From owner-freebsd-current@FreeBSD.ORG Wed Feb 22 14:48:40 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 46A8516A422 for ; Wed, 22 Feb 2006 14:48:40 +0000 (GMT) (envelope-from q@galgenberg.net) Received: from wrzx28.rz.uni-wuerzburg.de (wrzx28.rz.uni-wuerzburg.de [132.187.3.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6189243D55 for ; Wed, 22 Feb 2006 14:48:35 +0000 (GMT) (envelope-from q@galgenberg.net) Received: from virusscan.mail (amavis2.rz.uni-wuerzburg.de [132.187.3.47]) by wrzx28.rz.uni-wuerzburg.de (Postfix) with ESMTP id 08418146CE7; Wed, 22 Feb 2006 15:48:35 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by virusscan.mail (Postfix) with ESMTP id ED5445BEB; Wed, 22 Feb 2006 15:48:34 +0100 (CET) Received: from frodo.galgenberg.net (wwsx14.win-screen.uni-wuerzburg.de [132.187.253.14]) by wrzx28.rz.uni-wuerzburg.de (Postfix) with ESMTP id CA43A146CEB; Wed, 22 Feb 2006 15:48:34 +0100 (CET) Received: from coyote.q.local (gb-21-237.galgenberg.net [172.16.21.237]) by frodo.galgenberg.net (8.13.1/8.13.1) with ESMTP id k1MEmY0H055675; Wed, 22 Feb 2006 15:48:34 +0100 (CET) (envelope-from q@galgenberg.net) Received: from roadrunner.q.local (roadrunner.q.local [192.168.0.148]) by coyote.q.local (8.13.4/8.13.4) with ESMTP id k1MEmYPW059927; Wed, 22 Feb 2006 15:48:34 +0100 (CET) (envelope-from q@galgenberg.net) Received: from roadrunner.q.local (localhost [127.0.0.1]) by roadrunner.q.local (8.13.4/8.13.4) with ESMTP id k1MEmX9S003441; Wed, 22 Feb 2006 15:48:33 +0100 (CET) (envelope-from q@galgenberg.net) Received: (from q@localhost) by roadrunner.q.local (8.13.4/8.13.4/Submit) id k1MEmXgX003440; Wed, 22 Feb 2006 15:48:33 +0100 (CET) (envelope-from q@galgenberg.net) Date: Wed, 22 Feb 2006 15:48:33 +0100 From: Ulrich Spoerlein To: Divacky Roman Message-ID: <20060222144833.GA1124@galgenberg.net> Mail-Followup-To: Divacky Roman , current@freebsd.org References: <20060217181842.GA21033@odin.ac.hmc.edu> <43F65A70.7080608@FreeBSD.org> <20060217234118.GA22643@odin.ac.hmc.edu> <43F67121.5080809@FreeBSD.org> <43F682F2.1020804@FreeBSD.org> <43F68611.7080602@FreeBSD.org> <20060219110732.GA12550@stud.fit.vutbr.cz> <43F8ABC8.30005@FreeBSD.org> <20060221180440.GB2996@galgenberg.net> <20060222142058.GB43749@stud.fit.vutbr.cz> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="sm4nu43k4a2Rpi4c" Content-Disposition: inline In-Reply-To: <20060222142058.GB43749@stud.fit.vutbr.cz> X-Virus-Scanned: by amavisd-new at uni-wuerzburg.de Cc: current@freebsd.org Subject: Re: Bad code in rcorder(8) (Was: Re: New RCorder: abi loaded too late) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2006 14:48:40 -0000 --sm4nu43k4a2Rpi4c Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Divacky Roman wrote: > well. there are leaks :) if you try the > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D91789 >=20 > I think you'll get touch-after-free as well=20 Ah I see. I first tried this with rcorder from early January and I got errors from 20 different contexts. I now just checked out a fresh rcorder from RELENG_6 and there are still two problems remaining. So the patch in the PR did not address all problems. Here's the output =2E.. /etc/rc.d/ipfw /etc/rc.d/nsswitch rcorder: Circular dependency on file `/etc/rc.d/NETWORKING'. =3D=3D3431=3D=3D Invalid read of size 4 =3D=3D3431=3D=3D at 0x80499B0: satisfy_req (rcorder.c:654) =3D=3D3431=3D=3D by 0x804979A: do_file (rcorder.c:758) =3D=3D3431=3D=3D by 0x80499DA: satisfy_req (rcorder.c:686) =3D=3D3431=3D=3D by 0x804979A: do_file (rcorder.c:758) =3D=3D3431=3D=3D Address 0x3C1E6AEC is 0 bytes inside a block of size 8 fr= ee'd =3D=3D3431=3D=3D at 0x3C03267F: free (in /usr/local/lib/valgrind/vgprelo= ad_memcheck.so) =3D=3D3431=3D=3D by 0x80497B2: do_file (rcorder.c:761) =3D=3D3431=3D=3D by 0x80499DA: satisfy_req (rcorder.c:686) =3D=3D3431=3D=3D by 0x804979A: do_file (rcorder.c:758) =3D=3D3431=3D=3D=20 =3D=3D3431=3D=3D Invalid read of size 4 =3D=3D3431=3D=3D at 0x80497A5: do_file (rcorder.c:759) =3D=3D3431=3D=3D by 0x80499DA: satisfy_req (rcorder.c:686) =3D=3D3431=3D=3D by 0x804979A: do_file (rcorder.c:758) =3D=3D3431=3D=3D by 0x80499DA: satisfy_req (rcorder.c:686) =3D=3D3431=3D=3D Address 0x3C1E6AF0 is 4 bytes inside a block of size 8 fr= ee'd =3D=3D3431=3D=3D at 0x3C03267F: free (in /usr/local/lib/valgrind/vgprelo= ad_memcheck.so) =3D=3D3431=3D=3D by 0x80497B2: do_file (rcorder.c:761) =3D=3D3431=3D=3D by 0x80499DA: satisfy_req (rcorder.c:686) =3D=3D3431=3D=3D by 0x804979A: do_file (rcorder.c:758) rcorder: Circular dependency on provision `fake_prov_00000006' in file `/et= c/rc.d/NETWORKING'. /etc/rc.d/ip6addrctl /etc/rc.d/atm2 =2E.. =3D=3D3431=3D=3D=20 =3D=3D3431=3D=3D ERROR SUMMARY: 4 errors from 2 contexts (suppressed: 0 fro= m 0) =3D=3D3431=3D=3D malloc/free: in use at exit: 17128 bytes in 536 blocks. =3D=3D3431=3D=3D malloc/free: 3579 allocs, 3043 frees, 631699 bytes allocat= ed. hth, Ulrich Spoerlein --=20 PGP Key ID: 20FEE9DD Encrypted mail welcome! Fingerprint: AEC9 AF5E 01AC 4EE1 8F70 6CBD E76E 2227 20FE E9DD Which is worse: ignorance or apathy? Don't know. Don't care. --sm4nu43k4a2Rpi4c Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD/HnB524iJyD+6d0RAphfAJ9pFi31m8kPqIBGiskg+WVmq/iJpgCfeJPG S7x8J+/4ghXb9kodGnYpLJk= =GGgT -----END PGP SIGNATURE----- --sm4nu43k4a2Rpi4c--