From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935705AbcHBRKA (ORCPT ); Tue, 2 Aug 2016 13:10:00 -0400 Received: from mail-db5eur01on0100.outbound.protection.outlook.com ([104.47.2.100]:20890 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932609AbcHBRJo (ORCPT ); Tue, 2 Aug 2016 13:09:44 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=aryabinin@virtuozzo.com; Subject: Re: [PATCH 6/6] kasan: improve double-free reports. To: Alexander Potapenko References: <1470062715-14077-1-git-send-email-aryabinin@virtuozzo.com> <1470062715-14077-6-git-send-email-aryabinin@virtuozzo.com> CC: Andrew Morton , Dave Jones , Vegard Nossum , "Sasha Levin" , Dmitry Vyukov , kasan-dev , LKML , Linux Memory Management List From: Andrey Ryabinin Message-ID: <57A0933F.8000706@virtuozzo.com> Date: Tue, 2 Aug 2016 15:34:07 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [195.214.232.10] X-ClientProxiedBy: AM2PR09CA0027.eurprd09.prod.outlook.com (10.161.22.165) To AM5PR0802MB2547.eurprd08.prod.outlook.com (10.175.45.23) X-MS-Office365-Filtering-Correlation-Id: 6f7393f4-a2e3-4bd1-6a64-08d3bad121ae X-Microsoft-Exchange-Diagnostics: 1;AM5PR0802MB2547;2:8BpkwwUnjpPJ/zSUt436Cpf29rwCDPbZRCT3CZVJ6aFF0KcIFsOJd4NFH5ZpHlszVKT+sBcYyU4fiqqBe75Io4z3f2POu8D4sSep2hAKDTby5/k+zWF7yHLZC585hK3CmGiX/HpU68fUnlIGDiXdWSXhaA/l0qbUefNWKXyNmT3oXp/NaWck3klwUJFz2sQU;3:8l1yW4ZQw3GLC6wbRLEgy+7JK4vYS6P3rTPXgahQEZ/U94z3t5DokE0nhskKEuy4Kn8YKOTDPEa8DzVPf15fa/h0By6cYkDVNN0NXTHNhPFdhqq69BSZfXLUDamcfexK;25:aKEJlel2B/Uft+gWZqyleX+itOVSg7lY9oqlMgPKexOql8yS03onKLsn9IRk6DvTJ1N6NREJMmRsAepECiN28oH4wWwmEJooYiH4O4IjAglAOq6sLC2NSar1+NKmWuRRKZuPqEaLCCH/0+wzJ4xv5z4EzEz1XURAK8PLyZouCw3Wm5YZ8BDVu3rO2cdsrOT4XwToIGGQS5h2efCRfrMGt4BhBh2Jz9jUC6CneUxarAonsaZOyb4/YcrnpUgt5hSfTifZm2tLUP9oq+e/uBbU+MCk2oMMhTu6ycdivgisxfnYQjisoH3o9I91hOq7UbOzT+hEditpTsd9wJ0GwfU0JPBo6NkUlrLC3wdtzgu29Xi3GxYu3aUPnx1TVmPHqy7QG43aSxHHpF4IU74dsKsrIw==;31:W+UNP8M5c42b3eiL4Ms9OXVm9VGuGU5vjD2EABqXXGzotjZvOaxXvglU+dvnZXzjqAv5LuGI6b+xcINNNsx8l5HlIxWE/g49arsfb41YmlDTeCiu3NBWVoRL5PY6cW5mGLFKsF4mtVrspsFhAuBk+DaWvnsbdauTLH5RfKQSBhU80Ep82LcCQN7bByXFT0zauSV6RjpCHSXAji3CSVjtvQ== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM5PR0802MB2547; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040130)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6041072)(6043046);SRVR:AM5PR0802MB2547;BCL:0;PCL:0;RULEID:;SRVR:AM5PR0802MB2547; X-Microsoft-Exchange-Diagnostics: 