Hi, Aureau
Thank you for the fix.

On Thu, Aug 29, 2024 at 5:56 PM <devel-request@lists.crash-utility.osci.io> wrote:
Date: Thu, 29 Aug 2024 09:15:36 +0000
From: "Aureau, Georges (Kernel Tools ERT)" <georges.aureau@hpe.com>
Subject: [Crash-utility][PATCH] “kmem address” not working properly
        when redzone is enabled
To: "devel@lists.crash-utility.osci.io"
        <devel@lists.crash-utility.osci.io>
Message-ID: <SJ0PR84MB1482E72F9E168B3B0CE885C89F962@SJ0PR84MB1482.NAMP
        RD84.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="Windows-1252"

Crash “kmem address” not working properly when redzone is enabled.

When "slub_debug" is enabled with redzoning, "kmem address" does not work properly.
The "red_left_pad" member within "struct kmem_cache" is currently an "unsigned int",
it used to be an "int", but it never was a "long", hence "red_left_pad" in do_slab_slub()
was not initialized properly. This "red_left_pad" issue resulted in reporting free objects
as "[ALLOCATED]", and in reporting bogus object addresses when using "set redzone off".


Can you help add the result of the 'kmem address' command here? We can clearly see what error it is.

And also please add the kernel commit to patch log:
kernel commit 2ca6d39b3102 ("slub: make ->red_left_pad unsigned int")

Signed-off-by: Georges Aureau <georges.aureau@hpe.com>
--
diff --git a/memory.c b/memory.c
index a74ebaf..967a9cf 100644
--- a/memory.c
+++ b/memory.c
@@ -19637,7 +19637,8 @@ do_slab_slub(struct meminfo *si, int verbose)
        int i, free_objects, cpu_slab, is_free, node;
        ulong p, q;
 #define SLAB_RED_ZONE 0x00000400UL
-       ulong flags, red_left_pad;
+       ulong flags;
+       uint red_left_pad;

        if (!si->slab) {
                if (CRASHDEBUG(1))
@@ -19727,7 +19728,7 @@ do_slab_slub(struct meminfo *si, int verbose)
        if (VALID_MEMBER(kmem_cache_red_left_pad)) {
                flags = ULONG(si->cache_buf + OFFSET(kmem_cache_flags));
                if (flags & SLAB_RED_ZONE)
-                       red_left_pad = ULONG(si->cache_buf + OFFSET(kmem_cache_red_left_pad));
+                       red_left_pad = UINT(si->cache_buf + OFFSET(kmem_cache_red_left_pad));
        }


This change looks good to me, but I still have a question:
I can not reproduce the current issue, how did you reproduce this one? Can you help list the steps to reproduce?


Thanks
Lianbo
 
        for (p = vaddr; p < vaddr + objects * si->size; p += si->size) {

------------------------------