Date: Sun, 26 Jun 2005 01:20:47 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Andrey Chernov <ache@freebsd.org> Cc: current@freebsd.org, Thierry Herbelot <thierry@herbelot.com> Subject: Re: Mbuf double-free guilty party detection patch Message-ID: <20050626012002.H935@odysseus.silby.com> In-Reply-To: <20050626021729.GA1991@nagual.pp.ru> References: <20050624212729.C537@odysseus.silby.com> <20050625133052.GA23599@peter.osted.lan> <1437.64.215.82.94.1119717536.squirrel@webmail2.pair.com> <20050625173217.GA24306@peter.osted.lan> <20050625171206.S935@odysseus.silby.com> <20050626021729.GA1991@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 26 Jun 2005, Andrey Chernov wrote: > On Sat, Jun 25, 2005 at 05:13:18PM -0500, Mike Silbersack wrote: >> Here's a fixed version of the patch that should return the correct > > I got lots of: > > Jun 26 05:22:44 pobrecita kernel: This memory last freed by: c04d7a88 > Jun 26 05:22:44 pobrecita kernel: Memory modified after free 0xc2458900(256) val=0 @ 0xc2458930 > > with "@ 0xc2458930" part changed and "last freed" addresses are: > c04d7a88, c04dbe9d, c04dc490, c04dffff, c04e02bc > > kgdb /sys/i386/compile/POBRECITA/kernel.debug /dev/mem > (kgdb) x 0xc04d7a88 > 0xc04d7a88 <m_freem+24>: 0xf475c085 > (kgdb) x 0xc04dffff > 0xc04dffff <sbcompress+431>: 0x66ebc389 > (kgdb) x 0xc04dc490 > 0xc04dc490 <soreceive+2640>: 0x8908558b > (kgdb) x 0xc04e02bc > 0xc04e02bc <sbdrop_locked+236>: 0xdb85c189 > (kgdb) x 0xc04dbe9d > 0xc04dbe9d <soreceive+1117>: 0x8908558b > > Is it helps? Yes and no. Your results tell me that it's probably not a simple use after free, but rather something smashing all over memory for some reason. I'm going to have to port Bosko's memguard to uma to really figure this out. *sigh* Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050626012002.H935>