepted/tizen/unified/20210630.144015^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F82%2F260582%2F1;p=platform%2Fkernel%2Flinux-rpi.git

mm: LKSM: bug fix for kernel memory leak

For efficiency, LKSM cleans exited processes in a batched manner when it
finishes a scanning iteration. When it finds exited process while it is in
the scanning iteration, it just pends the mm_slot of the exited process to
the internal list.

On the other hend, when KSM daemon cleans mm_slots of exited processes, it
should care regions of exited processes to remove unreferenced lksm_region
objects.

Previously, most regions are maintained properly but only regions in "head"
of the exited process list does not be cleaned due to the buggy implementation.
At last, uncleaned objects are remained as unreferenced garbages.

Follow message is detected by kmemleak (reported by sw0312.kim@samsung.com):
=========================================================================
unreferenced object 0xffffff80c7083600 (size 128):
  comm "ksm_crawld", pid 41, jiffies 4294918362 (age 95.632s)
  hex dump (first 32 bytes):
    00 37 08 c7 80 ff ff ff 60 82 19 bd 80 ff ff ff  .7......`.......
    00 35 08 c7 80 ff ff ff 00 00 00 00 00 00 00 00  .5..............
  backtrace:
    [<0000000048313958>] kmem_cache_alloc_trace+0x1e0/0x348
    [<00000000fd246822>] lksm_region_ref_append+0x48/0xf8
    [<00000000c5a818a0>] ksm_join+0x3a0/0x498
    [<00000000b2c3f36a>] lksm_prepare_full_scan+0xe8/0x390
    [<00000000013943b5>] lksm_crawl_thread+0x214/0xbf8
    [<00000000b4ce0593>] kthread+0x1b0/0x1b8
    [<000000002a3f7216>] ret_from_fork+0x10/0x18
unreferenced object 0xffffff80c7083700 (size 128):
  comm "ksm_crawld", pid 41, jiffies 4294918362 (age 95.632s)
  hex dump (first 32 bytes):
    00 39 08 c7 80 ff ff ff 00 36 08 c7 80 ff ff ff  .9.......6......
    00 35 08 c7 80 ff ff ff 00 00 00 00 00 00 00 00  .5..............
  backtrace:
    [<0000000048313958>] kmem_cache_alloc_trace+0x1e0/0x348
    [<00000000fd246822>] lksm_region_ref_append+0x48/0xf8
    [<00000000c5a818a0>] ksm_join+0x3a0/0x498
    [<00000000b2c3f36a>] lksm_prepare_full_scan+0xe8/0x390
    [<00000000013943b5>] lksm_crawl_thread+0x214/0xbf8
    [<00000000b4ce0593>] kthread+0x1b0/0x1b8
    [<000000002a3f7216>] ret_from_fork+0x10/0x18
...
=========================================================================

This patch takes care of such possible kernel memory leak problem.

Change-Id: I3e4b299e02018ece1c19ba53e4f10a68520a807b
Signed-off-by: Sung-hun Kim <sfoon.kim@samsung.com>
---

diff --git a/mm/lksm.c b/mm/lksm.c
index b763e63..31d8601 100644
--- a/mm/lksm.c
+++ b/mm/lksm.c
@@ -2836,6 +2836,9 @@ static void lksm_flush_removed_mm_list(void)
 
 	cond_resched();
 	remove_trailing_rmap_items(head, &head->rmap_list);
+#ifdef CONFIG_LKSM_FILTER
+	lksm_region_ref_list_release(head);
+#endif
 	clear_bit(MMF_VM_MERGEABLE, &head->mm->flags);
 	mmdrop(head->mm);
 	free_mm_slot(head);