now committed: UMA mbuf allocator use after free detection
Mike Silbersack
silby at silby.com
Thu Jun 23 05:23:27 GMT 2005
I just commit the patch described below - if you start seeing any weird
behavior that's networking related, please tell me - the trash allocator
might be provoking a use after free that wasn't detected until now.
Mike "Silby" Silbersack
---------- Forwarded message ----------
Date: Wed, 15 Jun 2005 02:49:08 -0500 (CDT)
From: Mike Silbersack <silby at silby.com>
To: current at freebsd.org
Cc: Bosko Milekic <bmilekic at technokratis.com>
Subject: UMA mbuf allocator use after free detection
The attached patch uses the trash ctor/dtor routines from uma_dbg to help
detect use after free conditions for mbufs, and mbuf clusters. It doesn't seem
to cause any unexpected problems with xl, ath, or wi, but it does cause issues
with iwi. That is good, because iwi has some problems that need to be
resolved.
I'd appreciate it if people could apply the patch and see if it causes any
panics or unexpected behavior on their systems. If all mbuf usage is correct,
there should be no visible effect.
This code is of course only active when you have INVARIANTS compiled in so that
it does not slow down performance otherwise.
Thanks,
Mike "Silby" Silbersack
More information about the freebsd-current
mailing list