Re: [PATCH v1] mm: kmsan: Fix poisoning of high-order non-compound pages

Next message: Jason Gunthorpe: "Re: [PATCH v4 1/2] kho: Adopt radix tree for preserved memory tracking"
Previous message: Nicolas Frattaroli: "[PATCH v8 4/4] drm/panthor: Add gpu_job_irq tracepoint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexander Potapenko

Date: Mon Jan 12 2026 - 09:38:47 EST

On Sun, Jan 4, 2026 at 7:02 PM Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Sun, 4 Jan 2026 13:43:47 +0000 Ryan Roberts <ryan.roberts@xxxxxxx> wrote:
>
> > kmsan_free_page() is called by the page allocator's free_pages_prepare()
> > during page freeing. It's job is to poison all the memory covered by the
> > page. It can be called with an order-0 page, a compound high-order page
> > or a non-compound high-order page. But page_size() only works for
> > order-0 and compound pages. For a non-compound high-order page it will
> > incorrectly return PAGE_SIZE.
> >
> > The implication is that the tail pages of a high-order non-compound page
> > do not get poisoned at free, so any invalid access while they are free
> > could go unnoticed. It looks like the pages will be poisoned again at
> > allocaiton time, so that would bookend the window.
> >
> > Fix this by using the order parameter to calculate the size.
> >
> > Fixes: b073d7f8aee4 ("mm: kmsan: maintain KMSAN metadata for page operations")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Ryan Roberts <ryan.roberts@xxxxxxx>
Reviewed-by: Alexander Potapenko <glider@xxxxxxxxxx>
Tested-by: Alexander Potapenko <glider@xxxxxxxxxx>

Thanks!
I'll send out a follow-up patch with a test for this behavior.