Bug 212191

Summary: KASAN (tags): better use-after-free report header
Product: Memory Management Reporter: Andrey Konovalov (andreyknvl)
Component: SanitizersAssignee: MM/Sanitizers virtual assignee (mm_sanitizers)
Status: NEW ---    
Severity: normal CC: kasan-dev
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: upstream Subsystem:
Regression: No Bisected commit-id:

Description Andrey Konovalov 2021-03-09 15:37:10 UTC 
Currently, tag-based KASAN modes describe all detected bugs as "invalid-access". KASAN could describe some of them as "use-after-free". In particular when the accessed memory is tagged with the invalid (0xfe) tag as it is used for marking freed memory.
Comment 1 Andrey Konovalov 2022-10-18 19:13:35 UTC 
This has been improved with the addition of the stack ring [1].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f538e1f2d294cf8a9486fb1a7d4d4f0d16e2b01