On Wed, 2020-05-06 at 01:53 -0400, Qian Cai wrote: > > > On May 6, 2020, at 1:19 AM, Walter Wu <[email protected]> wrote: > > > > This patchset improves KASAN reports by making them to have > > call_rcu() call stack information. It is helpful for programmers > > to solve use-after-free or double-free memory issue. > > > > The KASAN report was as follows(cleaned up slightly): > > > > BUG: KASAN: use-after-free in kasan_rcu_reclaim+0x58/0x60 > > > > Freed by task 0: > > save_stack+0x24/0x50 > > __kasan_slab_free+0x110/0x178 > > kasan_slab_free+0x10/0x18 > > kfree+0x98/0x270 > > kasan_rcu_reclaim+0x1c/0x60 > > rcu_core+0x8b4/0x10f8 > > rcu_core_si+0xc/0x18 > > efi_header_end+0x238/0xa6c > > > > First call_rcu() call stack: > > save_stack+0x24/0x50 > > kasan_record_callrcu+0xc8/0xd8 > > call_rcu+0x190/0x580 > > kasan_rcu_uaf+0x1d8/0x278 > > > > Last call_rcu() call stack: > > (stack is not available) > > > > > > Add new CONFIG option to record first and last call_rcu() call stack > > and KASAN report prints two call_rcu() call stack. > > > > This option doesn't increase the cost of memory consumption. It is > > only suitable for generic KASAN. > > I don’t understand why this needs to be a Kconfig option at all. If > call_rcu() stacks are useful in general, then just always gather those > information. How do developers judge if they need to select this option or > not?
Because we don't want to increase slub meta-data size, so enabling this option can print call_rcu() stacks, but the in-use slub object doesn't print free stack. So if have out-of-bound issue, then it will not print free stack. It is a trade-off, see [1]. [1] https://bugzilla.kernel.org/show_bug.cgi?id=198437 Thanks
