From owner-freebsd-current@FreeBSD.ORG Sat Jun 25 02:31:46 2005 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22A1D16A41C for ; Sat, 25 Jun 2005 02:31:46 +0000 (GMT) (envelope-from silby@silby.com) Received: from relay01.pair.com (relay01.pair.com [209.68.5.15]) by mx1.FreeBSD.org (Postfix) with SMTP id C534A43D53 for ; Sat, 25 Jun 2005 02:31:45 +0000 (GMT) (envelope-from silby@silby.com) Received: (qmail 22440 invoked from network); 25 Jun 2005 02:31:43 -0000 Received: from unknown (HELO localhost) (unknown) by unknown with SMTP; 25 Jun 2005 02:31:43 -0000 X-pair-Authenticated: 209.68.2.70 Date: Fri, 24 Jun 2005 21:31:28 -0500 (CDT) From: Mike Silbersack To: current@freebsd.org Message-ID: <20050624212729.C537@odysseus.silby.com> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1915742314-1119666662=:537" Content-ID: <20050624213107.R537@odysseus.silby.com> Cc: Thierry Herbelot Subject: Mbuf double-free guilty party detection patch X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2005 02:31:46 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-1915742314-1119666662=:537 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; format=flowed Content-ID: <20050624213107.H537@odysseus.silby.com> The attached patch stores the address of who freed an mbuf/cluster/whatever inside it, then prints that address when panicing. You can then feed that address into "x 0xwhatever" in DDB to see who the semi-guilty party is. Two flaws in the patch as is: - It's messy and not compatible with non-i386, cleanups are needed. - If the mbuf in question is part of a mbuf chain, we'll see m_freem as the guilty party, because it called m_free. So, if you're one of the people seeing panics due to mbufs being used after free, please try applying the patch and see what results you get. If you keep getting m_freem as the previous user, then I'll have to enhance it to work around that. Mike "Silby" Silbersack --0-1915742314-1119666662=:537 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME=mbuf_trash_list_freeing_address.patch Content-Transfer-Encoding: BASE64 Content-ID: <20050624213102.N537@odysseus.silby.com> Content-Description: Content-Disposition: ATTACHMENT; FILENAME=mbuf_trash_list_freeing_address.patch ZGlmZiAtdSAtciAvdXNyL3NyYy9zeXMub2xkL2tlcm4vdWlwY19tYnVmLmMg L3Vzci9zcmMvc3lzL2tlcm4vdWlwY19tYnVmLmMNCi0tLSAvdXNyL3NyYy9z eXMub2xkL2tlcm4vdWlwY19tYnVmLmMJRnJpIEp1biAyNCAyMDoxMzo1OSAy MDA1DQorKysgL3Vzci9zcmMvc3lzL2tlcm4vdWlwY19tYnVmLmMJRnJpIEp1 biAyNCAyMDo1MDoxNiAyMDA1DQpAQCAtMjE5LDcgKzIxOSw3IEBADQogICog c3RvcmFnZSBhdHRhY2hlZCB0byB0aGVtIGlmIHRoZSByZWZlcmVuY2UgY291 bnQgaGl0cyAwLg0KICAqLw0KIHZvaWQNCi1tYl9mcmVlX2V4dChzdHJ1Y3Qg bWJ1ZiAqbSkNCittYl9mcmVlX2V4dChzdHJ1Y3QgbWJ1ZiAqbSwgdm9pZCAq YXJnKQ0KIHsNCiAJdV9pbnQgY250Ow0KIAlpbnQgZG9mcmVlOw0KQEAgLTI0 OSwxMCArMjQ5LDEwIEBADQogCQkgKiBEbyB0aGUgZnJlZSwgc2hvdWxkIGJl IHNhZmUuDQogCQkgKi8NCiAJCWlmIChtLT5tX2V4dC5leHRfdHlwZSA9PSBF WFRfUEFDS0VUKSB7DQotCQkJdW1hX3pmcmVlKHpvbmVfcGFjaywgbSk7DQor CQkJdW1hX3pmcmVlX2FyZyh6b25lX3BhY2ssIG0sIGFyZyk7DQogCQkJcmV0 dXJuOw0KIAkJfSBlbHNlIGlmIChtLT5tX2V4dC5leHRfdHlwZSA9PSBFWFRf Q0xVU1RFUikgew0KLQkJCXVtYV96ZnJlZSh6b25lX2NsdXN0LCBtLT5tX2V4 dC5leHRfYnVmKTsNCisJCQl1bWFfemZyZWVfYXJnKHpvbmVfY2x1c3QsIG0t Pm1fZXh0LmV4dF9idWYsIGFyZyk7DQogCQkJbS0+bV9leHQuZXh0X2J1ZiA9 IE5VTEw7DQogCQl9IGVsc2Ugew0KIAkJCSgqKG0tPm1fZXh0LmV4dF9mcmVl KSkobS0+bV9leHQuZXh0X2J1ZiwNCkBAIC0yNjYsNyArMjY2LDcgQEANCiAJ CQltLT5tX2V4dC5leHRfYnVmID0gTlVMTDsNCiAJCX0NCiAJfQ0KLQl1bWFf emZyZWUoem9uZV9tYnVmLCBtKTsNCisJdW1hX3pmcmVlX2FyZyh6b25lX21i dWYsIG0sIGFyZyk7DQogfQ0KIA0KIC8qDQpAQCAtMTM4MSw0ICsxMzgxLDE5 IEBADQogCWlmIChtX2ZpbmFsKQ0KIAkJbV9mcmVlbShtX2ZpbmFsKTsNCiAJ cmV0dXJuIChOVUxMKTsNCit9DQorDQorc3RydWN0IG1idWYgKg0KK21fZnJl ZShzdHJ1Y3QgbWJ1ZiAqbSkNCit7DQorICAgICAgICBzdHJ1Y3QgbWJ1ZiAq biA9IG0tPm1fbmV4dDsNCisgDQorI2lmZGVmIElOVkFSSUFOVFMNCisgICAg ICAgIG0tPm1fZmxhZ3MgfD0gTV9GUkVFTElTVDsNCisjZW5kaWYNCisgICAg ICAgIGlmIChtLT5tX2ZsYWdzICYgTV9FWFQpDQorICAgICAgICAgICAgICAg IG1iX2ZyZWVfZXh0KG0sIF9fYnVpbHRpbl9yZXR1cm5fYWRkcmVzcygwKSk7 DQorICAgICAgICBlbHNlDQorICAgICAgICAgICAgICAgIHVtYV96ZnJlZV9h cmcoem9uZV9tYnVmLCBtLCBfX2J1aWx0aW5fcmV0dXJuX2FkZHJlc3MoMCkp Ow0KKyAgICAgICAgcmV0dXJuIG47DQogfQ0KZGlmZiAtdSAtciAvdXNyL3Ny Yy9zeXMub2xkL3N5cy9tYnVmLmggL3Vzci9zcmMvc3lzL3N5cy9tYnVmLmgN Ci0tLSAvdXNyL3NyYy9zeXMub2xkL3N5cy9tYnVmLmgJRnJpIEp1biAyNCAy MDoxNzozMSAyMDA1DQorKysgL3Vzci9zcmMvc3lzL3N5cy9tYnVmLmgJRnJp IEp1biAyNCAyMDo1MzowNyAyMDA1DQpAQCAtMzUwLDEwICszNTAsMTAgQEAN CiBzdGF0aWMgX19pbmxpbmUgc3RydWN0IG1idWYJKm1fZ2V0aGRyKGludCBo b3csIHNob3J0IHR5cGUpOw0KIHN0YXRpYyBfX2lubGluZSBzdHJ1Y3QgbWJ1 