lib/ukallocbuddy: Add debug freelist sanity checks

[andreittr]

Description of changes

This adds a Kconfig option to enable sanity checking of buddy allocator free lists at runtime. Check points are placed at the beginning and end of functions that operate on the free lists. When the option is disabled the checks default to zero-overhead no-ops.
In addition, this adds an assert that returned allocated pages are correctly aligned to their buddy order.

Furthermore, this PR preemptively hardens the page allocator against pathologically large numbers of requested pages which might cause out-of-bounds access to the freelist head array.

Prerequisite checklist

• Read the contribution guidelines regarding submitting new changes to the project;
• Tested your changes against relevant architectures and platforms;
• Ran the checkpatch.uk on your commit series before opening this PR;
• Updated relevant documentation.

Base target

• Architecture(s): N/A
• Platform(s): N/A
• Application(s): N/A

Additional configuration

Can be tested with the code snippet from #931 (without applying that patch), should complain after the free() call.

[Starnox]

It seems to catch the errors I tried throwing at it. Performance is not impacted when the option is not selected. For me it looks like a nice addition.

Reviewed-by: Eduard-Florin Mihailescu mihailescu.eduard@gmail.com

[andreittr]

Update: additional commit hardening the out-of-memory check in the buddy page allocator.

[unikraft-bot]

❗ Checkpatch failed

Beep boop! I ran Unikraft's checkpatch.pl support script on your pull request but it encountered errors:

SHA	commit	checkpatch
d856370	lib/ukallocbuddy: Add debug freelist sanity checks	❌
ce14ad0	lib/ukallocbuddy: Harden buddy allocator OOM check	✅

Truncated logs starting from first error d856370:

WARNING:BLOCK_COMMENT_STYLE: Block comments use a trailing */ on a separate line
#60: FILE: lib/ukallocbbuddy/bbuddy.c:90:
+ * for consistency. Useful when suspecting memory corruption. */

ERROR:CODE_INDENT: code indent should use tabs where possible
#76: FILE: lib/ukallocbbuddy/bbuddy.c:106:
+^I^I^I          "got %u, expected %zu\n", \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#77: FILE: lib/ukallocbbuddy/bbuddy.c:107:
+^I^I^I          c, i, head, off, c->level, i); \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#81: FILE: lib/ukallocbbuddy/bbuddy.c:111:
+^I^I^I          c, i, head, off, c->pprev); \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#84: FILE: lib/ukallocbbuddy/bbuddy.c:114:
+^I^I^I          "got %p, expected %p\n", \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#85: FILE: lib/ukallocbbuddy/bbuddy.c:115:
+^I^I^I          c, i, head, off, *c->pprev, c); \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#89: FILE: lib/ukallocbbuddy/bbuddy.c:119:
+^I^I^I          c, i, head, off, c->next); \$

ERROR:OPEN_BRACE: that open brace { should be on the previous line
#91: FILE: lib/ukallocbbuddy/bbuddy.c:121:
+		} else if (!FREELIST_ALIGNED(c->next, i) && \
+		           c->next->next != NULL) \
+		{ \

ERROR:CODE_INDENT: code indent should use tabs where possible
#92: FILE: lib/ukallocbbuddy/bbuddy.c:122:
+^I^I           c->next->next != NULL) \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#95: FILE: lib/ukallocbbuddy/bbuddy.c:125:
+^I^I^I          "%p not aligned to %zx boundary\n", \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#96: FILE: lib/ukallocbbuddy/bbuddy.c:126:
+^I^I^I          c, i, head, off, c->next, \$

ERROR:CODE_INDENT: code indent should use tabs where possible
#97: FILE: lib/ukallocbbuddy/bbuddy.c:127:
+^I^I^I          (size_t)1 << (__PAGE_SHIFT + i)); \$

total: 11 errors, 1 warnings, 138 lines checked

NOTE: For some of the reported defects, checkpatch may be able to
      mechanically convert to the typical style using --fix or --fix-inplace.

NOTE: Whitespace errors detected.
      You may wish to use scripts/cleanpatch or scripts/cleanfile

/tmp/build/a53d4c5b/patches/0001-lib-ukallocbuddy-Add-debug-freelist-sanity-checks.patch has style problems, please review.

NOTE: Ignored message types: ASSIGN_IN_IF FILE_PATH_CHANGES NEW_TYPEDEFS OBSOLETE

NOTE: If any of the errors are false positives, please report
      them to the maintainer, see CHECKPATCH in MAINTAINERS.

---

View complete logs | Learn more about Unikraft's coding style and contribution guidelines.

[Starnox]

LGTM!

Reviewed-by: Eduard-Florin Mihailescu mihailescu.eduard@gmail.com

[andreittr]

Rebased on staging & fixed some style issues (remaining checkpatch failures expected; will propose fixes to checkpatch).

[StefanJum]

Thank you @andreittr, all good.
Reviewed-by: Stefan Jumarea stefanjumarea02@gmail.com

[razvand]

Approved-by: Razvan Deaconescu razvand@unikraft.io