1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-24 11:29:10 +00:00

Introduce some serious paranoia to try to catch a memory overwrite problem

as early as possible.

Sponsored by:	DARPA & NAI Labs
This commit is contained in:
Poul-Henning Kamp 2002-04-23 11:48:45 +00:00
parent 191ca0354f
commit 7d590cc46f
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=95310
5 changed files with 63 additions and 6 deletions

View File

@ -95,14 +95,16 @@ struct g_class {
LIST_ENTRY(g_class) class; LIST_ENTRY(g_class) class;
LIST_HEAD(,g_geom) geom; LIST_HEAD(,g_geom) geom;
struct g_event *event; struct g_event *event;
u_int protect;
}; };
#define G_CLASS_INITSTUFF { 0, 0 }, { 0 }, 0 #define G_CLASS_INITSTUFF { 0, 0 }, { 0 }, 0, 0
/* /*
* The g_geom is an instance of a g_class. * The g_geom is an instance of a g_class.
*/ */
struct g_geom { struct g_geom {
u_int protect;
char *name; char *name;
struct g_class *class; struct g_class *class;
LIST_ENTRY(g_geom) geom; LIST_ENTRY(g_geom) geom;
@ -139,6 +141,7 @@ struct g_bioq {
*/ */
struct g_consumer { struct g_consumer {
u_int protect;
struct g_geom *geom; struct g_geom *geom;
LIST_ENTRY(g_consumer) consumer; LIST_ENTRY(g_consumer) consumer;
struct g_provider *provider; struct g_provider *provider;
@ -154,6 +157,7 @@ struct g_consumer {
* A g_provider is a "logical disk". * A g_provider is a "logical disk".
*/ */
struct g_provider { struct g_provider {
u_int protect;
char *name; char *name;
LIST_ENTRY(g_provider) provider; LIST_ENTRY(g_provider) provider;
struct g_geom *geom; struct g_geom *geom;
@ -205,6 +209,7 @@ struct g_geom * g_insert_geom(char *class, struct g_consumer *cp);
struct g_consumer * g_new_consumer(struct g_geom *gp); struct g_consumer * g_new_consumer(struct g_geom *gp);
struct g_geom * g_new_geomf(struct g_class *mp, char *fmt, ...); struct g_geom * g_new_geomf(struct g_class *mp, char *fmt, ...);
struct g_provider * g_new_providerf(struct g_geom *gp, char *fmt, ...); struct g_provider * g_new_providerf(struct g_geom *gp, char *fmt, ...);
void g_sanity(void *ptr);
void g_spoil(struct g_provider *pp, struct g_consumer *cp); void g_spoil(struct g_provider *pp, struct g_consumer *cp);
int g_std_access(struct g_provider *pp, int dr, int dw, int de); int g_std_access(struct g_provider *pp, int dr, int dw, int de);
void g_std_done(struct bio *bp); void g_std_done(struct bio *bp);
@ -247,12 +252,16 @@ g_malloc(int size, int flags)
mtx_lock(&Giant); mtx_lock(&Giant);
p = malloc(size, M_GEOM, flags); p = malloc(size, M_GEOM, flags);
mtx_unlock(&Giant); mtx_unlock(&Giant);
g_sanity(p);
/* printf("malloc(%d, %x) -> %p\n", size, flags, p); */
return (p); return (p);
} }
static __inline void static __inline void
g_free(void *ptr) g_free(void *ptr)
{ {
g_sanity(ptr);
/* printf("free(%p)\n", ptr); */
mtx_lock(&Giant); mtx_lock(&Giant);
free(ptr, M_GEOM); free(ptr, M_GEOM);
mtx_unlock(&Giant); mtx_unlock(&Giant);
@ -260,8 +269,8 @@ g_free(void *ptr)
extern struct sx topology_lock; extern struct sx topology_lock;
#define g_topology_lock() do { mtx_assert(&Giant, MA_NOTOWNED); sx_xlock(&topology_lock); } while (0) #define g_topology_lock() do { mtx_assert(&Giant, MA_NOTOWNED); sx_xlock(&topology_lock); } while (0)
#define g_topology_unlock() sx_xunlock(&topology_lock) #define g_topology_unlock() do { g_sanity(NULL); sx_xunlock(&topology_lock); } while (0)
#define g_topology_assert() sx_assert(&topology_lock, SX_XLOCKED) #define g_topology_assert() do { g_sanity(NULL); sx_assert(&topology_lock, SX_XLOCKED); } while (0)
#define DECLARE_GEOM_CLASS(class, name) \ #define DECLARE_GEOM_CLASS(class, name) \
static void \ static void \
@ -273,6 +282,6 @@ extern struct sx topology_lock;
} \ } \
SYSINIT(name, SI_SUB_PSEUDO, SI_ORDER_FIRST, name##init, NULL); SYSINIT(name, SI_SUB_PSEUDO, SI_ORDER_FIRST, name##init, NULL);
#endif #endif /* _KERNEL */
#endif /* _GEOM_GEOM_H_ */ #endif /* _GEOM_GEOM_H_ */

View File

@ -235,6 +235,7 @@ g_trace(int level, char *fmt, ...)
va_list ap; va_list ap;
struct sbuf *sb; struct sbuf *sb;
g_sanity(NULL);
if (!(g_debugflags & level)) if (!(g_debugflags & level))
return; return;
va_start(ap, fmt); va_start(ap, fmt);

View File

@ -57,6 +57,7 @@
#include <sys/param.h> #include <sys/param.h>
#ifdef _KERNEL #ifdef _KERNEL
#include <sys/malloc.h> #include <sys/malloc.h>
#include <sys/systm.h>
#endif #endif
#include <geom/geom.h> #include <geom/geom.h>
#include <geom/geom_int.h> #include <geom/geom_int.h>