1;AM5PR0802MB2547;4:3pKeYTWZ88STdrvJ5ErwJ50jswGV8yq/b8bfSwfz1EL++K7iCoqHfZ8IHludn2bpm9gtowFDmwEAQGGXjjmv7vtiz1euCDaiZiL2aMNBEzFshGMNcN5nW9iNLSYV5gDKVaqGvzre4zwtfikVWqmwsxH4QXPtwTSBYNcF3oGDgq/iOyNige2T5SsrrID1hrOAp7R+D82Iy6Vzt7f/mvQICbUTdkeylW9cscKW2w8Rvic2zEi2Ddu9tCmeE+fMnqCIsUl32TNX0AKlXmhBtEW4kNyWtesmf/MnaD/SrXwD9PNOh5AWjzax4EC7bLN+POx3kNAHY4U1OUbAHTSEqmPPgFTsqCobn6XbxuxWULpdCHjA9kewyQEZc18DVNldHUDcAN1P3iiq5Wt8PXv16cI2vVi7IriiXsRk7vtldT7hlaA= X-Forefront-PRVS: 0022134A87 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6009001)(6049001)(7916002)(189002)(24454002)(377454003)(199003)(54356999)(50466002)(33656002)(47776003)(106356001)(68736007)(3846002)(101416001)(305945005)(81166006)(230700001)(80316001)(81156014)(6116002)(8676002)(2950100001)(586003)(76176999)(7736002)(23676002)(50986999)(7846002)(83506001)(105586002)(77096005)(87266999)(92566002)(110136002)(42186005)(59896002)(2906002)(36756003)(189998001)(65806001)(64126003)(65816999)(97736004)(86362001)(4326007)(4001350100001)(66066001)(65956001)(21643005);DIR:OUT;SFP:1102;SCL:1;SRVR:AM5PR0802MB2547;H:[10.30.19.223];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtBTTVQUjA4MDJNQjI1NDc7MjM6WDBiQkFybkxJZlJLZFFUQS9CRlV1RkpG?= =?utf-8?B?ZDc2QXFPdVFxUHVCM041eEFsK2RXWFFoNWs1Y1poMUppVnVsZDlJVUZVd2J4?= =?utf-8?B?THhjWlorYy9TOVp1SHJqcmFBTGVLaUl1cGJlSVNTd3BHd0h1NnIvVDR3VWIr?= =?utf-8?B?N2J5cnFHYWhtcEJJbmpsY09XOXdEblRDRU00VHVVdEFVams5U1MwUjQ1d0ow?= =?utf-8?B?bDM3UHE0UDEwc1ZSbWY3L05HRDZWY2hsU09hZElSSW9NNWpTcml1WEhqVEt1?= =?utf-8?B?MmM5cTZteEtmRkZTNU9xVlQzSmNSVTZIcTFUWTlranpqQzFVeW5Fa1hyTW82?= =?utf-8?B?M09hRGR2SnBXVXk1VGl2M1VsbVJ3dGhTaUhiUitRcnFzbGFGSWF5eEhhdmVJ?= =?utf-8?B?Tjl4RzZnWWdvLzRUeTRCVFNFMy9yOVdIMEJjWnZyL2pKajFTSEV3UFpTUmhF?= =?utf-8?B?b0V4MVNXSU5PZUtkV3I5dEJsZXhFekJsV0RCQUtVSXJ3QkZwaU01bEd2VWZC?= =?utf-8?B?OGxoTnhOMjRVeFdOK3lZZ2FUNHRCZnVjWTh6akx1RVpWTVVPVTRGQ2NhMW1a?= =?utf-8?B?RzlUVlN2SXhSMHBHek5oYUlmU3BjTHhrSXpSVDIyb2c5MzFTWVFGYjZlRFR0?= =?utf-8?B?eDRnRFJrVjRHV0x2MTZLeXJpUlYwRnQyaUpZNXdPYXR5WXZNN0pOMmRaeEly?= =?utf-8?B?WWJFTjlMOHFERjRWeWNkenpLVlh2UmNjUzhPYzRwc0R5Qys3QmZZM3dwSGU5?= =?utf-8?B?ZWVMWnlsQWljemx3aFd6YnVKd3lVTXRTdDBXb20yOE5lQ0ozbmhweXhKdStJ?= =?utf-8?B?eWJIVEhJOVFHUEVYY3FLUkFPci9yQkFYcThPRFNIM3R5VXFwN3JKMENJWXdL?= =?utf-8?B?L0ZLSFVFTk5zMHc4QUdDTW1HMGNkTGhScTRLcy91WkJQUWhGZEV3d01MZHJF?= =?utf-8?B?RE1sbUVVVGZqSlc0L3dCM01BWS9IYVJkTGFrT1BqdlZqWHhZWVNaSDZ3ZFRu?= =?utf-8?B?M3Q1eEd6OXJDOEVQT1dESmwvWFYxMDA0d3lENVFqbEJVd2M4OTQvcGFBSm5I?= =?utf-8?B?NlBacFpDZ3lSeDNJeURxeUNPOXd4QzdwRW43YjhvblowbkRhakMyUVNYMDFp?= =?utf-8?B?ZXpYb285Skhyenhmd0YyODVZazYyL250MCs3YU5PTzBVNjg4ZWcweFlkTEZ3?= =?utf-8?B?NVRGbWdYaW5NeXVlUk00dEZrUS81eUVkWGNqQlYySnRVNWpFRWFJTFhMN3V5?= =?utf-8?B?b1M1OGl3d1F1RnRqZ0Zud2tCNFN4bzJMMU5vYzhUTVVHcnRkTHR1ZGRBdmdY?= =?utf-8?B?K2JWaitYS0RqUjM4T2lBZjV3aDJoOEt5Uks2U3g0UXNmV1hlbEVsZWRrZnJa?= =?utf-8?B?NXNaMndhaHFwL2lJRjF6VTAzandDMWxKYks1aXdYWWJJK3N5NmVMT0RsYStP?= =?utf-8?B?bTVSWWxOMW0yZ0NNYjh5K0lUcUNrblcrTERHOTk5emJRR3BJVTJiV1RsUmcx?= =?utf-8?B?K1Vta2lXWE43R2h2M2hIWEpxeVN2N3VuK09WSTdpN2NXSXg3ZGFLOHFNb3JL?= =?utf-8?B?RDhoL0RTd0ZXV0RDYU5TSSs3Z05iVS8rUWIrUHVvVEhlVEFHN2ptaW42ZGp1?= =?utf-8?B?S0hqOWlwZDJ6R3c5K1UvYThVQXNCN2gvRW1lT0Jmd0gzQ2NyWVVQQ08vM2tM?= =?utf-8?Q?hlIZai3nBLOX2/8ocfZI=3D?= X-Microsoft-Exchange-Diagnostics: 1;AM5PR0802MB2547;6:XasVuVUc1XdXfAkljQyOKRGRtpf1m82K6zyCbc/zXC2f65OsMzfEbMY9r8ghoCXAenM3JWYBoOj4w8jZqYT0ta5dA9xQS10SDo4O9AaBDsYQrY4LDRyu0wi9qnIGNjC7EPYUkKJU53TKAEzvEsPFadVfhv8515uMwotGkanzFk5BcwTTJBPpidV5NcN0rg+pEcsvQT7jdybKM18e9m4dmjacVsuv7ave+towcFcU4QkbKQ2tgOgG3aqN6fTHgnrJb26hg0zawtBOoxuXfXmIz0JqpyodF7acNwQuhjGL4GBMSezCTz748VuDgV+NqwRx;5:YtcOOkHMG/5y0NT7bSA4g5k5YiqggfYVB73gVINxU6us0FyiSIBjAk+njTguiWsd79mv8b4y5rmTWrivXdI8sJHd5dDGOvfSgj0YVujJREuuDKMigokxBZn0DJzWK4uN6hhVmsNP98f8y/deeuTsxg==;24:UKs4XiKU9BlqkrHEkKcXCBKernokTSTErvGJk6A3XNIHl/baAoy1Ho0B9M1i/EgiXOTBe8jhZZa/IhLUdYBhrtg9Acz0e3noFr2AwDIxc/U=;7:p3EfGn5nKsvUmZC5rS6kEqeqIfsMxeGu1wrwdXZnA/0omKNqK0MDZloAy0c81LMnJ6oUuLY3LLmWJGaZIuCDX0D4zz0lm6b6nx3Km2sRrm0RXyGeXtjDssgqMszDUy8TsmcKncoYoyxMWrKAnfNmoeLOvvOibSkU2LvJKqZRtc8cl9NQVxg0pMwYB2IujtuZl4COCyFrw0tLSgZr1amkt1YjscdC7LcAk8V5xifjZGvXl/eL5403Un1ziwiuaGNN SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;AM5PR0802MB2547;20:zR16jdzYYM0rNVV8kuMbxNt3+EZ3LpBaNBhbg05q4WLJ6/pgXW2Nj684b/XWzzRdkwmufVZnQNf2ErNgSwfyKDH4vuvQJwmnRN+ESjPHTKHoHhQRv/uUbZ/VGv7kw8HFVPQCXWK39rNGCESUpGW4msLtcNce5jBbw5ZxQnOb+ls= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Aug 2016 12:32:55.8415 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0802MB2547 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 08/02/2016 02:39 PM, Alexander Potapenko wrote: >> +static void kasan_end_report(unsigned long *flags) >> +{ >> + pr_err("==================================================================\n"); >> + add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); > Don't we want to add the taint as early as possible once we've > detected the error? What for? It certainly shouldn't be before dump_stack(), otherwise on the first report the kernel will claimed as tainted. >> >> +void kasan_report_double_free(struct kmem_cache *cache, void *object, >> + s8 shadow) >> +{ >> + unsigned long flags; >> + >> + kasan_start_report(&flags); >> + pr_err("BUG: Double free or corrupt pointer\n"); > How about "Double free or freeing an invalid pointer\n"? > I think "corrupt pointer" doesn't exactly reflect where the bug is. Ok