From: Ingo Molnar <mingo@elte.hu>
To: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: Janboe Ye <yuan-bo.ye@motorola.com>,
linux-kernel@vger.kernel.org, vegard.nossum@gmail.com,
graydon@redhat.com, fche@redhat.com
Subject: Re: [RFC][PATCH] Check write to slab memory which freed already using mudflap
Date: Fri, 10 Jul 2009 10:47:45 +0200 [thread overview]
Message-ID: <20090710084745.GA26752@elte.hu> (raw)
In-Reply-To: <84144f020907090944u51f60cbsc0a4ec2c2cbdcc8c@mail.gmail.com>
* Pekka Enberg <penberg@cs.helsinki.fi> wrote:
> Hi Janboe,
>
> On Thu, Jul 9, 2009 at 7:13 PM, Janboe Ye<yuan-bo.ye@motorola.com> wrote:
> > slab debug detects the corruption when it allocates and frees the slab. But if someone write to slab memory when it already freed, slab debug could only report its last free point when slab allocates the same block.
> >
> > This information is not enough for debugging when system has complex memory usage. gcc mudflap could insert some check point when a memory is writing and it is helpful to check if the address is writing freed.
> >
> > Because most codes of kernel are drivers, it is most possible that drivers have such problem. So I use mudflap to compile all drivers.
> >
> > kmemcheck is also helpful to check same issue, and it triggers trap every reading and writing, and it need to analysis the instruct which trigger the trap to get the memory address.
> > This heavy depends on the cpu capability. arm has no single-step like x86, so kmemcheck is too heavy to run on real arm system. mudflap way is lighter than kmemcheck for this purpose.
> >
> > As stack allocation is useless for checking slab, kernel mudflap does not implement alloc which is required by gcc mudflap when codes use variable array. So variable array, such as array[i] which i could not determined by compiler, is not supported.
> >
> > Thanks a lot for comments!
>
> Yeah, something like this makes sense. Some comments below.
>
> > arch/arm/include/asm/elf.h | 1 +
> > arch/arm/kernel/module.c | 1 +
> > drivers/Makefile | 4 +-
> > include/mf-runtime.h | 42 ++++++++++++++
> > kernel/Makefile | 2 +-
> > kernel/mudflap.c | 132 ++++++++++++++++++++++++++++++++++++++++++++
> > lib/Kconfig.debug | 7 ++
> > mm/slab.c | 53 ++++++++++++++++++
> > 8 files changed, 240 insertions(+), 2 deletions(-)
>
> SLAB is (slowly) going away so you might want to port this to SLUB
> as well so we can merge both.
and SLQB which will replace both? :-/
Ingo
next prev parent reply other threads:[~2009-07-10 8:48 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-09 16:13 [RFC][PATCH] Check write to slab memory which freed already using mudflap Janboe Ye
2009-07-09 16:44 ` Pekka Enberg
2009-07-09 19:40 ` Janboe Ye
2009-07-10 8:47 ` Ingo Molnar [this message]
2009-07-10 8:52 ` Pekka Enberg
2009-07-10 9:03 ` Nick Piggin
2009-07-10 9:14 ` Pekka Enberg
2009-07-10 9:29 ` Nick Piggin
2009-07-10 9:40 ` Pekka Enberg
2009-07-10 9:47 ` David Rientjes
2009-07-10 9:51 ` Pekka Enberg
2009-07-10 10:03 ` David Rientjes
2009-07-10 10:10 ` Pekka Enberg
2009-07-10 10:30 ` Nick Piggin
2009-07-15 14:59 ` Nick Piggin
2009-07-15 20:19 ` David Rientjes
2009-07-20 8:32 ` Nick Piggin
2009-07-10 9:41 ` David Rientjes
2009-07-10 9:46 ` Pekka Enberg
2009-07-10 9:04 ` David Rientjes
2009-07-10 9:19 ` Nick Piggin
2009-07-10 9:19 ` Pekka Enberg
2009-07-10 9:31 ` David Rientjes
2009-07-10 9:38 ` Nick Piggin
2009-07-10 18:55 ` Christoph Lameter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090710084745.GA26752@elte.hu \
--to=mingo@elte.hu \
--cc=fche@redhat.com \
--cc=graydon@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=penberg@cs.helsinki.fi \
--cc=vegard.nossum@gmail.com \
--cc=yuan-bo.ye@motorola.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox