[PATCH] kasan: record timestamp of memory allocation/free

Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> · Wed, 2 May 2018 19:58:09 +0900

syzbot is reporting many refcount/use-after-free bugs along with flood of
memory allocation fault injection messages. Showing timestamp of memory
allocation/free would help narrowing down kernel messages to examine.

Revive timestamp field which was removed by commit cd11016e5f5212c1
("mm, kasan: stackdepot implementation. Enable stackdepot for SLAB").

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Cc: Alexander Potapenko <glider@xxxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Christoph Lameter <cl@xxxxxxxxx>
Cc: Pekka Enberg <penberg@xxxxxxxxxx>
Cc: David Rientjes <rientjes@xxxxxxxxxx>
Cc: Joonsoo Kim <iamjoonsoo.kim@xxxxxxx>
Cc: Andrey Konovalov <adech.fo@xxxxxxxxx>
Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Cc: Steven Rostedt <rostedt@xxxxxxxxxxx>
Cc: Konstantin Serebryany <kcc@xxxxxxxxxx>
Cc: Dmitry Chernenkov <dmitryc@xxxxxxxxxx>
---
 mm/kasan/kasan.c  | 1 +
 mm/kasan/kasan.h  | 1 +
 mm/kasan/report.c | 3 ++-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c
index 135ce28..a336834 100644
--- a/mm/kasan/kasan.c
+++ b/mm/kasan/kasan.c
@@ -457,6 +457,7 @@ static inline depot_stack_handle_t save_stack(gfp_t flags)
 static inline void set_track(struct kasan_track *track, gfp_t flags)
 {
 	track->pid = current->pid;
+	track->when = jiffies;
 	track->stack = save_stack(flags);
 }
 
diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
index c12dcfd..0e4951b 100644
--- a/mm/kasan/kasan.h
+++ b/mm/kasan/kasan.h
@@ -77,6 +77,7 @@ struct kasan_global {
 struct kasan_track {
 	u32 pid;
 	depot_stack_handle_t stack;
+	unsigned long when;
 };
 
 struct kasan_alloc_meta {
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index 5c169aa..062c8ae 100644
--- a/mm/kasan/report.c
+++ b/mm/kasan/report.c
@@ -183,7 +183,8 @@ static void kasan_end_report(unsigned long *flags)
 
 static void print_track(struct kasan_track *track, const char *prefix)
 {
-	pr_err("%s by task %u:\n", prefix, track->pid);
+	pr_err("%s by task %u (%lu jiffies ago):\n", prefix, track->pid,
+	       jiffies - track->when);
 	if (track->stack) {
 		struct stack_trace trace;
 
-- 
1.8.3.1







