Re: [PATCH v4 16/35] mm: slub: Unpoison the memchr_inv() return value

From: Alexander Potapenko
Date: Tue Jun 18 2024 - 10:47:57 EST


On Thu, Jun 13, 2024 at 5:39 PM Ilya Leoshkevich <iii@xxxxxxxxxxxxx> wrote:
>
> Even though the KMSAN warnings generated by memchr_inv() are suppressed
> by metadata_access_enable(), its return value may still be poisoned.
>
> The reason is that the last iteration of memchr_inv() returns
> `*start != value ? start : NULL`, where *start is poisoned. Because of
> this, somewhat counterintuitively, the shadow value computed by
> visitSelectInst() is equal to `(uintptr_t)start`.
>
> The intention behind guarding memchr_inv() behind
> metadata_access_enable() is to touch poisoned metadata without
> triggering KMSAN, so unpoison its return value.

What do you think about applying __no_kmsan_checks to these functions instead?