ZgkqbV9nZXRjbChpbnQgaG93LCBzaG9ydCB0eXBlLCBpbnQgZmxhZ3MpOw0K IHN0YXRpYyBfX2lubGluZSBzdHJ1Y3QgbWJ1ZgkqbV9nZXRjbHIoaW50IGhv dywgc2hvcnQgdHlwZSk7CS8qIFhYWCAqLw0KLXN0YXRpYyBfX2lubGluZSBz dHJ1Y3QgbWJ1ZgkqbV9mcmVlKHN0cnVjdCBtYnVmICptKTsNCitzdHJ1Y3Qg bWJ1ZiAgICAgKm1fZnJlZShzdHJ1Y3QgbWJ1ZiAqbSk7DQogc3RhdGljIF9f aW5saW5lIHZvaWQJCSBtX2NsZ2V0KHN0cnVjdCBtYnVmICptLCBpbnQgaG93 KTsNCiBzdGF0aWMgX19pbmxpbmUgdm9pZAkJIG1fY2h0eXBlKHN0cnVjdCBt YnVmICptLCBzaG9ydCBuZXdfdHlwZSk7DQotdm9pZAkJCQkgbWJfZnJlZV9l eHQoc3RydWN0IG1idWYgKik7DQordm9pZAkJCQkgbWJfZnJlZV9leHQoc3Ry dWN0IG1idWYgKiwgdm9pZCAqYXJnKTsNCiANCiBzdGF0aWMgX19pbmxpbmUN CiBzdHJ1Y3QgbWJ1ZiAqDQpAQCAtNDA0LDcgKzQwNCw4IEBADQogCXJldHVy biAodW1hX3phbGxvY19hcmcoem9uZV9wYWNrLCAmYXJncywgaG93KSk7DQog fQ0KIA0KLXN0YXRpYyBfX2lubGluZQ0KKyNpZiAwDQorc3RhdGljDQogc3Ry dWN0IG1idWYgKg0KIG1fZnJlZShzdHJ1Y3QgbWJ1ZiAqbSkNCiB7DQpAQCAt NDE0LDExICs0MTUsMTIgQEANCiAJbS0+bV9mbGFncyB8PSBNX0ZSRUVMSVNU Ow0KICNlbmRpZg0KIAlpZiAobS0+bV9mbGFncyAmIE1fRVhUKQ0KLQkJbWJf ZnJlZV9leHQobSk7DQorCQltYl9mcmVlX2V4dChtLCBfX2J1aWx0aW5fcmV0 dXJuX2FkZHJlc3MoMCkpOw0KIAllbHNlDQotCQl1bWFfemZyZWUoem9uZV9t YnVmLCBtKTsNCisJCXVtYV96ZnJlZV9hcmcoem9uZV9tYnVmLCBtLCBfX2J1 aWx0aW5fcmV0dXJuX2FkZHJlc3MoMCkpOw0KIAlyZXR1cm4gbjsNCiB9DQor I2VuZGlmDQogDQogc3RhdGljIF9faW5saW5lDQogdm9pZA0KZGlmZiAtdSAt ciAvdXNyL3NyYy9zeXMub2xkL3ZtL3VtYV9kYmcuYyAvdXNyL3NyYy9zeXMv dm0vdW1hX2RiZy5jDQotLS0gL3Vzci9zcmMvc3lzLm9sZC92bS91bWFfZGJn LmMJRnJpIEp1biAyNCAyMDoxMzoyNyAyMDA1DQorKysgL3Vzci9zcmMvc3lz L3ZtL3VtYV9kYmcuYwlGcmkgSnVuIDI0IDIxOjExOjA1IDIwMDUNCkBAIC02 NiwxMSArNjYsMTQgQEANCiAJdV9pbnQzMl90ICpwOw0KIA0KIAljbnQgPSBz aXplIC8gc2l6ZW9mKHVtYV9qdW5rKTsNCisJY250IC09IHNpemVvZih2b2lk ICopOw0KIA0KIAlmb3IgKHAgPSBtZW07IGNudCA+IDA7IGNudC0tLCBwKysp DQotCQlpZiAoKnAgIT0gdW1hX2p1bmspDQorCQlpZiAoKnAgIT0gdW1hX2p1 bmspIHsNCisJCQlwcmludGYoIlRoaXMgbWVtb3J5IGxhc3QgZnJlZWQgYnk6 ICVwXG4iLCAodm9pZCAqKSpwKTsNCiAJCQlwYW5pYygiTWVtb3J5IG1vZGlm aWVkIGFmdGVyIGZyZWUgJXAoJWQpIHZhbD0leCBAICVwXG4iLA0KIAkJCSAg ICBtZW0sIHNpemUsICpwLCBwKTsNCisJCX0NCiAJcmV0dXJuICgwKTsNCiB9 DQogDQpAQCAtODcsOSArOTAsMTEgQEANCiAJdV9pbnQzMl90ICpwOw0KIA0K IAljbnQgPSBzaXplIC8gc2l6ZW9mKHVtYV9qdW5rKTsNCisJY250IC09IHNp emVvZih2b2lkICopOw0KIA0KIAlmb3IgKHAgPSBtZW07IGNudCA+IDA7IGNu dC0tLCBwKyspDQogCQkqcCA9IHVtYV9qdW5rOw0KKwkqcCA9IChpbnQpYXJn Ow0KIH0NCiANCiAvKg0K --0-1915742314-1119666662=:537--