-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lib/ukallocbuddy: Add debug freelist sanity checks #932
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems to catch the errors I tried throwing at it. Performance is not impacted when the option is not selected. For me it looks like a nice addition.
Reviewed-by: Eduard-Florin Mihailescu mihailescu.eduard@gmail.com
169cde9
to
ce14ad0
Compare
Update: additional commit hardening the out-of-memory check in the buddy page allocator. |
❗ Checkpatch failed Beep boop! I ran Unikraft's
Truncated logs starting from first error d856370:
View complete logs | Learn more about Unikraft's coding style and contribution guidelines. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Reviewed-by: Eduard-Florin Mihailescu mihailescu.eduard@gmail.com
This adds a Kconfig option to enable sanity checking of buddy allocator free lists at runtime. Check points are placed at the beginning and end of functions that operate on the free lists. When the option is disabled the checks default to zero-overhead no-ops. In addition, this adds an assert that returned allocated pages are correctly aligned to their buddy order. Signed-off-by: Andrei Tatar <andrei@unikraft.io>
When the buddy allocator chooses a page order to allocate it can (for pathologically large values of num_pages) start from a value larger than FREELIST_SIZE, leading to out-of-bounds access of the freelist array. This change hardens the out-of-memory check to prevent this. Signed-off-by: Andrei Tatar <andrei@unikraft.io>
ce14ad0
to
99970a1
Compare
Rebased on staging & fixed some style issues (remaining checkpatch failures expected; will propose fixes to checkpatch). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @andreittr, all good.
Reviewed-by: Stefan Jumarea stefanjumarea02@gmail.com
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved-by: Razvan Deaconescu razvand@unikraft.io
When the buddy allocator chooses a page order to allocate it can (for pathologically large values of num_pages) start from a value larger than FREELIST_SIZE, leading to out-of-bounds access of the freelist array. This change hardens the out-of-memory check to prevent this. Signed-off-by: Andrei Tatar <andrei@unikraft.io> Reviewed-by: Eduard-Florin Mihailescu <mihailescu.eduard@gmail.com> Reviewed-by: Stefan Jumarea <stefanjumarea02@gmail.com> Approved-by: Razvan Deaconescu <razvand@unikraft.io> Tested-by: Unikraft CI <monkey@unikraft.io> GitHub-Closes: #932
Description of changes
This adds a Kconfig option to enable sanity checking of buddy allocator free lists at runtime. Check points are placed at the beginning and end of functions that operate on the free lists. When the option is disabled the checks default to zero-overhead no-ops.
In addition, this adds an assert that returned allocated pages are correctly aligned to their buddy order.
Furthermore, this PR preemptively hardens the page allocator against pathologically large numbers of requested pages which might cause out-of-bounds access to the freelist head array.
Prerequisite checklist
checkpatch.uk
on your commit series before opening this PR;Base target
Additional configuration
Can be tested with the code snippet from #931 (without applying that patch), should complain after the
free()
call.