On Tue, Jul 31, 2018 at 4:50 PM, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> wrote: > On 07/31/2018 04:05 PM, Andrey Konovalov wrote: >> We can assign tags to objects with constructors when a slab is >> allocated and call constructors once as usual. The downside is that >> such object would always have the same tag when it is reallocated, so >> we won't catch use-after-frees. > > Actually you should do this for SLAB_TYPESAFE_BY_RCU slabs. Usually they are with ->ctors but there > are few without constructors. > We can't reinitialize or even retag them. The latter will definitely cause false-positive use-after-free reports. > > As for non-SLAB_TYPESAFE_BY_RCU caches with constructors, it's probably ok to reinitialize and retag such objects. > I don't see how could any code rely on the current ->ctor() behavior in non-SLAB_TYPESAFE_BY_RCU case, > unless it does something extremely stupid or weird. > But let's not do it now. If you care, you cand do it later, with a separate patch, so we could just revert > it if anything goes wrong. OK, will do it then when there's either a constructor or the slab is SLAB_TYPESAFE_BY_RCU.
