More mbuf INVARIANTS code, comments needed
Mike Silbersack
silby at silby.com
Thu May 1 23:09:00 PDT 2003
Now that I have the double-free code in (under INVARIANTS), I'm
considering the attached patch as well; it fills the m_data, m_next, and
m_nextpkt fields with non-NULL garbage in hopes that any uses after free
will be immediately fatal.
Does anyone see problems with this, and/or other simple checks that could
be added cheaply?
Thanks,
Mike "Silby" Silbersack
-------------- next part --------------
diff -u -r /usr/src/sys.old/kern/subr_mbuf.c /usr/src/sys/kern/subr_mbuf.c
--- /usr/src/sys.old/kern/subr_mbuf.c Thu May 1 22:55:09 2003
+++ /usr/src/sys/kern/subr_mbuf.c Fri May 2 00:53:08 2003
@@ -1404,6 +1404,12 @@
}
}
}
+#ifdef INVARIANTS
+ /* Fill with junk data to provoke panics from accesses after free */
+ mb->m_data = (void *) 0x137;
+ mb->m_next = (void *) 0x138;
+ mb->m_nextpkt = (void *) 0x139;
+#endif
mb_free(&mb_list_mbuf, mb, mb->m_type, persist, &cchnum);
return (nb);
}
@@ -1453,6 +1459,12 @@
}
}
}
+#ifdef INVARIANTS
+ /* Fill with junk data to provoke panics from accesses after free */
+ m->m_data = (void *) 0x137;
+ m->m_next = (void *) 0x138;
+ m->m_nextpkt = (void *) 0x139;
+#endif
mb_free(&mb_list_mbuf, m, m->m_type, persist, &cchnum);
}
}
More information about the freebsd-net
mailing list