From patchwork Wed Jun 5 07:13:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengming Zhou X-Patchwork-Id: 13686253 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B89AAC27C53 for ; Wed, 5 Jun 2024 07:15:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A65E66B0095; Wed, 5 Jun 2024 03:15:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A17A56B009F; Wed, 5 Jun 2024 03:15:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8B5A16B00A0; Wed, 5 Jun 2024 03:15:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 6B92A6B0095 for ; Wed, 5 Jun 2024 03:15:21 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 13BB5121142 for ; Wed, 5 Jun 2024 07:15:21 +0000 (UTC) X-FDA: 82195974042.08.3F75234 Received: from out-187.mta1.migadu.com (out-187.mta1.migadu.com [95.215.58.187]) by imf29.hostedemail.com (Postfix) with ESMTP id 77D61120017 for ; Wed, 5 Jun 2024 07:15:17 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=hhHWEWVF; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf29.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.187 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717571717; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2D+pNylnFjf5RG+qfCtOObjK/w47If89gLDNwIIJVTc=; b=cTR+IMvlTpTD3c4Dn9om/ysJbO1Z0scK5BbXtnXFA6TuUFpcfAZZ3xzcsSAvexpNfmvxmg Q/1c6kzZKr7qXCAtokyuPCZ5mv3SUEEH+mxXrQTmjJ1z6cmKgoiiiiY/RgWnJTlip8Ngbe AslTqdcVPgn5pKbU9UTwn6i1di+xmDs= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=hhHWEWVF; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf29.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.187 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717571717; a=rsa-sha256; cv=none; b=QLfXXBuw9soZJxLHrEMhisngzRUCzeVVFbSVwsNfs1PGlF2HkbLr4wcJ4qDskRcyOvQfGy wvE9QJD64zdrCJB4p/KiBVbY9MstnG/RDQXbvc+2inZ9+PKP0itz6Ic6jzHPsWI7sw3xo5 aOvQ5mzwsZCDOPb6+c0rYuODUeWmNs0= X-Envelope-To: linux-mm@kvack.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1717571714; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2D+pNylnFjf5RG+qfCtOObjK/w47If89gLDNwIIJVTc=; b=hhHWEWVF9i+5tyUIHca/gW8RdqsCWpblWwJQnToMHatTd8h4pcxUN1YuhUvXBbREOpNnm+ CaKmK2Pznxt7Avi8g2Hl9oaY7jAajLkDwXzifia3Vo2DNtzgqEppM/UbR3dUJaqh/1t7WU O302CuBLMisFIbutmrMhjbbFv5YyN2s= X-Envelope-To: penberg@kernel.org X-Envelope-To: roman.gushchin@linux.dev X-Envelope-To: feng.tang@intel.com X-Envelope-To: zhouchengming@bytedance.com X-Envelope-To: rientjes@google.com X-Envelope-To: linux-kernel@vger.kernel.org X-Envelope-To: akpm@linux-foundation.org X-Envelope-To: iamjoonsoo.kim@lge.com X-Envelope-To: vbabka@suse.cz X-Envelope-To: chengming.zhou@linux.dev X-Envelope-To: cl@linux.com X-Envelope-To: 42.hyeyoo@gmail.com X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Chengming Zhou Date: Wed, 05 Jun 2024 15:13:54 +0800 Subject: [PATCH v2 1/3] slab: make check_object() more consistent MIME-Version: 1.0 Message-Id: <20240605-b4-slab-debug-v2-1-c535b9cd361c@linux.dev> References: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> In-Reply-To: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> To: Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Feng Tang Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, zhouchengming@bytedance.com, Chengming Zhou X-Developer-Signature: v=1; a=ed25519-sha256; t=1717571706; l=4614; i=chengming.zhou@linux.dev; s=20240508; h=from:subject:message-id; bh=3cTrYeTDe9+jjlLFE6XBms49kHUBVAiJ7qH4E3ODf64=; b=NGXpVPgGWULyXod3B7d12LvFUNBu+MBjXZjftR3heWmAb8bzcA1Sl0+XZPCvnewHGl93bJ6g4 ahzgjdKSLyxDAA5uw4eIFV6hJ25w/L0b/lGmdcZ4IpjpiOAEOrP+CvS X-Developer-Key: i=chengming.zhou@linux.dev; a=ed25519; pk=kx40VUetZeR6MuiqrM7kPCcGakk1md0Az5qHwb6gBdU= X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: 77D61120017 X-Stat-Signature: i7n1u8gc9optofkgkqon6fh4htiw5a96 X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1717571717-737185 X-HE-Meta: U2FsdGVkX1/mIg4SFbbN3jJ/sSYSArGiXgIC6QyqE6Bf6N9tU0zN8NY4Tdu+gaPf1NKOBQls70yiaZm2Zzd0ayLEy9gV2/QhFHGg9ExzzzJpZb99A40McbbdBeJ72XBBYzsCg9JA6KNuUJlg0vSSNUmnqrW8ZJNMHHCTfiJxoBHzxT2kRmdxpOuVb+xNo9l5Y244dpzPO4fRjqBzP6djJgDnLoiZ8JFsaDiE+Y/rYtWsl2gzEBtbklggqeTmgRAPLmWuEmr+kaJ6RjMNvv9YWAZ4FIr51VeQF7vGufARkTmzmhpkdL3jApBsvIe5eeySoKt2LQLPvUyIxQeELBVXqif6YLh2SmXMqcd2EwV1A/mY9vYflL5W0JFoVYN6qkFw+fvfccF0SJA1NVFkAe0Y4lxiDe6WYMHz0IPKOIgDhLoFkMjkj3r9rtr9RaUtXeX6s4zHjyjWkW3EisyMVVWNPXfTGwH6FI18SBQ5e2hG8lShgpfc3wpvyB3C1k75aijXCNpHnrCoTisoqvgXhPDLDM36/BEk5F5ChCEKLM1dpYJnCmBKJpQKX8K3BK3RpD4KED0BBGFj5gP/20DBLpoAkrFtDqM6uT9ydA8u+jVGPsMbxWpCPVjDTgwah9CO8IJPwl4Z7b2n9VF5A1EWPiPuTXEtDcSIk+f9LkfW1PtYKvSdeGDh6DEuo5+sOVIXrUOyQHA6RCoKljeDf6waW0Rl1E+XpbCZdZYDR76TLx3zY7oLte10u154z8Hn7VkBZvUwkhR0CDntdI8QvYlWJ3NDGOI2C4QyouEU9X0f9jH+av5tJAihjW1RTqyKPN4LBv18gDDvd/p6QTHWxYHuQrho0UfpHs8qJ9JEvEvWmMo5zMSA0dt92W1wv/4ZLEkY72pws+XfcRrTPLMPqryH04KfKTeIwcgYqTtICuePG2wGd4zI1KKaIUrtwE329mtV5VLozp42pjWz8uHzafq9cFN O1amMVD7 hCcNFzZUsW3I7/mPC+VsBQYA4kq4VxfnCoKbGkD+PzYSDx+C0QeH/ThnoDbNM4i62oonbKAQBIiivuXdibtfHU+KraKwCM7v7d3K92et/UFS7EaJ4CNq9LunlmXon4Np5m7kcHiCgVdLqurtW932VEgNTlX/NIrAi8xqvzfb2dy2dJW8E9rZvJWoBoO877odV3mRhhZ7Ix6WfoYU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Now check_object() calls check_bytes_and_report() multiple times to check every section of the object it cares about, like left and right redzones, object poison, paddings poison and freepointer. It will abort the checking process and return 0 once it finds an error. There are two inconsistencies in check_object(), which are alignment padding checking and object padding checking. We only print the error messages but don't return 0 to tell callers that something is wrong and needs to be handled. Please see alloc_debug_processing() and free_debug_processing() for details. If the above inconsistencies are not intentional, we should fix it. And we want to do all checks without skipping, so use a local variable "ret" to save each check result and change check_bytes_and_report() to only report specific error findings. Then at end of check_object(), print the trailer once if any found an error. Suggested-by: Vlastimil Babka Signed-off-by: Chengming Zhou --- mm/slub.c | 45 ++++++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 21 deletions(-) diff --git a/mm/slub.c b/mm/slub.c index 0809760cf789..7fbd5ce4320a 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1192,8 +1192,6 @@ static int check_bytes_and_report(struct kmem_cache *s, struct slab *slab, pr_err("0x%p-0x%p @offset=%tu. First byte 0x%x instead of 0x%x\n", fault, end - 1, fault - addr, fault[0], value); - print_trailer(s, slab, object); - add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); skip_bug_print: restore_bytes(s, what, value, fault, end); @@ -1302,15 +1300,16 @@ static int check_object(struct kmem_cache *s, struct slab *slab, u8 *p = object; u8 *endobject = object + s->object_size; unsigned int orig_size, kasan_meta_size; + int ret = 1; if (s->flags & SLAB_RED_ZONE) { if (!check_bytes_and_report(s, slab, object, "Left Redzone", object - s->red_left_pad, val, s->red_left_pad)) - return 0; + ret = 0; if (!check_bytes_and_report(s, slab, object, "Right Redzone", endobject, val, s->inuse - s->object_size)) - return 0; + ret = 0; if (slub_debug_orig_size(s) && val == SLUB_RED_ACTIVE) { orig_size = get_orig_size(s, object); @@ -1319,14 +1318,15 @@ static int check_object(struct kmem_cache *s, struct slab *slab, !check_bytes_and_report(s, slab, object, "kmalloc Redzone", p + orig_size, val, s->object_size - orig_size)) { - return 0; + ret = 0; } } } else { if ((s->flags & SLAB_POISON) && s->object_size < s->inuse) { - check_bytes_and_report(s, slab, p, "Alignment padding", + if (!check_bytes_and_report(s, slab, p, "Alignment padding", endobject, POISON_INUSE, - s->inuse - s->object_size); + s->inuse - s->object_size)) + ret = 0; } } @@ -1342,27 +1342,25 @@ static int check_object(struct kmem_cache *s, struct slab *slab, !check_bytes_and_report(s, slab, p, "Poison", p + kasan_meta_size, POISON_FREE, s->object_size - kasan_meta_size - 1)) - return 0; + ret = 0; if (kasan_meta_size < s->object_size && !check_bytes_and_report(s, slab, p, "End Poison", p + s->object_size - 1, POISON_END, 1)) - return 0; + ret = 0; } /* * check_pad_bytes cleans up on its own. */ - check_pad_bytes(s, slab, p); + if (!check_pad_bytes(s, slab, p)) + ret = 0; } - if (!freeptr_outside_object(s) && val == SLUB_RED_ACTIVE) - /* - * Object and freepointer overlap. Cannot check - * freepointer while object is allocated. - */ - return 1; - - /* Check free pointer validity */ - if (!check_valid_pointer(s, slab, get_freepointer(s, p))) { + /* + * Cannot check freepointer while object is allocated if + * object and freepointer overlap. + */ + if (!freeptr_outside_object(s) && val == SLUB_RED_ACTIVE && + !check_valid_pointer(s, slab, get_freepointer(s, p))) { object_err(s, slab, p, "Freepointer corrupt"); /* * No choice but to zap it and thus lose the remainder @@ -1370,9 +1368,14 @@ static int check_object(struct kmem_cache *s, struct slab *slab, * another error because the object count is now wrong. */ set_freepointer(s, p, NULL); - return 0; } - return 1; + + if (!ret && !slab_add_kunit_errors()) { + print_trailer(s, slab, object); + add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); + } + + return ret; } static int check_slab(struct kmem_cache *s, struct slab *slab) From patchwork Wed Jun 5 07:13:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengming Zhou X-Patchwork-Id: 13686254 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D982CC25B76 for ; Wed, 5 Jun 2024 07:15:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 694536B00A0; Wed, 5 Jun 2024 03:15:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 61F336B00A1; Wed, 5 Jun 2024 03:15:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4BDCA6B00A2; Wed, 5 Jun 2024 03:15:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 2EA856B00A0 for ; Wed, 5 Jun 2024 03:15:25 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id E4910121197 for ; Wed, 5 Jun 2024 07:15:24 +0000 (UTC) X-FDA: 82195974168.13.3E8CD32 Received: from out-187.mta1.migadu.com (out-187.mta1.migadu.com [95.215.58.187]) by imf06.hostedemail.com (Postfix) with ESMTP id 82BD018000F for ; Wed, 5 Jun 2024 07:15:22 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b="fD/gfTPv"; spf=pass (imf06.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.187 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev; dmarc=pass (policy=none) header.from=linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717571722; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=lPq/L6362zO9SgmJGiWknKOMwYQmxGr9076aQ1KsSus=; b=5U/V6D/lyDQyPMo7TmF77IZezpE8ND9rvQAE5K5kKBZrAImoP2x1yYm0Of+mCFktiTcyTL 4lPsCVcH0uUb3sjbU6060KeCRbgdFUsFwoJ+FGUIpT01KsM0ERl7Bn5jwxPG1+UDuzR94i NZrXlD9YFB3r/0PCLxwSL8C1A2dNO8w= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717571722; a=rsa-sha256; cv=none; b=kgwJU6NsxY+3JAKJcS8imXbh2H5sRlFncu4J8Wh0aiXrM7WQ/XjXUpF/YTHbpNScwJ3quX t9bqlJ2vs2Jnba+iu6hBKU8B5VvplXPgUiV2D03ZBSbA2XhB9OqhDke1O65S807AJQGudY AJlmBNar/M79o0HnFQNYdYwL64Igmrw= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b="fD/gfTPv"; spf=pass (imf06.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.187 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev; dmarc=pass (policy=none) header.from=linux.dev X-Envelope-To: linux-mm@kvack.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1717571718; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lPq/L6362zO9SgmJGiWknKOMwYQmxGr9076aQ1KsSus=; b=fD/gfTPvByekqdPzbiQjtEmLUAWXvovHbJ2ABuWxUjXekFVDifvCZ/KC/eGVUL2r73UWM2 BToI9v2Umvq9kMjCwaLswi1i1LdYrCqFycgwbmsbcjOS9iNqcMuQOjTEA00kCo56W4/xe0 TBDiewQOm6Ov6ROZbaCG024Ktj+JAVw= X-Envelope-To: penberg@kernel.org X-Envelope-To: roman.gushchin@linux.dev X-Envelope-To: feng.tang@intel.com X-Envelope-To: zhouchengming@bytedance.com X-Envelope-To: rientjes@google.com X-Envelope-To: linux-kernel@vger.kernel.org X-Envelope-To: akpm@linux-foundation.org X-Envelope-To: iamjoonsoo.kim@lge.com X-Envelope-To: vbabka@suse.cz X-Envelope-To: chengming.zhou@linux.dev X-Envelope-To: cl@linux.com X-Envelope-To: 42.hyeyoo@gmail.com X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Chengming Zhou Date: Wed, 05 Jun 2024 15:13:55 +0800 Subject: [PATCH v2 2/3] slab: don't put freepointer outside of object if only orig_size MIME-Version: 1.0 Message-Id: <20240605-b4-slab-debug-v2-2-c535b9cd361c@linux.dev> References: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> In-Reply-To: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> To: Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Feng Tang Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, zhouchengming@bytedance.com, Chengming Zhou X-Developer-Signature: v=1; a=ed25519-sha256; t=1717571706; l=2011; i=chengming.zhou@linux.dev; s=20240508; h=from:subject:message-id; bh=MNPWcriUGn3mWR3ZY0iN2pkP7N14YS8clJZTFwJ05Yw=; b=JB87AMt4zBO1QCf3L4tRwQF9EA4xx2dZLiX0nJN+Hd6lO7YDGPItst49BP1FaILquk6qB3pCC OPGGuLZwQkWCl0tN4tMtmzN0tCz5DSTScx5I6gNc8W5wzQjDtYx7ySh X-Developer-Key: i=chengming.zhou@linux.dev; a=ed25519; pk=kx40VUetZeR6MuiqrM7kPCcGakk1md0Az5qHwb6gBdU= X-Migadu-Flow: FLOW_OUT X-Rspam-User: X-Stat-Signature: tyuyg8jn9mgrzq8cfags11w3r7nqqhbe X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 82BD018000F X-HE-Tag: 1717571722-430102 X-HE-Meta: U2FsdGVkX19haMPM07F1jeI/yV6wwrvhJOGn496koIWwPm8Ftv0oWZciTYxJ491QldAdXJPwYjQhCOrqD18FnCyAd4vROwA0VB9mp2LPsbPQ0K4allMX/63moFXHou4Pa+nMcaWofPGIQiqrkRug0wCIuN8nf1IsAeWqK+As7cyts6bWoeqX9FAnHQNfPUms3+J/ltg3RAbTvC585hjOR8kxmA3uO5DSqifQQ2H0Goc4z7yFO6KQeIBxm/qipwhiw2EBE4rlXnWuyHe4Pj1myJzKs8hMuv7vkaOlk76+FveqRmHI0kLdvR5ZbFEb+4t4VSDzjMQyIP5xu/RwXo9AC5QnPOl118CV/mn1aW08I4+v0FzinZf8h4U5+TLm4EsHTrHzawAvO0+SULiXiZ3jBtaLfGYWVauVyqRItMzyY3iNtUbxfzaGPAG0U7fdGzw5Cgbp/jx+D5zBGPGTzL33odauqhLyrp655p9wJnb51dHu7R+ZTrSSZ2seQuRwhzHofThDZWw1Gnqp633zWPf6BzBF/3zXv5JLzPGQlQC8ahAXf8DMdhm25QUIxHfLDYvIirpTYBcILRx4/oL71tdkzxYVKsg+FwjJhlP8/Jl4alF6HGfG4Q3SoAbCEHa6kyDSaokhqZFDp5YGOAwuPzhe3P0d6RMguNWxRA+a4jsEvuG8coszHzMaZSs2aAcQbsZE6DxLKjPlKlUGnoWUYoyBJQbPCRkkGmmncoPzaYxhLYOIqS18Dd+BnPhy3JH6zUkLB5yQ3aVV2hNiB07tYvXhd7B7c37Dl30piwo0BnuZsmr+1u1U6h8As5yAoepy6CJ2OPw1Xvj1IoGYpNny7emhNJQ/c4ANBVaA/OQhElDRgzoOfTZ0FetjK84JxhJChedz2n0vOZcVk/a40623Wd0SNjsTFDOIvC0iUqUGzfvGQBFxVRLVBVLIDF7TRh/a+1+QlFIg/I5oMf1seVbBD8T R1ueJVNc g5QQO6+QKZV4JXHI1qex3uYJG937w/uTOfI/H8p257FzjBC5yReWVpuaPsVTpn5L9Ft1U5TS84VAT1vhxnnwJ7NHB3SLotHABodTJRcJLWiUqYYfSIoOhv1KplAle6YHDu4CpJqp/EEJHRLIqq4XyWVxU6Bha56xEZvoMiLmAMhNf03MeAeeDlakr7GizerFfa9qiIqq8Zismp3wucNYQ4SKvu1dY4dlNFZPm65tMVYGMtyvb6WzTYPVKTf6R4KtFa3wlAUHRdYeoXeY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested") will extend right redzone when allocating for orig_size < object_size. So we can't overlay the freepointer in the object space in this case. But the code looks like it forgot to check SLAB_RED_ZONE, since there won't be extended right redzone if only orig_size enabled. As we are here, make this complex conditional expressions a little prettier and add some comments about extending right redzone when slub_debug_orig_size() enabled. Reviewed-by: Feng Tang Signed-off-by: Chengming Zhou Reviewed-by: Vlastimil Babka --- mm/slub.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/mm/slub.c b/mm/slub.c index 7fbd5ce4320a..704c662227e6 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -5152,10 +5152,9 @@ static int calculate_sizes(struct kmem_cache *s) */ s->inuse = size; - if (slub_debug_orig_size(s) || - (flags & (SLAB_TYPESAFE_BY_RCU | SLAB_POISON)) || - ((flags & SLAB_RED_ZONE) && s->object_size < sizeof(void *)) || - s->ctor) { + if ((flags & (SLAB_TYPESAFE_BY_RCU | SLAB_POISON)) || s->ctor || + ((flags & SLAB_RED_ZONE) && + (s->object_size < sizeof(void *) || slub_debug_orig_size(s)))) { /* * Relocate free pointer after the object if it is not * permitted to overwrite the first word of the object on @@ -5163,7 +5162,9 @@ static int calculate_sizes(struct kmem_cache *s) * * This is the case if we do RCU, have a constructor or * destructor, are poisoning the objects, or are - * redzoning an object smaller than sizeof(void *). + * redzoning an object smaller than sizeof(void *) or are + * redzoning an object with slub_debug_orig_size() enabled, + * in which case the right redzone may be extended. * * The assumption that s->offset >= s->inuse means free * pointer is outside of the object is used in the From patchwork Wed Jun 5 07:13:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chengming Zhou X-Patchwork-Id: 13686255 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB2C8C27C65 for ; Wed, 5 Jun 2024 07:15:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1B4B66B00A1; Wed, 5 Jun 2024 03:15:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 13D6E6B00A2; Wed, 5 Jun 2024 03:15:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EF7956B00A3; Wed, 5 Jun 2024 03:15:26 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id CEDCC6B00A1 for ; Wed, 5 Jun 2024 03:15:26 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 66B8716015A for ; Wed, 5 Jun 2024 07:15:26 +0000 (UTC) X-FDA: 82195974252.13.7128297 Received: from out-176.mta1.migadu.com (out-176.mta1.migadu.com [95.215.58.176]) by imf03.hostedemail.com (Postfix) with ESMTP id 031E820013 for ; Wed, 5 Jun 2024 07:15:23 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=qxcFtNtf; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf03.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.176 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717571724; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=3wNm3c6yJSA1CzslM5yifCdzkMkcRenHHavbaO4mwKI=; b=qZdgHhAHXtDOIv31umlvLsjCJog/uNY9pspRBJoMvCVp4LWmD81zxTNiRj4W5afMUWGAHV RSSufVMU4cIB5avocyKH4c7/hgfFcHssmxbtyNeM3bDccNKrsGz87EfMrOoXBN/a/Yeobl CNCmTaXg2NpdIm7tg6DfphJmOvJQSEc= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=qxcFtNtf; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf03.hostedemail.com: domain of chengming.zhou@linux.dev designates 95.215.58.176 as permitted sender) smtp.mailfrom=chengming.zhou@linux.dev ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717571724; a=rsa-sha256; cv=none; b=7CpkVVjn4RvkvXWsDjOsnbL6dnX5Asto+16Zu2DoN+SFloCfNnueZnYb9yzQ6oEXRX/8tY Lbt1YcrQsy7zQlH+IS2VNyw2l+zC0ELOk2V8x7VuEEuhKhyASm4ehdczNkIJ1MfoHIe1nk aS574Eo7WDwh9SqcneBPkBXnFMRsL+Q= X-Envelope-To: linux-mm@kvack.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1717571722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3wNm3c6yJSA1CzslM5yifCdzkMkcRenHHavbaO4mwKI=; b=qxcFtNtfh4XOLj5fbDe7x94gskzCrv0IXECAZOYe8WkE/kUdaphkQyLX9x1/bqPGakkm66 qG1VyQRnpT+1yOvZwfIhsDcbUEWqmRY6lsTkfvhHku8VVhUmFlm5BsntZc0p1brvBYdsi/ mZa9huwlffIJu06AxUx8R5lzWOHx8gY= X-Envelope-To: penberg@kernel.org X-Envelope-To: roman.gushchin@linux.dev X-Envelope-To: feng.tang@intel.com X-Envelope-To: zhouchengming@bytedance.com X-Envelope-To: rientjes@google.com X-Envelope-To: linux-kernel@vger.kernel.org X-Envelope-To: akpm@linux-foundation.org X-Envelope-To: iamjoonsoo.kim@lge.com X-Envelope-To: vbabka@suse.cz X-Envelope-To: chengming.zhou@linux.dev X-Envelope-To: cl@linux.com X-Envelope-To: 42.hyeyoo@gmail.com X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Chengming Zhou Date: Wed, 05 Jun 2024 15:13:56 +0800 Subject: [PATCH v2 3/3] slab: delete useless RED_INACTIVE and RED_ACTIVE MIME-Version: 1.0 Message-Id: <20240605-b4-slab-debug-v2-3-c535b9cd361c@linux.dev> References: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> In-Reply-To: <20240605-b4-slab-debug-v2-0-c535b9cd361c@linux.dev> To: Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Feng Tang Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, zhouchengming@bytedance.com, Chengming Zhou X-Developer-Signature: v=1; a=ed25519-sha256; t=1717571706; l=2445; i=chengming.zhou@linux.dev; s=20240508; h=from:subject:message-id; bh=SCxsTfzjMuX8t1U69VOCpqhjoMDtoIBWEPozyzP8bk8=; b=xtPX9vMkwqmgUtdfVNek9BrOPkMLYsFLuZn30jqV0CJbb33baarp75iix+PtgEHMEQeAQoOPI CStzNIZCp8bBqhAhH4N5hrLMahSHW2KmmCWFcqj/P1yTkpDMDZxFsYn X-Developer-Key: i=chengming.zhou@linux.dev; a=ed25519; pk=kx40VUetZeR6MuiqrM7kPCcGakk1md0Az5qHwb6gBdU= X-Migadu-Flow: FLOW_OUT X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 031E820013 X-Stat-Signature: 314quihpujcorwji1idz64m4fpkryu5w X-HE-Tag: 1717571723-656643 X-HE-Meta: U2FsdGVkX18U0dETMgDF6LYHM1q7K+jZ+rOVjp+nbNuu8a8goTMgBvv0ISun7uqcXD3scuKp8j2U913WxvfPXcGA5ziT0VydaYr/zHafpbmAeSwenh3OXaICStO393J1/bahmlp8NA5tshCjKVHPaxVZ2NN3XyvazjIlCX/akXD57LYVL5w7giud3hMPIJIsjwYUbubShOVbvK4e45fW62hcbr3UyUXl/lijpPNySxFD1iKYXzc0JbQ8p8aawXe6QOVlP8UHf5e0o0oPJRAxOXcYbRCrpauQ5OpDcQ8D/oSPymeuyA9kJHqBFBXtV9UDaYELxmXfdRZxqd3yP65nBIgmjiYJmB/EBlEjBK6PcOKO99iwRxF7k/NOoUlcXItG3oPLc5Y8y9GamtnIUDPanMjdIOxN8vNxUtoxOUqAcqJIVFznNR/5JoNEqX34nfPjf/x8axk8HWNNfYb3cZLIY/68aCPUs4IXqUAQJh6Q2TtkJ4vD1cz4+Q9uw8FRDx8n8CkcthIa+pXS9QyKZ4gLCPiFbwtStSwTmcyHVXJ6tsCc1swTHTMBFSk2Ro3CB009AKBUgMFw1UwhCNzZG0jrbKNxQRP53jTYZMsJKYN9ulUabbyroXqwybe8BKNt2ne+Kwd8eQYeI0i/IrtCt3c+WKZy8GIpuMVxPR65207NFBn93tcAIXXB8jnTY5A338AJo2GFKS57pKeKmdFMRwtU8tYB7zcq2oSm/jVlxl0B+quAlXTM6Rc1+4hkXhQiB/lSpwL+Wjxrrfv+dt1TKgSNjM1CiEPTg47fsPisdYA6TEGtLUEht/T/h82rOY+Ez0/ynOyUejlyJh9tj+poxGVIXCLUbJeAkt7tckldG6I5KH6TvJlobLHIinMP23bpaD8oYC7DZaIiYAhCuiBPhnrFS+nan3PXdrveReMOw3IW7ObE+fLa4nedgASDv5ApZu4Plnj2BUwUHVY4LK+62Uk LMQYjDmn zY0JZ7931UE7w0gfMBHXuzYZxhlMBVSs1an3kWFAF9z4rirkAOu6MI46CKUnRP0B4VV8vRLGrbj94ut+uCnUmgFcAwLwaLRclsCZrfXZ07cJ34zkag203jDVpeFiZeU80Aqwafy0s3dqqDF4cR3UAzqQyjPZfBy2dJuJAqn5QSzc9GaeqyRRb+Vy9M2dVl5lkem4LT6oq4HuvLDQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: These seem useless since we use the SLUB_RED_INACTIVE and SLUB_RED_ACTIVE, so just delete them, no functional change. Signed-off-by: Chengming Zhou Reviewed-by: Vlastimil Babka --- include/linux/poison.h | 7 ++----- mm/slub.c | 4 ++-- tools/include/linux/poison.h | 7 ++----- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/include/linux/poison.h b/include/linux/poison.h index 1f0ee2459f2a..9c1a035af97c 100644 --- a/include/linux/poison.h +++ b/include/linux/poison.h @@ -38,11 +38,8 @@ * Magic nums for obj red zoning. * Placed in the first word before and the first word after an obj. */ -#define RED_INACTIVE 0x09F911029D74E35BULL /* when obj is inactive */ -#define RED_ACTIVE 0xD84156C5635688C0ULL /* when obj is active */ - -#define SLUB_RED_INACTIVE 0xbb -#define SLUB_RED_ACTIVE 0xcc +#define SLUB_RED_INACTIVE 0xbb /* when obj is inactive */ +#define SLUB_RED_ACTIVE 0xcc /* when obj is active */ /* ...and for poisoning */ #define POISON_INUSE 0x5a /* for use-uninitialised poisoning */ diff --git a/mm/slub.c b/mm/slub.c index 704c662227e6..0bab0f041ab2 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1214,8 +1214,8 @@ static int check_bytes_and_report(struct kmem_cache *s, struct slab *slab, * Padding is extended by another word if Redzoning is enabled and * object_size == inuse. * - * We fill with 0xbb (RED_INACTIVE) for inactive objects and with - * 0xcc (RED_ACTIVE) for objects in use. + * We fill with 0xbb (SLUB_RED_INACTIVE) for inactive objects and with + * 0xcc (SLUB_RED_ACTIVE) for objects in use. * * object + s->inuse * Meta data starts here. diff --git a/tools/include/linux/poison.h b/tools/include/linux/poison.h index 2e6338ac5eed..e530e54046c9 100644 --- a/tools/include/linux/poison.h +++ b/tools/include/linux/poison.h @@ -47,11 +47,8 @@ * Magic nums for obj red zoning. * Placed in the first word before and the first word after an obj. */ -#define RED_INACTIVE 0x09F911029D74E35BULL /* when obj is inactive */ -#define RED_ACTIVE 0xD84156C5635688C0ULL /* when obj is active */ - -#define SLUB_RED_INACTIVE 0xbb -#define SLUB_RED_ACTIVE 0xcc +#define SLUB_RED_INACTIVE 0xbb /* when obj is inactive */ +#define SLUB_RED_ACTIVE 0xcc /* when obj is active */ /* ...and for poisoning */ #define POISON_INUSE 0x5a /* for use-uninitialised poisoning */