From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D188E45A50; Sat, 28 Sep 2024 18:49:58 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2EAC840A7A; Sat, 28 Sep 2024 18:48:52 +0200 (CEST) Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) by mails.dpdk.org (Postfix) with ESMTP id 67B9E40673 for ; Sat, 28 Sep 2024 18:48:40 +0200 (CEST) Received: by mail-pj1-f42.google.com with SMTP id 98e67ed59e1d1-2e06f5d4bc7so2775953a91.2 for ; Sat, 28 Sep 2024 09:48:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1727542119; x=1728146919; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=R8Ok1+kq8bi6yHExAh8y81w0B9yxmLJ61X/1EwvijG0=; b=arvwDYY32TRMO7oNesERqDIfhALo5TyJDrGaAUHa2czwLVYemEkOQwE/6Zo/98vdBK SEkAxvgbLcZmN6ChgpKe3tlv0zNAhWYJJpkgCZEZxqY9BS6HkU/OtT3xp05F/YZaZS6x fNBdF8DpdU0Dw+IUtoSkGptdnhRha6DvBFX6M94smOXY5SoOjLA6sT5qPN+oY/LMktNz JIFdEmwOa2xqV3eEgb3IuyUbUXot1vqY4pEuaBMrRSY+5FGc7LdxPgjbR9XC5Jtml8ZC Izh+PekhpBbh3Mh5HaXOQuGzDDkhtZpdHYz+NtNR1u+JZXa7sUbEk24qFPILV7noFJyz u30w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727542119; x=1728146919; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=R8Ok1+kq8bi6yHExAh8y81w0B9yxmLJ61X/1EwvijG0=; b=TidhsPuJkjlverWFj2iZoTkfX6jy9H6p85syuvKl5YjJfmOakguNN3Z67YFBUlULRU hDlcBnMieQt6eITPQ9dzaynpDxODhgj9V8JP2Lavk5EJu2U2U3gget5ZECVHM0kngfpK GovycNymkK27hClYLwxzno/FD8BuZD8Q1k88VU9W06hnIdY2lRbQ+CHTCiOIxUYTe5RO pdJEyvTTrYAUcwOtSUMdcA4vJOBiHchafvKW8BgHQeu9eBKHJMz0cDX75lICA2kISefY 1/t7mgO7ZqetcaPsgxHiw4l/PEKNQNYEzPf1uTTVpqfaveVa/yJwFoGnS6k7GxIODduC c4zg== X-Gm-Message-State: AOJu0YwnDBHe37rc04diIqdC2EZU3JlMZ3cpbWbt9vVQ/2S7HhTVTRSc k4WgG7JrYhHVwDchkWzxpPMuDJJABPzUYPv0gFyAJgsTbGQta49PdEYgoV62jA6wv8BCIvP9E2g D X-Google-Smtp-Source: AGHT+IGgyL903meO4QX42v9HMy5W+ZQN7yML0o2XcRsgWcSU352kJq6I0ZMT34XjHl6Nw/pJnEKSqw== X-Received: by 2002:a17:90b:d98:b0:2d3:d063:bdb6 with SMTP id 98e67ed59e1d1-2e0b89a2d65mr8409498a91.4.1727542119545; Sat, 28 Sep 2024 09:48:39 -0700 (PDT) Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-20b37e47c7dsm28854015ad.216.2024.09.28.09.48.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 28 Sep 2024 09:48:39 -0700 (PDT) From: Stephen Hemminger To: dev@dpdk.org Cc: Stephen Hemminger , Anatoly Burakov , Tyler Retzlaff Subject: [PATCH v2 16/16] eal: add alloc_function attribute to rte_malloc Date: Sat, 28 Sep 2024 09:47:24 -0700 Message-ID: <20240928164814.861933-17-stephen@networkplumber.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240928164814.861933-1-stephen@networkplumber.org> References: <20240927204742.546164-1-stephen@networkplumber.org> <20240928164814.861933-1-stephen@networkplumber.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Use the GCC function attribute to detect cases where memory is allocated with rte_malloc and freed incorrectly with libc version of free (and vice versa). Also will detect some other pointer mismatches. Signed-off-by: Stephen Hemminger --- doc/guides/rel_notes/release_24_11.rst | 8 ++++ lib/eal/include/rte_malloc.h | 55 +++++++++++++++----------- 2 files changed, 40 insertions(+), 23 deletions(-) diff --git a/doc/guides/rel_notes/release_24_11.rst b/doc/guides/rel_notes/release_24_11.rst index 0ff70d9057..f27a37eac4 100644 --- a/doc/guides/rel_notes/release_24_11.rst +++ b/doc/guides/rel_notes/release_24_11.rst @@ -55,6 +55,14 @@ New Features Also, make sure to start the actual text at the margin. ======================================================= +* **Hardened rte_malloc and related functions.