From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1SPIRM-0002m1-Qu for mharc-grub-devel@gnu.org; Tue, 01 May 2012 15:08:48 -0400 Received: from eggs.gnu.org ([208.118.235.92]:34076) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPIRK-0002kw-DB for grub-devel@gnu.org; Tue, 01 May 2012 15:08:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SPIRI-0003Aa-Fj for grub-devel@gnu.org; Tue, 01 May 2012 15:08:45 -0400 Received: from mail-wg0-f49.google.com ([74.125.82.49]:34247) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPIRI-0003A9-6g for grub-devel@gnu.org; Tue, 01 May 2012 15:08:44 -0400 Received: by wgbds1 with SMTP id ds1so3026815wgb.30 for ; Tue, 01 May 2012 12:08:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; bh=Fw1e3VKyM1bFoK2cqjrOyiGl+313LR7NMLopObnCw20=; b=VhBcxKztCCPY4EbWXytEcXBAhLFwEaFdLaXN3QnEX8CrS+S/Afx1yW3t3VhXndufxX bYOp7iIll59kDXEGXk7DGPW45/oB8m0bn3ZVEKR0ovgEBwo3DYLd/+eCJz6ajCMX8+/0 LRcT8bxZlc9ThyDom/AdaYEGerQkTiRoXJ9Ho5sbVNxda5CySDhHWjTIjn/hTnMK6BNg addFPa0JDQzHiy12DWvp7Re4SVfFZl8r74qZp66vBfCsDn924el84qYBDWwdXM2MTMHy ox+p6vC1AeA6fBjkx1/K7Wv4KlE41mHdU+kRq3YyNZeSZWLd/FqKLKikzhGzH+pl04RW I5yA== Received: by 10.180.24.35 with SMTP id r3mr7348355wif.7.1335899322121; Tue, 01 May 2012 12:08:42 -0700 (PDT) Received: from debian.x201.phnet (9-234.197-178.cust.bluewin.ch. [178.197.234.9]) by mx.google.com with ESMTPS id ca3sm38505787wib.6.2012.05.01.12.08.39 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 01 May 2012 12:08:41 -0700 (PDT) Message-ID: <4FA034B2.2030400@gmail.com> Date: Tue, 01 May 2012 21:08:34 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.3) Gecko/20120329 Icedove/10.0.3 MIME-Version: 1.0 To: grub-devel@gnu.org Subject: Re: Mysterious memory corruption bug References: In-Reply-To: X-Enigmail-Version: 1.4.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigDEEB44380E095FBA886BBA3D" X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 74.125.82.49 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2012 19:08:47 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDEEB44380E095FBA886BBA3D Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 01.05.2012 20:53, Bean wrote: > Hi, > > Thanks to Vladimir's memory patch, it's actually quite easy to > reproduce mysterious issue. > > First, there are two memory leaks in ip.c. > > It allocates the rsm but never frees it. free_rsm frees its content, > but not the pointer itself. You can see it in printmem at ip.c:473 > rsm =3D grub_malloc (sizeof (*rsm)); > > Another problem is at ip.c:594: > return handle_dgram (ret, card, src_hwaddress, > hwaddress, proto, &source, &dest, > ttl); > here, ret is netbuff. grub_netbuff_alloc get a buffer for both data > and header (data go first), so when it frees the data pointer, the > header goes away as well. But here, the header is allocated separately > so that it's not free using , you can see it from printmem at ip.c:580 > ret =3D grub_malloc (sizeof (*ret)); > > Now here's the tricky part, when i fix both problem, it actually when > you call this: (memdisk size is 19,180, just in case it matters). > > testspeed /memdisk > > So there must be a memory corruption somewhere. You can check for memory corruptions by calling grub_mm_check often enough in the code. > (It will not halt if > you skip the the second leak, but you can see the remaining buffer in > printmem). > > BTW, you should add a grub_free_fragment call in testspeed to free the > rsm cache, just to make the printmem output a little cleaner. > > These are the modules used to generate grub.efi, just in case it's rele= vant. > > /grub-mkimage -d grub-core -o grub.efi -O x86_64-efi chain boot test > fat ntfs part_msdos normal ls echo efinet tftp http efinet reboot > testspeed printmem > > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------enigDEEB44380E095FBA886BBA3D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAk+gNLIACgkQNak7dOguQgnYWQEAvCXS5U3egXfZ+WNwoDLDzNM6 Hnaaa0PHyG/C6oaTMDIA/ilBuIEUJE0JFiLhhqkacdbg2D2vrt80cJXQgiq5i9NF =scZT -----END PGP SIGNATURE----- --------------enigDEEB44380E095FBA886BBA3D--