View File

@ -173,6 +173,7 @@ g_slice_start(struct bio *bp)
g_haveattr_off_t(bp, "GEOM::frontstuff", t); g_haveattr_off_t(bp, "GEOM::frontstuff", t);
return; return;
} }
#ifdef _KERNEL
if (!strcmp("GEOM::kerneldump", bp->bio_attribute)) { if (!strcmp("GEOM::kerneldump", bp->bio_attribute)) {
struct g_kerneldump *gkd; struct g_kerneldump *gkd;
@ -182,6 +183,7 @@ g_slice_start(struct bio *bp)
gkd->length = gsp->slices[index].length; gkd->length = gsp->slices[index].length;
/* now, pass it on downwards... */ /* now, pass it on downwards... */
} }
#endif
bp2 = g_clone_bio(bp); bp2 = g_clone_bio(bp);
bp2->bio_done = g_std_done; bp2->bio_done = g_std_done;
g_io_request(bp2, cp); g_io_request(bp2, cp);

View File

@ -76,6 +76,7 @@ g_add_class(struct g_class *mp)
g_ignition++; g_ignition++;
g_init(); g_init();
} }
mp->protect = 0x020016600;
g_topology_lock(); g_topology_lock();
g_trace(G_T_TOPOLOGY, "g_add_class(%s)", mp->name); g_trace(G_T_TOPOLOGY, "g_add_class(%s)", mp->name);
LIST_INIT(&mp->geom); LIST_INIT(&mp->geom);
@ -99,8 +100,9 @@ g_new_geomf(struct g_class *mp, char *fmt, ...)
sbuf_vprintf(sb, fmt, ap); sbuf_vprintf(sb, fmt, ap);
sbuf_finish(sb); sbuf_finish(sb);
mtx_unlock(&Giant); mtx_unlock(&Giant);
gp = g_malloc(sizeof *gp + sbuf_len(sb) + 1, M_WAITOK | M_ZERO); gp = g_malloc(sizeof *gp, M_WAITOK | M_ZERO);
gp->name = (char *)(gp + 1); gp->protect = 0x020016601;
gp->name = g_malloc(sbuf_len(sb) + 1, M_WAITOK | M_ZERO);
gp->class = mp; gp->class = mp;
gp->rank = 1; gp->rank = 1;
LIST_INIT(&gp->consumer); LIST_INIT(&gp->consumer);
@ -127,6 +129,7 @@ g_destroy_geom(struct g_geom *gp)
gp->name, LIST_FIRST(&gp->consumer))); gp->name, LIST_FIRST(&gp->consumer)));
LIST_REMOVE(gp, geom); LIST_REMOVE(gp, geom);
TAILQ_REMOVE(&geoms, gp, geoms); TAILQ_REMOVE(&geoms, gp, geoms);
g_free(gp->name);
g_free(gp); g_free(gp);
} }
@ -141,6 +144,7 @@ g_new_consumer(struct g_geom *gp)
gp->name, gp->class->name)); gp->name, gp->class->name));
cp = g_malloc(sizeof *cp, M_WAITOK | M_ZERO); cp = g_malloc(sizeof *cp, M_WAITOK | M_ZERO);
cp->protect = 0x020016602;
cp->geom = gp; cp->geom = gp;
LIST_INSERT_HEAD(&gp->consumer, cp, consumer); LIST_INSERT_HEAD(&gp->consumer, cp, consumer);
return(cp); return(cp);
@ -176,6 +180,7 @@ g_new_providerf(struct g_geom *gp, char *fmt, ...)
sbuf_finish(sb); sbuf_finish(sb);
mtx_unlock(&Giant); mtx_unlock(&Giant);
pp = g_malloc(sizeof *pp + sbuf_len(sb) + 1, M_WAITOK | M_ZERO); pp = g_malloc(sizeof *pp + sbuf_len(sb) + 1, M_WAITOK | M_ZERO);
pp->protect = 0x020016603;
pp->name = (char *)(pp + 1); pp->name = (char *)(pp + 1);
strcpy(pp->name, sbuf_data(sb)); strcpy(pp->name, sbuf_data(sb));
sbuf_delete(sb); sbuf_delete(sb);
@ -653,3 +658,42 @@ g_getattr__(const char *attr, struct g_consumer *cp, void *var, int len)
return (EINVAL); return (EINVAL);
return (0); return (0);
} }
/*
* Check if the given pointer is a live object
*/
void
g_sanity(void *ptr)
{
struct g_class *mp;
struct g_geom *gp;
struct g_consumer *cp;
struct g_provider *pp;
LIST_FOREACH(mp, &g_classes, class) {
KASSERT(mp != ptr, ("Ptr is live class"));
KASSERT(mp->protect == 0x20016600,
("corrupt class %p %x", mp, mp->protect));
LIST_FOREACH(gp, &mp->geom, geom) {
KASSERT(gp != ptr, ("Ptr is live geom"));
KASSERT(gp->protect == 0x20016601,
("corrupt geom, %p %x", gp, gp->protect));
KASSERT(gp->name != ptr, ("Ptr is live geom's name"));
LIST_FOREACH(cp, &gp->consumer, consumer) {
KASSERT(cp != ptr, ("Ptr is live consumer"));
KASSERT(cp->protect == 0x20016602,
("corrupt consumer %p %x",
cp, cp->protect));
}
LIST_FOREACH(pp, &gp->provider, provider) {
KASSERT(pp != ptr, ("Ptr is live provider"));
KASSERT(pp->protect == 0x20016603,
("corrupt provider %p %x",
pp, pp->protect));
}
}
}
}