From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1SPJBo-0004ph-T7 for mharc-grub-devel@gnu.org; Tue, 01 May 2012 15:56:48 -0400 Received: from eggs.gnu.org ([208.118.235.92]:52186) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPJBm-0004pM-SU for grub-devel@gnu.org; Tue, 01 May 2012 15:56:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SPJBk-0006QK-Qv for grub-devel@gnu.org; Tue, 01 May 2012 15:56:46 -0400 Received: from mail-wg0-f49.google.com ([74.125.82.49]:34902) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPJBk-0006Q4-HM for grub-devel@gnu.org; Tue, 01 May 2012 15:56:44 -0400 Received: by wgbds1 with SMTP id ds1so3055403wgb.30 for ; Tue, 01 May 2012 12:56:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; bh=HelCJR5bQWIwdBoPeNAKUR7oE4M5buhVcbWp2tWapu0=; b=uo83cK5slz7oUNbiGE59DEbZIS+fjYgMDKVUwrBkodD6pBJPCjNIqR8oRco+7w8yNW nq2bAA6AYK7JRneyfPgvEWFYPIM97hniiyLxF2kDxe11IPi1GfZMBwyqlrILRsMxYenW V968YXuRLUklXONddeQSXuL4ssdOFyhFy4v5bFuEbGIp/4BrFOE/8VZazLRwsOZiLUkV GxZCrHpNifqRkKnzELeIlcHl9XM5o+BslrvhNypjQks2bMjKnvHLShKywAPiplKyD9VU 9It56ThSWMwuF80onNKlWSSiB/AuktgJIwRzdP2K9NKzSl0hPVfKRogqzhZHj2YL4WIa tqOg== Received: by 10.180.83.38 with SMTP id n6mr8914476wiy.1.1335902202290; Tue, 01 May 2012 12:56:42 -0700 (PDT) Received: from debian.x201.phnet (9-234.197-178.cust.bluewin.ch. [178.197.234.9]) by mx.google.com with ESMTPS id gd4sm61193142wib.6.2012.05.01.12.56.39 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 01 May 2012 12:56:41 -0700 (PDT) Message-ID: <4FA03FF2.30607@gmail.com> Date: Tue, 01 May 2012 21:56:34 +0200 From: =?UTF-8?B?VmxhZGltaXIgJ8+GLWNvZGVyL3BoY29kZXInIFNlcmJpbmVua28=?= User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.3) Gecko/20120329 Icedove/10.0.3 MIME-Version: 1.0 To: grub-devel@gnu.org Subject: Re: Mysterious memory corruption bug References: <4FA034B2.2030400@gmail.com> In-Reply-To: X-Enigmail-Version: 1.4.1 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig4303200A65298C9A4BF6EFFB" X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 74.125.82.49 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2012 19:56:48 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig4303200A65298C9A4BF6EFFB Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 01.05.2012 21:52, Bean wrote: > On Wed, May 2, 2012 at 3:46 AM, Bean wrote: >> On Wed, May 2, 2012 at 3:08 AM, Vladimir '=CF=86-coder/phcoder' Serbin= enko >> wrote: >>> On 01.05.2012 20:53, Bean wrote: >>>> Hi, >>>> >>>> Thanks to Vladimir's memory patch, it's actually quite easy to >>>> reproduce mysterious issue. >>>> >>>> First, there are two memory leaks in ip.c. >>>> >>>> It allocates the rsm but never frees it. free_rsm frees its content,= >>>> but not the pointer itself. You can see it in printmem at ip.c:473 >>>> rsm =3D grub_malloc (sizeof (*rsm)); >>>> >>>> Another problem is at ip.c:594: >>>> return handle_dgram (ret, card, src_hwaddress, >>>> hwaddress, proto, &source, &dest, >>>> ttl); >>>> here, ret is netbuff. grub_netbuff_alloc get a buffer for both data >>>> and header (data go first), so when it frees the data pointer, the >>>> header goes away as well. But here, the header is allocated separate= ly >>>> so that it's not free using , you can see it from printmem at ip.c:5= 80 >>>> ret =3D grub_malloc (sizeof (*ret)); >>>> >>>> Now here's the tricky part, when i fix both problem, it actually whe= n >>>> you call this: (memdisk size is 19,180, just in case it matters). >>>> >>>> testspeed /memdisk >>>> >>>> So there must be a memory corruption somewhere. >>> You can check for memory corruptions by calling grub_mm_check often >>> enough in the code. >> Hi, >> >> Thanks for the tip. But when I add a few grub_mm_check and printf here= >> and there, it doesn't halt any more. So this could be a memory >> overflown issue or even compiler bug, very strange indeed. > Hi, > > Well, actually it does halt with a larger file, so at least the > behavior is predictable. Could you try to allocate the buffer for receive/send EFI calls only once per card? It will result in needless copying but would solve few DMA issues if network driver is badly coded. --=20 Regards Vladimir '=CF=86-coder/phcoder' Serbinenko --------------enig4303200A65298C9A4BF6EFFB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREKAAYFAk+gP/MACgkQNak7dOguQglAiAD/YKHTfUtLiYYCZGaWqQPjOe1E 1sBsPZAVpXJfnRTtiZ8BAKeQXqPpjW5LlY6+9rDENL0wzgqFUFstwcEA86XEF9pM =+Ort -----END PGP SIGNATURE----- --------------enig4303200A65298C9A4BF6EFFB--