Date: Mon, 27 Aug 2012 14:07:58 -0400 From: John Baldwin <jhb@freebsd.org> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD/i386 stable/9 @239722: REDZONE: Buffer underflow detected Message-ID: <201208271407.58146.jhb@freebsd.org> In-Reply-To: <20120827131311.GE1442@albert.catwhisker.org> References: <20120827131311.GE1442@albert.catwhisker.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, August 27, 2012 9:13:11 am David Wolfskill wrote: > Starting devd. > REDZONE: Buffer underflow detected. 1 byte corrupted before 0xced40080 (4294966796 bytes allocated). This size seems wait outlandish. The only malloc in devctl_queue_data_f() is: struct dev_event_info *n1 = NULL, *n2 = NULL; ... n1 = malloc(sizeof(*n1), M_BUS, flags); On amd64 that structure's size is 24 bytes. On i386 it is probably similar. Certainly not 4GB. I cannot see any overflow bugs with 'struct dev_event_info' objects. In this case I think the redzone metadata that specified the object's size was corrupted, but I've no idea how that could occur. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201208271407.58146.jhb>