From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
by inbox.dpdk.org (Postfix) with ESMTP id EC59DA0542;
Sat, 8 Oct 2022 14:05:05 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
by mails.dpdk.org (Postfix) with ESMTP id 4B0A742BE9;
Sat, 8 Oct 2022 14:04:23 +0200 (CEST)
Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188])
by mails.dpdk.org (Postfix) with ESMTP id D7BD842BAD
for <dev@dpdk.org>; Sat, 8 Oct 2022 14:04:13 +0200 (CEST)
Received: from dggpeml500024.china.huawei.com (unknown [172.30.72.54])
by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4Ml3ch2XChzHv1G;
Sat, 8 Oct 2022 19:59:16 +0800 (CST)
Received: from localhost.localdomain (10.67.165.24) by
dggpeml500024.china.huawei.com (7.185.36.10) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2375.31; Sat, 8 Oct 2022 20:04:12 +0800
From: Chengwen Feng <fengchengwen@huawei.com>
To: <david.marchand@redhat.com>, <mb@smartsharesystems.com>,
<anatoly.burakov@intel.com>, <dmitry.kozliuk@gmail.com>,
<jerinjacobk@gmail.com>, <hofors@lysator.liu.se>
CC: <thomas@monjalon.net>, <dev@dpdk.org>
Subject: [PATCH v7 09/10] memarea: detect memory corruption based on magic
Date: Sat, 8 Oct 2022 11:58:32 +0000
Message-ID: <20221008115833.29247-10-fengchengwen@huawei.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221008115833.29247-1-fengchengwen@huawei.com>
References: <20220721044648.6817-1-fengchengwen@huawei.com>
<20221008115833.29247-1-fengchengwen@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain
X-Originating-IP: [10.67.165.24]
X-ClientProxiedBy: dggems706-chm.china.huawei.com (10.3.19.183) To
dggpeml500024.china.huawei.com (7.185.36.10)
X-CFilter-Loop: Reflected
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
<mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
<mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
This patch provides lightweight mechanism for detecting memory
corruption which based on magic field in each element node.
Signed-off-by: Chengwen Feng <fengchengwen@huawei.com>
---
lib/memarea/memarea_private.h | 2 ++
lib/memarea/rte_memarea.c | 29 ++++++++++++++++++++++++++---
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/lib/memarea/memarea_private.h b/lib/memarea/memarea_private.h
index 08735ca81f..4f5393e6f9 100644
--- a/lib/memarea/memarea_private.h
+++ b/lib/memarea/memarea_private.h
@@ -7,10 +7,12 @@
#include <rte_memarea.h>
+#define MEMAREA_ELEM_MAGIC_NUM 0xbeef1234
#define MEMAREA_FREE_ELEM_COOKIE 0xFFFFFFFF
struct memarea_elem {
size_t size;
+ uint32_t magic;
uint32_t cookie;
int32_t refcnt; /* Non-zero indicates that it has been allocated */
TAILQ_ENTRY(memarea_elem) elem_node;
diff --git a/lib/memarea/rte_memarea.c b/lib/memarea/rte_memarea.c
index f95f89b6ec..2983a36801 100644
--- a/lib/memarea/rte_memarea.c
+++ b/lib/memarea/rte_memarea.c
@@ -135,6 +135,7 @@ rte_memarea_create(const struct rte_memarea_param *init)
ma->top_addr = RTE_PTR_ADD(addr, init->total_sz - 1);
elem = addr;
elem->size = init->total_sz - sizeof(struct memarea_elem);
+ elem->magic = MEMAREA_ELEM_MAGIC_NUM;
elem->cookie = MEMAREA_FREE_ELEM_COOKIE;
elem->refcnt = 0;
TAILQ_INSERT_TAIL(&ma->elem_list, elem, elem_node);
@@ -192,6 +193,7 @@ memarea_add_node(struct rte_memarea *ma, struct memarea_elem *elem, size_t need_
new_elem = (struct memarea_elem *)RTE_PTR_ADD(elem, sizeof(struct memarea_elem) +
align_size);
new_elem->size = elem->size - align_size - sizeof(struct memarea_elem);
+ new_elem->magic = MEMAREA_ELEM_MAGIC_NUM;
new_elem->cookie = MEMAREA_FREE_ELEM_COOKIE;
new_elem->refcnt = 0;
TAILQ_INSERT_AFTER(&ma->elem_list, elem, new_elem, elem_node);
@@ -219,6 +221,8 @@ rte_memarea_alloc(struct rte_memarea *ma, size_t size, uint32_t cookie)
memarea_lock(ma);
TAILQ_FOREACH(elem, &ma->free_list, free_node) {
+ if (unlikely(elem->magic != MEMAREA_ELEM_MAGIC_NUM))
+ break;
if (elem->size < size)
continue;
if (memarea_whether_add_node(elem->size, size))
@@ -251,6 +255,7 @@ memarea_merge_node(struct rte_memarea *ma, struct memarea_elem *curr,
{
curr->size += next->size + sizeof(struct memarea_elem);
next->size = 0;
+ next->magic = ~MEMAREA_ELEM_MAGIC_NUM;
next->cookie = 0;
TAILQ_REMOVE(&ma->elem_list, next, elem_node);
if (del_next_from_free)
@@ -293,6 +298,13 @@ rte_memarea_update_refcnt(struct rte_memarea *ma, void *ptr, int16_t value)
return;
memarea_lock(ma);
+ if (unlikely(elem->magic != MEMAREA_ELEM_MAGIC_NUM)) {
+ RTE_LOG(ERR, MEMAREA, "memarea: %s magic: 0x%x check fail!\n",
+ ma->init.name, elem->magic);
+ memarea_unlock(ma);
+ return;
+ }
+
if (unlikely(ptr < ma->area_addr || ptr > ma->top_addr)) {
rte_memarea_update_refcnt(ma->init.bak_memarea, ptr, value);
memarea_unlock(ma);
@@ -346,8 +358,11 @@ memarea_elem_list_num(struct rte_memarea *ma)
struct memarea_elem *elem;
uint32_t num = 0;
- TAILQ_FOREACH(elem, &ma->elem_list, elem_node)
+ TAILQ_FOREACH(elem, &ma->elem_list, elem_node) {
+ if (elem->magic != MEMAREA_ELEM_MAGIC_NUM)
+ break;
num++;
+ }
return num;
}
@@ -358,8 +373,11 @@ memarea_free_list_num(struct rte_memarea *ma)
struct memarea_elem *elem;
uint32_t num = 0;
- TAILQ_FOREACH(elem, &ma->free_list, free_node)
+ TAILQ_FOREACH(elem, &ma->free_list, free_node) {
+ if (elem->magic != MEMAREA_ELEM_MAGIC_NUM)
+ break;
num++;
+ }
return num;
}
@@ -370,9 +388,14 @@ memarea_dump_all(struct rte_memarea *ma, FILE *f)
struct memarea_elem *elem;
fprintf(f, " regions:\n");
- TAILQ_FOREACH(elem, &ma->elem_list, elem_node)
+ TAILQ_FOREACH(elem, &ma->elem_list, elem_node) {
+ if (elem->magic != MEMAREA_ELEM_MAGIC_NUM) {
+ fprintf(f, " magic: 0x%x check fail!\n", elem->magic);
+ break;
+ }
fprintf(f, " size: 0x%zx cookie: 0x%x refcnt: %d\n",
elem->size, elem->cookie, elem->refcnt);
+ }
}
int
--
2.17.1