Re: [PATCH v2] mm: slub: avoid deref of free pointer in sanity checks if object is invalid

From: Matthew Wilcox
Date: Sun Jul 27 2025 - 23:29:46 EST

Next message: Jason Wang: "Re: [PATCH] virtio_ring: fix uninitialized used value"
Previous message: Jason Wang: "Re: [PATCH V4 19/19] virtio_ring: add in order support"
In reply to: liqiong: "Re: [PATCH v2] mm: slub: avoid deref of free pointer in sanity checks if object is invalid"
Next in thread: Harry Yoo: "Re: [PATCH v2] mm: slub: avoid deref of free pointer in sanity checks if object is invalid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 28, 2025 at 10:06:42AM +0800, liqiong wrote:
> >> In this case it's an object pointer, not a freelist pointer.
> >> Or am I misunderstanding something?
> > Actually, in alloc_debug_processing() the pointer came from slab->freelist,
> > so I think saying either "invalid freelist pointer" or
> > "invalid object pointer" make sense...
>
> free_consistency_checks() has
> 'slab_err(s, slab, "Invalid object pointer 0x%p", object);'
> Maybe it is better, alloc_consisency_checks() has the same message.

No. Think about it.

Next message: Jason Wang: "Re: [PATCH] virtio_ring: fix uninitialized used value"
Previous message: Jason Wang: "Re: [PATCH V4 19/19] virtio_ring: add in order support"
In reply to: liqiong: "Re: [PATCH v2] mm: slub: avoid deref of free pointer in sanity checks if object is invalid"
Next in thread: Harry Yoo: "Re: [PATCH v2] mm: slub: avoid deref of free pointer in sanity checks if object is invalid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]