----- Original Message -----
>
> OK, I understand. Let me work on a new "set redzone on/off" environment
> variable that can be toggled on-and-off during runtime.
>
> But I believe I see a problem in do_slab_slub(). When it is checking for free
> objects to display as FREE / [ALLOCATED], it will never find it in 4.6+ kernels
> with a red_left_pad. Note below, when it checks whether (p == q), the "q" address
> is the "shifted" address seen by the kmalloc() caller, and will never match the
> base object address "p", so "is_free" never gets set:
>
> for (p = vaddr; p < vaddr + objects * si->size; p += si->size) {
> hq_open();
> is_free = FALSE;
> /* Search an object on both of freelist and cpu_freelist */
> ulong lists[] = { freelist, cpu_freelist, };
> for (i = 0; i < sizeof(lists) / sizeof(lists[0]); i++) {
> for (is_free = 0, q = lists[i]; q;
> q = get_freepointer(si, (void *)q)) {
>
> if (q == BADADDR) {
> hq_close();
> return FALSE;
> }
> if (q & PAGE_MAPPING_ANON)
> break;
> === never can match ===> if (p == q) {
> is_free = TRUE;
> goto found_object;
> }
> if (!hq_enter(q)) {
> hq_close();
> error(INFO, "%s: slab: %lx duplicate
> freelist object: %lx\n",
> si->curname, si->slab, q);
> return FALSE;
> }
> }
> }
> found_object:
> ...
>
> Do you agree?
Ah -- I see that your first patch modified vaddr *before* the code segment
above. That would work in the case where the adjusted red-zone address
is used. But in order to handle both cases, the patch will need to be
adjusted for when the base address is used unmodified.
Dave
--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/crash-utility
