Re: [Regression] hangs caused by commit 3202fa62fb (slub: relocate freelist pointer to middle of object)

From: Kees Cook
Date: Tue Jul 21 2020 - 15:00:41 EST

Next message: Palmer Dabbelt: "Re: [PATCH v5 1/4] riscv: Move kernel mapping to vmalloc zone"
Previous message: Alexander A. Klimov: "[PATCH] staging: comedi: das: Replace HTTP links with HTTPS ones"
In reply to: Paul Menzel: "[Regression] hangs caused by commit 3202fa62fb (slub: relocate freelist pointer to middle of object)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 21, 2020 at 04:55:12PM +0200, Paul Menzel wrote:
> No idea, if you are aware of it yet, but three people verified that commit
> 3202fa62fb (slub: relocate freelist pointer to middle of object) causes a
> regression on AMD hardware [1].

Hi, thanks for emailing; I don't get bugzilla notifications, so I hadn't
seen this yet.

> Itâd be great, if you took a look, and advised if this commit (and
> follow-ups) should be reverted, until the issue is analyzed.

There have been a number of fixes to that commit (which I see are
mentioned in a quick skim of the bug), but they've mostly been around
additional slab debugging features. If it's causing a problem outside
of that, my instinct would be there might be a use-after-free happening,
but I'll go read the bug more closely now, and comment there (or here,
if needed).

Thanks!

--
Kees Cook

Next message: Palmer Dabbelt: "Re: [PATCH v5 1/4] riscv: Move kernel mapping to vmalloc zone"
Previous message: Alexander A. Klimov: "[PATCH] staging: comedi: das: Replace HTTP links with HTTPS ones"
In reply to: Paul Menzel: "[Regression] hangs caused by commit 3202fa62fb (slub: relocate freelist pointer to middle of object)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]