From: Maninder Singh <maninder1.s@samsung.com>
To: "linux@armlinux.org.uk" <linux@armlinux.org.uk>,
"cl@linux.com" <cl@linux.com>,
"penberg@kernel.org" <penberg@kernel.org>,
"rientjes@google.com" <rientjes@google.com>,
"iamjoonsoo.kim@lge.com" <iamjoonsoo.kim@lge.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"vbabka@suse.cz" <vbabka@suse.cz>
Cc: Maninder Singh <maninder1.s@samsung.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
AMIT SAHRAWAT <a.sahrawat@samsung.com>,
Vaneet Narang <v.narang@samsung.com>
Subject: RE: [PATCH v2] arm: print alloc free paths for address in registers
Date: Wed, 10 Mar 2021 11:20:35 +0530 [thread overview]
Message-ID: <20210310055035epcms5p230de287f0daec198eb334b3348d07924@epcms5p2> (raw)
In-Reply-To: <1614239800-27549-1-git-send-email-maninder1.s@samsung.com>
Hi,
Any comments or updates?
>Sender : Maninder Singh <maninder1.s@samsung.com> Engineer/Platform S/W Group /SRI-Delhi/Samsung Electronics
>Date : 2021-02-25 13:57 (GMT+5:30)
>Title : [PATCH v2] arm: print alloc free paths for address in registers
>
>In case of "Use After Free" kernel OOPs, free path of object
>is required to debug futher.
>And in most of cases object address is present in one of registers.
>
>Thus check for register address and if it belongs to slab,
>print its alloc and free path.
>
>e.g. in below issue register r6 belongs to slab, and use after free issue
>occurred on one of its derefer values:
>
>[ 124.310386] (ptrval)
>[ 124.312647] 8<--- cut here ---
>[ 124.313761] Unable to handle kernel paging request at virtual address 6b6b6b6f
>[ 124.315972] pgd = (ptrval)
>...
>[ 124.328290] pc : [<c052fc0c>] lr : [<c052fc00>] psr: 60000013
>[ 124.330349] sp : c8993d28 ip : 0000bff4 fp : c8ae2020
>[ 124.332071] r10: 00000000 r9 : 00000001 r8 : c1804cc8
>[ 124.333803] r7 : 00000000 r6 : c8ae9180 r5 : c1804a80 r4 : c8ae2008
>[ 124.335936] r3 : 6b6b6b6b r2 : 315049d6 r1 : 2d867000 r0 : c1396584
>..
>[ 124.365233] register r6: c8ae9180 belongs to slab object
>[ 124.366364] INFO: Allocated in meminfo_proc_show+0x3c/0x500 age=1 cpu=0 pid=69
>[ 124.367545] meminfo_proc_show+0x3c/0x500
>[ 124.368271] seq_read_iter+0x10c/0x4bc
>[ 124.368994] proc_reg_read_iter+0x74/0xa8
>[ 124.369712] generic_file_splice_read+0xe8/0x178
>[ 124.370496] splice_direct_to_actor+0xe0/0x2b8
>[ 124.371261] do_splice_direct+0xa4/0xdc
>[ 124.371917] do_sendfile+0x1c4/0x3ec
>[ 124.372550] sys_sendfile64+0x128/0x130
>[ 124.373109] ret_fast_syscall+0x0/0x54
>[ 124.373664] 0xbe9a2de4
>[ 124.374081] INFO: Freed in meminfo_proc_show+0x5c/0x500 age=1 cpu=0 pid=69
>[ 124.374933] meminfo_proc_show+0x5c/0x500
>[ 124.375485] seq_read_iter+0x10c/0x4bc
>[ 124.376020] proc_reg_read_iter+0x74/0xa8
>[ 124.376643] generic_file_splice_read+0xe8/0x178
>[ 124.377331] splice_direct_to_actor+0xe0/0x2b8
>[ 124.378022] do_splice_direct+0xa4/0xdc
>[ 124.378633] do_sendfile+0x1c4/0x3ec
>[ 124.379220] sys_sendfile64+0x128/0x130
>[ 124.379822] ret_fast_syscall+0x0/0x54
>[ 124.380421] 0xbe9a2de4
>
>Co-developed-by: Vaneet Narang <v.narang@samsung.com>
>Signed-off-by: Vaneet Narang <v.narang@samsung.com>
>Signed-off-by: Maninder Singh <maninder1.s@samsung.com>
>---
>v1 -> v2: do address sanity with virt_addr_valid
>
> arch/arm/include/asm/bug.h | 1 +
> arch/arm/kernel/process.c | 18 ++++++++++++++++++
> arch/arm/kernel/traps.c | 1 +
> include/linux/slab.h | 14 ++++++++++++++
> mm/slab.h | 7 -------
> mm/slub.c | 18 ++++++++++++++++++
> 6 files changed, 52 insertions(+), 7 deletions(-)
Thanks,
Maninder Singh
next prev parent reply other threads:[~2021-03-10 5:50 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20210225075653epcas5p3d9551f01177d0c851c9c37f6ae84f38d@epcas5p3.samsung.com>
2021-02-25 7:56 ` Maninder Singh
[not found] ` <CGME20210225075653epcas5p3d9551f01177d0c851c9c37f6ae84f38d@epcms5p2>
2021-03-10 5:50 ` Maninder Singh [this message]
2021-03-10 14:02 ` Vlastimil Babka
[not found] ` <CGME20210225075653epcas5p3d9551f01177d0c851c9c37f6ae84f38d@epcms5p6>
[not found] ` <20210311105115epcms5p679b5dd4fb157f85a73f5a36632ee2c43@epcms5p6>
2021-03-12 9:21 ` Vlastimil Babka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210310055035epcms5p230de287f0daec198eb334b3348d07924@epcms5p2 \
--to=maninder1.s@samsung.com \
--cc=a.sahrawat@samsung.com \
--cc=akpm@linux-foundation.org \
--cc=cl@linux.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@armlinux.org.uk \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
--cc=v.narang@samsung.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox