Enabling SLUB_DEBUG's SLAB_CONSISTENCY_CHECKS with KASAN_SW_TAGS
triggers endless false positives during boot below due to
check_valid_pointer() checks tagged pointers which have no addresses
that is valid within slab pages.
[ 0.000000] BUG radix_tree_node (Tainted: G B ): Freelist
Pointer check fails
[ 0.000000]
-----------------------------------------------------------------------------
[ 0.000000]
[ 0.000000] INFO: Slab 0x(____ptrval____) objects=69 used=69 fp=0x
(null) flags=0x7ffffffc000200
[ 0.000000] INFO: Object 0x(____ptrval____) @offset=15060037153926966016
fp=0x(____ptrval____)
[ 0.000000]
[ 0.000000] Redzone (____ptrval____): bb bb bb bb bb bb bb bb bb bb bb bb bb
bb bb bb ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 18 6b 06 00 08
80 ff d0 .........k......
[ 0.000000] Object (____ptrval____): 18 6b 06 00 08 80 ff d0 00 00 00 00 00
00 00 00 .k..............
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Object (____ptrval____): 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 ................
[ 0.000000] Redzone (____ptrval____): bb bb bb bb bb bb bb bb
........
[ 0.000000] Padding (____ptrval____): 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a
5a 5a 5a ZZZZZZZZZZZZZZZZ
[ 0.000000] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B
5.0.0-rc5+ #18
[ 0.000000] Call trace:
[ 0.000000] dump_backtrace+0x0/0x450
[ 0.000000] show_stack+0x20/0x2c
[ 0.000000] __dump_stack+0x20/0x28
[ 0.000000] dump_stack+0xa0/0xfc
[ 0.000000] print_trailer+0x1bc/0x1d0
[ 0.000000] object_err+0x40/0x50
[ 0.000000] alloc_debug_processing+0xf0/0x19c
[ 0.000000] ___slab_alloc+0x554/0x704
[ 0.000000] kmem_cache_alloc+0x2f8/0x440
[ 0.000000] radix_tree_node_alloc+0x90/0x2fc
[ 0.000000] idr_get_free+0x1e8/0x6d0
[ 0.000000] idr_alloc_u32+0x11c/0x2a4
[ 0.000000] idr_alloc+0x74/0xe0
[ 0.000000] worker_pool_assign_id+0x5c/0xbc
[ 0.000000] workqueue_init_early+0x49c/0xd50
[ 0.000000] start_kernel+0x52c/0xac4
[ 0.000000] FIX radix_tree_node: Marking all objects used
[ 0.000000]
Signed-off-by: Qian Cai <c...@lca.pw>
---
mm/slub.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/mm/slub.c b/mm/slub.c
index 1e3d0ec4e200..075ebc529788 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -507,6 +507,7 @@ static inline int check_valid_pointer(struct kmem_cache *s,
return 1;
base = page_address(page);
+ object = kasan_reset_tag(object);
object = restore_red_left(s, object);
if (object < base || object >= base + page->objects * s->size ||
(object - base) % s->size) {
--
2.17.2 (Apple Git-113)
