lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0702191051060.3230@sbz-30.cs.Helsinki.FI>
Date:	Mon, 19 Feb 2007 10:58:08 +0200 (EET)
From:	Pekka J Enberg <penberg@...helsinki.fi>
To:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
cc:	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	mcr@...delman.ca, clameter@....com
Subject: Re: [PATCH] slab: ensure cache_alloc_refill terminates

On Mon, 19 Feb 2007, KAMEZAWA Hiroyuki wrote:
> From my experience, this infinite loop in cache_alloc_refill() is caused by 
> double-free, always...(I'm sorry if my knowledge around the slab is too old.)

Well, I don't know what exactly caused slabp->inuse (could be cachep->num 
too, although sounds unlikely) to corrupt for Michael. But yeah, freeing 
an object twice obviously corrupts slabp->inuse too.

On Mon, 19 Feb 2007, KAMEZAWA Hiroyuki wrote:
> And it looks this additional check can caught the problem but maybe no help for
> fixing problem...How about adding printk like this ?
> ==
> if (unlikely(slabp->inuse >= cachep->num)) {
> 	printk("A problem is detected on slab %s\n", cachep->name);//this information is useful.
> 	printk("please use DEBUG_SLAB kernel for detecting what happens.");
> 	BUG(); 
> }

I don't think cachep->name is enough to debug the problem and as soon as 
you turn on CONFIG_SLAB_DEBUG double-frees should show up in 
verify_redzone_free with nice debugging info. So, I'd prefer we keep the 
simple BUG_ON and simply ask people to turn on debugging if they hit it.

				Pekka
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