Crash “kmem address” not working properly when redzone is enabled.
When "slub_debug" is enabled with redzoning, "kmem address" does not work properly.
The "red_left_pad" member within "struct kmem_cache" is currently an "unsigned int",
it used to be an "int", but it never was a "long", hence "red_left_pad" in do_slab_slub()
was not initialized properly. This "red_left_pad" issue resulted in reporting free objects
as "[ALLOCATED]", and in reporting bogus object addresses when using "set redzone off".
Signed-off-by: Georges Aureau <georges.aureau@xxxxxxx>
--
diff --git a/memory.c b/memory.c
index a74ebaf..967a9cf 100644
--- a/memory.c
+++ b/memory.c
@@ -19637,7 +19637,8 @@ do_slab_slub(struct meminfo *si, int verbose)
int i, free_objects, cpu_slab, is_free, node;
ulong p, q;
#define SLAB_RED_ZONE 0x00000400UL
- ulong flags, red_left_pad;
+ ulong flags;
+ uint red_left_pad;
if (!si->slab) {
if (CRASHDEBUG(1))
@@ -19727,7 +19728,7 @@ do_slab_slub(struct meminfo *si, int verbose)
if (VALID_MEMBER(kmem_cache_red_left_pad)) {
flags = ULONG(si->cache_buf + OFFSET(kmem_cache_flags));
if (flags & SLAB_RED_ZONE)
- red_left_pad = ULONG(si->cache_buf + OFFSET(kmem_cache_red_left_pad));
+ red_left_pad = UINT(si->cache_buf + OFFSET(kmem_cache_red_left_pad));
}
for (p = vaddr; p < vaddr + objects * si->size; p += si->size) {
--
Crash-utility mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxxxxxx
https://${domain_name}/admin/lists/devel.lists.crash-utility.osci.io/
Contribution Guidelines: https://github.com/crash-utility/crash/wiki
