Page MenuHomeFreeBSD
Differential D2725

Add extra INVARIANTS check for ctor/dtor
ClosedPublic
Actions

Authored by jmg on Jun 3 2015, 3:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 19, 12:54 AM
Unknown Object (File)
Tue, Nov 19, 12:11 AM
Unknown Object (File)
Sun, Nov 17, 1:44 PM
Unknown Object (File)
Sat, Nov 9, 10:56 PM
Unknown Object (File)
Sat, Nov 9, 6:13 PM
Unknown Object (File)
Thu, Nov 7, 10:02 PM
Unknown Object (File)
Oct 26 2024, 7:04 AM
Unknown Object (File)
Oct 18 2024, 1:26 AM
View All Files
Subscribers
bryanv
emaste
gsuryacse7k_gmail.com
imp
lattera-gmail.com
op

Details

Reviewers
pfg
jhb
jch
bz
adrian
Commits
rS284861: If INVARIANTS is specified, add ctor/dtor to junk memory if they are
Summary

NETAPP has added a check for all private zones with trash_ctor/trash_dtor.
They pass the trash_ctor/trash_dtor to uma_zcreate(9) if it is called
with NULL for constructor/destructor.

This patch is contributed by Suresh Gumpula at Netapp.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

pfg updated this revision to Diff 5912.Jun 3 2015, 3:26 PM
pfg retitled this revision from to Add extra INVARIANTS check for ctor/dtor.
pfg updated this object.
pfg edited the test plan for this revision. (Show Details)
Herald added a subscriber: imp. · View Herald TranscriptJun 3 2015, 3:26 PM
lattera-gmail.com added a subscriber: lattera-gmail.com.Jun 3 2015, 4:11 PM
emaste added a subscriber: emaste.Jun 3 2015, 5:18 PM
emaste added inline comments.
sys/vm/uma_core.c
1949 ↗(On Diff #5912)

joined lines?

op added a subscriber: op.Jun 3 2015, 5:36 PM
pfg updated this revision to Diff 5922.EditedJun 3 2015, 6:07 PM

Reduce a little the width of the comments. It all looks weird
in phabricator.

While here I should mention this is not tested at all, I am
just hoping to help getting this interesting patch reviewed.

gsuryacse7k_gmail.com added a subscriber: gsuryacse7k_gmail.com.EditedJun 3 2015, 7:07 PM

The mtx init code is assuming the object being initialized with zeros. Please make this change too in v_addpollinfo() in
freebsd/sys/kern/vfs_subr.c. Otherwise it panics because of uma_junk(0xdeadc0de) in the newly created object out of this zone.

Please replace this line
From: vi = uma_zalloc(vnodepoll_zone, M_WAITOK);
To: vi = uma_zalloc(vnodepoll_zone, M_ZERO | M_WAITOK);

Just to mention. This patch is in our product for almost a month without any issue in our testing. And we found couple of issues.

And this mutex issue in v_addpollinfo() is uncovered recently when a tail -f command is run.

pfg updated this revision to Diff 5923.Jun 3 2015, 7:39 PM

M_ZERO uma_zalloc() in v_addpollinfo(). (submitted by Suresh)

It wouldn't hurt to commit this before the extra invariant check, but
we should sort out all similar cases before committing the main check.
(I think there are people running current with invariants in
production - sigh)

gsuryacse7k_gmail.com added a comment.Jun 3 2015, 7:46 PM

We have not seen any side effect other than this mutex issue for a month+ invariant build testing. I am thinking its good to go now.

gsuryacse7k_gmail.com added a comment.Jun 3 2015, 7:51 PM

We uncovered/realized this bug and others only after we committed this patch. So I think its really a useful check to have in .
https://svnweb.freebsd.org/base?view=revision&revision=281599

op added inline comments.Jun 3 2015, 7:58 PM
sys/vm/uma_dbg.c
78 ↗(On Diff #5922)

What do you think about making this panic(...) optionally, by adding a new sysctl or kernel config knob.

pfg added reviewers: adrian, jhb, jch, bz.Jun 3 2015, 8:00 PM

I trust Suresh has tested the change very well and the check has proven useful.
I would like some more feedback since I am not running this directly though.

I am adding the reviewers of D2079 since it was found using this patch.

sys/vm/uma_core.c
1949 ↗(On Diff #5912)

It only looks weird on phabricator. I will change it a little to see if it improves, thanks.

gsuryacse7k_gmail.com added a comment.Jun 3 2015, 8:04 PM

mtrash_ctor() on standard malloc zones also panics if it detects use after free unconditionally. So may be its good to keep both in sync instead of a panic knob with sysctl/options.

pfg added inline comments.Jun 3 2015, 8:07 PM
sys/vm/uma_dbg.c
78 ↗(On Diff #5923)

I think it may be excessive to hide knobs within knobs or to add sysctls that depend on invariants. A panic may be too much though(?).

bryanv added a subscriber: bryanv.Jun 17 2015, 10:38 PM
op added a comment.Jun 19 2015, 7:48 PM

Yes, will do in the next 8 hours.

pfg marked 3 inline comments as done.Jun 19 2015, 10:07 PM

Hmm .. no one has approved this change .... abandon?

jmg mentioned this in D2890: add MTX_NEW to creation of mutex after uma_zalloc....Jun 23 2015, 7:02 AM
jmg added a reviewer: jmg.Jun 23 2015, 6:45 PM
jmg commandeered this revision.Jun 23 2015, 6:48 PM
jmg edited reviewers, added: pfg; removed: jmg.

I have committed part to properly break up the change...

I'm taking over as pfg says he's busy.

sys/kern/vfs_subr.c
3597 ↗(On Diff #5923)

This block was committed as part of D2890, r284733.

jmg updated this revision to Diff 6405.Jun 23 2015, 6:49 PM

remove the vfs change as it has already been committed... This patch will be
committed in 24 hours unless comments are added.. It's languished too long..

jmg marked an inline comment as done.Jun 23 2015, 6:51 PM

INVARIANTS already covers this. If you didn't want your machine to panic when it detects code failures, you shouldn't have compiled w/ INVARIANTS. :)

Closed by commit rS284861: If INVARIANTS is specified, add ctor/dtor to junk memory if they are (authored by jmg). · Explain WhyJun 25 2015, 8:44 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
vm/
14 lines
5 lines

Diff 6462

View Options

head/sys/vm/uma_core.c

Loading...
View Options

head/sys/vm/uma_dbg.c

Loading...