Re: kfree a pointer "from the middle" causing protection faults
From: Muni Sekhar
Date: Thu Sep 03 2015 - 00:25:15 EST
On Wed, Sep 2, 2015 at 9:39 PM, Jeff Epler <jepler@xxxxxxxxxxxxxx> wrote:
> On Wed, Sep 02, 2015 at 08:32:15PM +0530, Muni Sekhar wrote:
>> [ Please keep me in CC as I'm not subscribed to the list]
>>
>> Hello,
>>
>>
>> I am getting protection faults in different kernel modules if I try to
>> free a pointer "from the middle" for example, look at the following
>> code:
> [..]
>
> Most memory allocators require the pointer eventually passed to the
> freeing function is the same pointer as the one returned from the
> allocating function. This is true for libc malloc/free, for instance.
> As far as I know, it is true for the Linux allocators such as kzalloc.
> The bug lies in whatever part of linux makes the invalid kfree call.
>
> I have not found any documentation that kernel kzalloc/kfree allow
> passing a pointer "from the middle". For instance,
> These routines are used to dynamically request pointer-aligned chunks of
> memory, like malloc and free do in userspace
> https://www.kernel.org/doc/htmldocs/kernel-hacking/routines-kmalloc.html
>
> If the faulty code that you allude to is in the Linux source then please
> say what it is so that developers can fix it. If it's an out of source
> module or kernel patch then contact the supplier of that code.
The faulty code mentioned above is not in the Linux source, I noticed
this behaviour during testing our own module. Thanks for the
clarification Jeff.
>
> Jeff
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/