From: Alexander Potapenko <glider@google.com> To: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Andrew Morton <akpm@linux-foundation.org>, Dave Jones <davej@codemonkey.org.uk>, Vegard Nossum <vegard.nossum@oracle.com>, Sasha Levin <alexander.levin@verizon.com>, Dmitry Vyukov <dvyukov@google.com>, kasan-dev <kasan-dev@googlegroups.com>, LKML <linux-kernel@vger.kernel.org>, Linux Memory Management List <linux-mm@kvack.org> Subject: Re: [PATCH 6/6] kasan: improve double-free reports. Date: Tue, 2 Aug 2016 14:53:50 +0200 [thread overview] Message-ID: <CAG_fn=ViiZ+WnL_c6vMg5-4HFeBjMJfm9RU15XO6uVKet+YD_w@mail.gmail.com> (raw) In-Reply-To: <57A0933F.8000706@virtuozzo.com> On Tue, Aug 2, 2016 at 2:34 PM, Andrey Ryabinin <aryabinin@virtuozzo.com> wrote: > > > On 08/02/2016 02:39 PM, Alexander Potapenko wrote: > >>> +static void kasan_end_report(unsigned long *flags) >>> +{ >>> + pr_err("==================================================================\n"); >>> + add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); >> Don't we want to add the taint as early as possible once we've >> detected the error? > > What for? > It certainly shouldn't be before dump_stack(), otherwise on the first report the kernel will claimed as tainted. Ah, got it. Fair enough. > >>> >>> +void kasan_report_double_free(struct kmem_cache *cache, void *object, >>> + s8 shadow) >>> +{ >>> + unsigned long flags; >>> + >>> + kasan_start_report(&flags); >>> + pr_err("BUG: Double free or corrupt pointer\n"); >> How about "Double free or freeing an invalid pointer\n"? >> I think "corrupt pointer" doesn't exactly reflect where the bug is. > > Ok > -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
WARNING: multiple messages have this Message-ID (diff)
From: Alexander Potapenko <glider@google.com> To: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Andrew Morton <akpm@linux-foundation.org>, Dave Jones <davej@codemonkey.org.uk>, Vegard Nossum <vegard.nossum@oracle.com>, Sasha Levin <alexander.levin@verizon.com>, Dmitry Vyukov <dvyukov@google.com>, kasan-dev <kasan-dev@googlegroups.com>, LKML <linux-kernel@vger.kernel.org>, Linux Memory Management List <linux-mm@kvack.org> Subject: Re: [PATCH 6/6] kasan: improve double-free reports. Date: Tue, 2 Aug 2016 14:53:50 +0200 [thread overview] Message-ID: <CAG_fn=ViiZ+WnL_c6vMg5-4HFeBjMJfm9RU15XO6uVKet+YD_w@mail.gmail.com> (raw) In-Reply-To: <57A0933F.8000706@virtuozzo.com> On Tue, Aug 2, 2016 at 2:34 PM, Andrey Ryabinin <aryabinin@virtuozzo.com> wrote: > > > On 08/02/2016 02:39 PM, Alexander Potapenko wrote: > >>> +static void kasan_end_report(unsigned long *flags) >>> +{ >>> + pr_err("==================================================================\n"); >>> + add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); >> Don't we want to add the taint as early as possible once we've >> detected the error? > > What for? > It certainly shouldn't be before dump_stack(), otherwise on the first report the kernel will claimed as tainted. Ah, got it. Fair enough. > >>> >>> +void kasan_report_double_free(struct kmem_cache *cache, void *object, >>> + s8 shadow) >>> +{ >>> + unsigned long flags; >>> + >>> + kasan_start_report(&flags); >>> + pr_err("BUG: Double free or corrupt pointer\n"); >> How about "Double free or freeing an invalid pointer\n"? >> I think "corrupt pointer" doesn't exactly reflect where the bug is. > > Ok > -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-08-02 12:57 UTC|newest] Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-08-01 14:45 [PATCH 1/6] mm/kasan: fix corruptions and false positive reports Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-01 14:45 ` [PATCH 2/6] mm/kasan: don't reduce quarantine in atomic contexts Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-02 11:42 ` Alexander Potapenko 2016-08-02 11:42 ` Alexander Potapenko 2016-08-01 14:45 ` [PATCH 3/6] mm/kasan, slub: don't disable interrupts when object leaves quarantine Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-01 14:47 ` Alexander Potapenko 2016-08-01 14:47 ` Alexander Potapenko 2016-08-01 14:45 ` [PATCH 4/6] mm/kasan: get rid of ->alloc_size in struct kasan_alloc_meta Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-01 14:45 ` [PATCH 5/6] mm/kasan: get rid of ->state " Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-02 12:37 ` Alexander Potapenko 2016-08-02 12:37 ` Alexander Potapenko 2016-08-01 14:45 ` [PATCH 6/6] kasan: improve double-free reports Andrey Ryabinin 2016-08-01 14:45 ` Andrey Ryabinin 2016-08-02 11:39 ` Alexander Potapenko 2016-08-02 11:39 ` Alexander Potapenko 2016-08-02 12:05 ` Alexander Potapenko 2016-08-02 12:05 ` Alexander Potapenko 2016-08-02 12:34 ` Andrey Ryabinin 2016-08-02 12:34 ` Andrey Ryabinin 2016-08-02 12:53 ` Alexander Potapenko [this message] 2016-08-02 12:53 ` Alexander Potapenko 2016-08-02 16:00 ` [PATCH] kasan-improve-double-free-reports-fix Andrey Ryabinin 2016-08-02 16:00 ` Andrey Ryabinin 2016-08-01 14:45 ` [PATCH 1/6] mm/kasan: fix corruptions and false positive reports Alexander Potapenko 2016-08-01 14:45 ` Alexander Potapenko
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CAG_fn=ViiZ+WnL_c6vMg5-4HFeBjMJfm9RU15XO6uVKet+YD_w@mail.gmail.com' \ --to=glider@google.com \ --cc=akpm@linux-foundation.org \ --cc=alexander.levin@verizon.com \ --cc=aryabinin@virtuozzo.com \ --cc=davej@codemonkey.org.uk \ --cc=dvyukov@google.com \ --cc=kasan-dev@googlegroups.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=vegard.nossum@oracle.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.