** + + * Added function attributes to ``rte_malloc`` and similar functions + that can catch some obvious bugs at compile time (with GCC 11.0 or later). + Examples: calling ``free()`` on pointer that was allocated with ``rte_malloc`` + (and vice versa); freeing the same pointer twice in the same routine; + freeing an object that was not created by allocation; etc. + Removed Items ------------- diff --git a/lib/eal/include/rte_malloc.h b/lib/eal/include/rte_malloc.h index cf3c174022..c7af96fcba 100644 --- a/lib/eal/include/rte_malloc.h +++ b/lib/eal/include/rte_malloc.h @@ -31,6 +31,22 @@ struct rte_malloc_socket_stats { size_t heap_allocsz_bytes; /**< Total allocated bytes on heap */ }; + +/** + * Frees the memory space pointed to by the provided pointer. + * + * This pointer must have been returned by a previous call to + * rte_malloc(), rte_zmalloc(), rte_calloc() or rte_realloc(). The behaviour of + * rte_free() is undefined if the pointer does not match this requirement. + * + * If the pointer is NULL, the function does nothing. + * + * @param ptr + * The pointer to memory to be freed. + */ +void +rte_free(void *ptr); + /** * This function allocates memory from the huge-page area of memory. The memory * is not cleared. In NUMA systems, the memory allocated resides on the same @@ -55,7 +71,8 @@ struct rte_malloc_socket_stats { void * rte_malloc(const char *type, size_t size, unsigned align) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * Allocate zeroed memory from the heap. @@ -83,7 +100,8 @@ rte_malloc(const char *type, size_t size, unsigned align) void * rte_zmalloc(const char *type, size_t size, unsigned align) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * Replacement function for calloc(), using huge-page memory. Memory area is @@ -111,7 +129,8 @@ rte_zmalloc(const char *type, size_t size, unsigned align) void * rte_calloc(const char *type, size_t num, size_t size, unsigned align) __rte_alloc_size(2, 3) - __rte_alloc_align(4); + __rte_alloc_align(4) + __rte_alloc_func(rte_free, 1); /** * Replacement function for realloc(), using huge-page memory. Reserved area @@ -136,7 +155,8 @@ rte_calloc(const char *type, size_t num, size_t size, unsigned align) void * rte_realloc(void *ptr, size_t size, unsigned int align) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * Replacement function for realloc(), using huge-page memory. Reserved area @@ -163,7 +183,8 @@ rte_realloc(void *ptr, size_t size, unsigned int align) void * rte_realloc_socket(void *ptr, size_t size, unsigned int align, int socket) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * This function allocates memory from the huge-page area of memory. The memory @@ -191,7 +212,8 @@ rte_realloc_socket(void *ptr, size_t size, unsigned int align, int socket) void * rte_malloc_socket(const char *type, size_t size, unsigned align, int socket) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * Allocate zeroed memory from the heap. @@ -221,7 +243,8 @@ rte_malloc_socket(const char *type, size_t size, unsigned align, int socket) void * rte_zmalloc_socket(const char *type, size_t size, unsigned align, int socket) __rte_alloc_size(2) - __rte_alloc_align(3); + __rte_alloc_align(3) + __rte_alloc_func(rte_free, 1); /** * Replacement function for calloc(), using huge-page memory. Memory area is @@ -251,22 +274,8 @@ rte_zmalloc_socket(const char *type, size_t size, unsigned align, int socket) void * rte_calloc_socket(const char *type, size_t num, size_t size, unsigned align, int socket) __rte_alloc_size(2, 3) - __rte_alloc_align(4); - -/** - * Frees the memory space pointed to by the provided pointer. - * - * This pointer must have been returned by a previous call to - * rte_malloc(), rte_zmalloc(), rte_calloc() or rte_realloc(). The behaviour of - * rte_free() is undefined if the pointer does not match this requirement. - * - * If the pointer is NULL, the function does nothing. - * - * @param ptr - * The pointer to memory to be freed. - */ -void -rte_free(void *ptr); + __rte_alloc_align(4) + __rte_alloc_func(rte_free, 1); /** * If malloc debug is enabled, check a memory block for header -- 2.45.2