Date: Wed, 15 Jun 2005 02:49:08 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: current@freebsd.org Cc: Bosko Milekic <bmilekic@technokratis.com> Subject: UMA mbuf allocator use after free detection Message-ID: <20050615024332.V660@odysseus.silby.com>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-1652050532-1118821685=:660 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; format=flowed Content-ID: <20050615024806.L660@odysseus.silby.com> The attached patch uses the trash ctor/dtor routines from uma_dbg to help detect use after free conditions for mbufs, and mbuf clusters. It doesn't seem to cause any unexpected problems with xl, ath, or wi, but it does cause issues with iwi. That is good, because iwi has some problems that need to be resolved. I'd appreciate it if people could apply the patch and see if it causes any panics or unexpected behavior on their systems. If all mbuf usage is correct, there should be no visible effect. This code is of course only active when you have INVARIANTS compiled in so that it does not slow down performance otherwise. Thanks, Mike "Silby" Silbersack --0-1652050532-1118821685=:660 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME=kern_mbuf.c-trash.patch Content-Transfer-Encoding: BASE64 Content-ID: <20050615024805.G660@odysseus.silby.com> Content-Description: Content-Disposition: ATTACHMENT; FILENAME=kern_mbuf.c-trash.patch ZGlmZiAtdSAtciAvdXNyL3NyYy9zeXMub2xkL2tlcm4va2Vybl9tYnVmLmMg L3Vzci9zcmMvc3lzL2tlcm4va2Vybl9tYnVmLmMNCi0tLSAvdXNyL3NyYy9z eXMub2xkL2tlcm4va2Vybl9tYnVmLmMJU3VuIEp1biAxMiAxOTo0MzoxMiAy MDA1DQorKysgL3Vzci9zcmMvc3lzL2tlcm4va2Vybl9tYnVmLmMJV2VkIEp1 biAxNSAwMjoyNjo0NSAyMDA1DQpAQCAtNDYsNiArNDYsOCBAQA0KICNpbmNs dWRlIDx2bS92bS5oPg0KICNpbmNsdWRlIDx2bS92bV9wYWdlLmg+DQogI2lu Y2x1ZGUgPHZtL3VtYS5oPg0KKyNpbmNsdWRlIDx2bS91bWFfaW50Lmg+DQor I2luY2x1ZGUgPHZtL3VtYV9kYmcuaD4NCiANCiAvKg0KICAqIEluIEZyZWVC U0QsIE1idWZzIGFuZCBNYnVmIENsdXN0ZXJzIGFyZSBhbGxvY2F0ZWQgZnJv bSBVTUENCkBAIC0xMzQsOSArMTM2LDE3IEBADQogCSAqIENvbmZpZ3VyZSBV TUEgem9uZXMgZm9yIE1idWZzLCBDbHVzdGVycywgYW5kIFBhY2tldHMuDQog CSAqLw0KIAl6b25lX21idWYgPSB1bWFfemNyZWF0ZSgiTWJ1ZiIsIE1TSVpF LCBtYl9jdG9yX21idWYsIG1iX2R0b3JfbWJ1ZiwNCisjaWZkZWYgSU5WQVJJ QU5UUw0KKwkgICAgdHJhc2hfaW5pdCwgdHJhc2hfZmluaSwgTVNJWkUgLSAx LCBVTUFfWk9ORV9NQVhCVUNLRVQpOw0KKyNlbHNlDQogCSAgICBOVUxMLCBO VUxMLCBNU0laRSAtIDEsIFVNQV9aT05FX01BWEJVQ0tFVCk7DQorI2VuZGlm DQogCXpvbmVfY2x1c3QgPSB1bWFfemNyZWF0ZSgiTWJ1ZkNsdXN0IiwgTUNM QllURVMsIG1iX2N0b3JfY2x1c3QsDQorI2lmZGVmIElOVkFSSUFOVFMNCisJ ICAgIG1iX2R0b3JfY2x1c3QsIHRyYXNoX2luaXQsIHRyYXNoX2ZpbmksIFVN QV9BTElHTl9QVFIsIFVNQV9aT05FX1JFRkNOVCk7DQorI2Vsc2UNCiAJICAg IG1iX2R0b3JfY2x1c3QsIE5VTEwsIE5VTEwsIFVNQV9BTElHTl9QVFIsIFVN QV9aT05FX1JFRkNOVCk7DQorI2VuZGlmDQogCWlmIChubWJjbHVzdGVycyA+ IDApDQogCQl1bWFfem9uZV9zZXRfbWF4KHpvbmVfY2x1c3QsIG5tYmNsdXN0 ZXJzKTsNCiAJem9uZV9wYWNrID0gdW1hX3pzZWNvbmRfY3JlYXRlKCJQYWNr ZXQiLCBtYl9jdG9yX3BhY2ssIG1iX2R0b3JfcGFjaywNCkBAIC0xOTAsNiAr MjAwLDkgQEANCiAJaW50IGZsYWdzOw0KIAlzaG9ydCB0eXBlOw0KIA0KKyNp ZmRlZiBJTlZBUklBTlRTDQorCXRyYXNoX2N0b3IobWVtLCBzaXplLCBhcmcs IGhvdyk7DQorI2VuZGlmDQogCW0gPSAoc3RydWN0IG1idWYgKiltZW07DQog CWFyZ3MgPSAoc3RydWN0IG1iX2FyZ3MgKilhcmc7DQogCWZsYWdzID0gYXJn cy0+ZmxhZ3M7DQpAQCAtMjI3LDYgKzI0MCw5IEBADQogCW0gPSAoc3RydWN0 IG1idWYgKiltZW07DQogCWlmICgobS0+bV9mbGFncyAmIE1fUEtUSERSKSAh PSAwKQ0KIAkJbV90YWdfZGVsZXRlX2NoYWluKG0sIE5VTEwpOw0KKyNpZmRl ZiBJTlZBUklBTlRTDQorCXRyYXNoX2R0b3IobWVtLCBzaXplLCBhcmcpOw0K KyNlbmRpZg0KIAltYnN0YXQubV9tYnVmcyAtPSAxOwkvKiBYWFggKi8NCiB9 DQogDQpAQCAtMjM5LDYgKzI1NSw5IEBADQogCW0gPSAoc3RydWN0IG1idWYg KiltZW07DQogCWlmICgobS0+bV9mbGFncyAmIE1fUEtUSERSKSAhPSAwKQ0K IAkJbV90YWdfZGVsZXRlX2NoYWluKG0sIE5VTEwpOw0KKyNpZmRlZiBJTlZB UklBTlRTDQorCXRyYXNoX2R0b3IobS0+bV9leHQuZXh0X2J1ZiwgTUNMQllU RVMsIGFyZyk7DQorI2VuZGlmDQogCW1ic3RhdC5tX21idWZzIC09IDE7CS8q IFhYWCAqLw0KIAltYnN0YXQubV9tY2x1c3RzIC09IDE7CS8qIFhYWCAqLw0K IH0NCkBAIC0yNTQsNiArMjczLDkgQEANCiB7DQogCXN0cnVjdCBtYnVmICpt Ow0KIA0KKyNpZmRlZiBJTlZBUklBTlRTDQorCXRyYXNoX2N0b3IobWVtLCBz aXplLCBhcmcsIGhvdyk7DQorI2VuZGlmDQogCW0gPSAoc3RydWN0IG1idWYg Kilhcmc7DQogCW0tPm1fZXh0LmV4dF9idWYgPSAoY2FkZHJfdCltZW07DQog CW0tPm1fZGF0YSA9IG0tPm1fZXh0LmV4dF9idWY7DQpAQCAtMjcxLDYgKzI5 Myw5IEBADQogc3RhdGljIHZvaWQNCiBtYl9kdG9yX2NsdXN0KHZvaWQgKm1l bSwgaW50IHNpemUsIHZvaWQgKmFyZykNCiB7DQorI2lmZGVmIElOVkFSSUFO VFMNCisJdHJhc2hfZHRvcihtZW0sIHNpemUsIGFyZyk7DQorI2VuZGlmDQog CW1ic3RhdC5tX21jbHVzdHMgLT0gMTsJLyogWFhYICovDQogfQ0KIA0KQEAg LTI4OCw2ICszMTMsOSBAQA0KIAl1bWFfemFsbG9jX2FyZyh6b25lX2NsdXN0 LCBtLCBob3cpOw0KIAlpZiAobS0+bV9leHQuZXh0X2J1ZiA9PSBOVUxMKQ0K IAkJcmV0dXJuIChFTk9NRU0pOw0KKyNpZmRlZiBJTlZBUklBTlRTDQorCXRy YXNoX2luaXQobS0+bV9leHQuZXh0X2J1ZiwgTUNMQllURVMsIGhvdyk7DQor I2VuZGlmDQogCW1ic3RhdC5tX21jbHVzdHMgLT0gMTsJLyogWFhYICovDQog CXJldHVybiAoMCk7DQogfQ0KQEAgLTMwMiw2ICszMzAsOSBAQA0KIAlzdHJ1 Y3QgbWJ1ZiAqbTsNCiANCiAJbSA9IChzdHJ1Y3QgbWJ1ZiAqKW1lbTsNCisj aWZkZWYgSU5WQVJJQU5UUw0KKwl0cmFzaF9maW5pKG0tPm1fZXh0LmV4dF9i dWYsIE1DTEJZVEVTKTsNCisjZW5kaWYNCiAJdW1hX3pmcmVlX2FyZyh6b25l X2NsdXN0LCBtLT5tX2V4dC5leHRfYnVmLCBOVUxMKTsNCiAJbS0+bV9leHQu ZXh0X2J1ZiA9IE5VTEw7DQogCW1ic3RhdC5tX21jbHVzdHMgKz0gMTsJLyog WFhYICovDQpAQCAtMzI2LDYgKzM1Nyw5IEBADQogCWZsYWdzID0gYXJncy0+ ZmxhZ3M7DQogCXR5cGUgPSBhcmdzLT50eXBlOw0KIA0KKyNpZmRlZiBJTlZB UklBTlRTDQorCXRyYXNoX2N0b3IobS0+bV9leHQuZXh0X2J1ZiwgTUNMQllU RVMsIGFyZywgaG93KTsNCisjZW5kaWYNCiAJbS0+bV90eXBlID0gdHlwZTsN CiAJbS0+bV9uZXh0ID0gTlVMTDsNCiAJbS0+bV9uZXh0cGt0ID0gTlVMTDsN Cg== --0-1652050532-1118821685=:660--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050615024332.V660>