Page MenuHomeFreeBSD
Differential D2890

add MTX_NEW to creation of mutex after uma_zalloc...
ClosedPublic
Actions

Authored by jmg on Jun 23 2015, 7:02 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Oct 18, 1:46 AM
Unknown Object (File)
Fri, Oct 18, 1:46 AM
Unknown Object (File)
Fri, Oct 18, 1:46 AM
Unknown Object (File)
Fri, Oct 18, 1:46 AM
Unknown Object (File)
Fri, Oct 18, 1:26 AM
Unknown Object (File)
Fri, Oct 11, 9:45 PM
Unknown Object (File)
Sep 30 2024, 10:37 AM
Unknown Object (File)
Sep 12 2024, 2:59 AM
View All 83 Files
Subscribers
imp
kib
mjg

Details

Reviewers
kib
pfg
jhb
mjg
Commits
rS284733: zero this struct as it depends upon it...
Summary

Make sure that mtx_init does not assume clean memory.. If D2725,
this will no longer be the case, and the init will fail...

I have tested that this change compiles and boots w/o issues...
even a tail -f works w/o issue..

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jmg updated this revision to Diff 6392.Jun 23 2015, 7:02 AM
jmg retitled this revision from to add MTX_NEW to creation of mutex after uma_zalloc....
jmg updated this object.
jmg edited the test plan for this revision. (Show Details)
jmg added reviewers: jhb, pfg.
Herald added a subscriber: imp. · View Herald TranscriptJun 23 2015, 7:02 AM
kib accepted this revision.Jun 23 2015, 7:14 AM
kib added a reviewer: kib.
kib added a subscriber: kib.
kib added inline comments.
sys/kern/vfs_subr.c
3598 ↗(On Diff #6392)

Add spaces around '|'.

This revision is now accepted and ready to land.Jun 23 2015, 7:14 AM
jmg added a comment.Jun 23 2015, 7:57 AM

tomorrow..

sys/kern/vfs_subr.c
3598 ↗(On Diff #6392)

I'm confused, I do know the rule about spaces around binary ops, but often for flags like these, the spaces are omitted.. Hmm... it does look like spaces wins 52k lines vs 8k lines..

I'll add the spaces as that is the style the file adds..

mjg added a subscriber: mjg.Jun 23 2015, 1:29 PM

This particular piece of code actually expects a zeroed struct. In particular, you can see that neither mtx_init nor knlist_init initialize the whole struct, leaving e.g.vpi_events and vpi_revents indeterminate. Then vn_pollrecord immediately examines vpi_revents of a newly added object and we are in trouble.

In other words, while it was mtx_init which complained about junk-filled memory, the issue is bigger. initialisation here needs to either be done with M_ZERO or extended to cover missed fields. Uninitialised parts also include something from struct knlist, so it's more than zeroing 2 shorts, but I'm too lazy to check how to do deal with that knlist.

mjg requested changes to this revision.Jun 23 2015, 1:30 PM
mjg added a reviewer: mjg.
This revision now requires changes to proceed.Jun 23 2015, 1:30 PM
jmg added a comment.Jun 23 2015, 6:25 PM
In D2890#56145, @mjg wrote:

This particular piece of code actually expects a zeroed struct. In particular, you can see that neither mtx_init nor knlist_init initialize the whole struct, leaving e.g.vpi_events and vpi_revents indeterminate. Then vn_pollrecord immediately examines vpi_revents of a newly added object and we are in trouble.

In other words, while it was mtx_init which complained about junk-filled memory, the issue is bigger. initialisation here needs to either be done with M_ZERO or extended to cover missed fields. Uninitialised parts also include something from struct knlist, so it's more than zeroing 2 shorts, but I'm too lazy to check how to do deal with that knlist.

umm... knlist_init fully initializes the whole struct, where do you get this info?

In D2890#56145, @mjg wrote:

This particular piece of code actually expects a zeroed struct. In particular, you can see that neither mtx_init nor knlist_init initialize the whole struct, leaving e.g.vpi_events and vpi_revents indeterminate. Then vn_pollrecord immediately examines vpi_revents of a newly added object and we are in trouble.

In other words, while it was mtx_init which complained about junk-filled memory, the issue is bigger. initialisation here needs to either be done with M_ZERO or extended to cover missed fields. Uninitialised parts also include something from struct knlist, so it's more than zeroing 2 shorts, but I'm too lazy to check how to do deal with that knlist.

Agreed, testing patch w/ M_ZERO now.

I assume you mean selinfo isn't fully initialized? I verified that knlist_init fully initializes it's part... The problem is that selinfo doesn't have an initializer, and really, we should create an API that combines selinfo and knlist together, but that's another review/time.

jmg updated this revision to Diff 6403.Jun 23 2015, 6:28 PM
jmg edited edge metadata.

switch to zero'ing all of memory, as selinfo and other fields aren't
properly initalized..

jmg marked an inline comment as done.Jun 23 2015, 6:28 PM

changed to using M_ZERO instead... Maintainer should clean this up more.

mjg accepted this revision.Jun 23 2015, 6:36 PM
mjg edited edge metadata.

I assume you mean selinfo isn't fully initialized? I verified that knlist_init fully initializes it's part... The problem is that selinfo doesn't have an initializer, and really, we should create an API that combines selinfo and knlist together, but that's another review/time.

yeah, that's what I meant. And yeah, I'm too lazy to come up with a solution and then do a sweep over the tree.

M_ZERO looks fine as a temporary (right) solution.

This revision is now accepted and ready to land.Jun 23 2015, 6:36 PM
Closed by commit rS284733: zero this struct as it depends upon it... (authored by jmg). · Explain WhyJun 23 2015, 6:40 PM
This revision was automatically updated to reflect the committed changes.
jmg mentioned this in D2725: Add extra INVARIANTS check for ctor/dtor.Jun 23 2015, 6:48 PM

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
2 lines

Diff 6404

View Options

head/sys/kern/vfs_subr.c

Loading...