• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Kernel stack size and kernel memory debugger
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kernel stack size and kernel memory debugger

  • Subject: Re: Kernel stack size and kernel memory debugger
  • From: mogambo <email@hidden>
  • Date: Mon, 30 Nov 2009 14:29:16 -0800
Actually, after a few sessions of two-machine debugging, this is I found out something very interesting.  Here's how the code sort of looks (don't ask why "malloc" is not just #define'd to  _MALLOC):

void fnA(..)
{
    if (p == NULL) {
        p = (struct foo *)malloc(sizeof(struct foo));
        memset(p, 0, sizeof(struct foo));  <== trap, cause p is invalid
    }
    :
}

void *malloc(size_t x)
{
    char *p = NULL;
    p = _MALLOC(x, M_TEMP, M_WAITOK | M_ZERO)
     :
    return p;
}

Here are the excerpts from the gdb session:
(gdb) finish
Run till exit from #0  _MALLOC (size=56, type=<value temporarily unavailable, due to optimizations>, flags=4) at /SourceCache/xnu/xnu-1486.2.11/bsd/kern/kern_malloc.c:557
0xffffff7f8143bc6a in malloc (x=56) at cache.c:422
422     p = _MALLOC(x, M_TEMP, M_WAITOK|M_ZERO);
Value returned is $3 = (void *) 0xffffff80102178c8
(gdb) p sizeof(p)
$4 = 8
(gdb) n
423     if (p == NULL)
(gdb) p p
$5 = 0xffffff80102178c8 ""
(gdb) n
430     return p;
(gdb) p p
$8 = 0xffffff80102178c8 ""
(gdb) n
431 }
(gdb)
fnA (....)
(gdb) p p
$9 = (struct foo *) 0x102178c8

So, malloc() returns 0xffffff80102178c8, however, the caller receives 0x102178c8.  There seems to be some more stack funkiness happening here.  I am already building with explicit  -mno-red-zone flag.

Any ideas?

On Mon, Nov 30, 2009 at 12:31 PM, mogambo <email@hidden> wrote:
And, while I am on the subject of corruption, is there a kernel memory debugger in Mac OS/bsd?  I have seen this questions being asked on the forum, but did not find any answers.

Are you looking for something other than two-machine debugging with gdb?  This is the relevant section of the (somewhat outdated) Kernel Extension Programming Topics.

I was wondering if there were any debug flags or something to turn on some sort of memory fencing.  I am debugging a problem where the pointer returned by _MALLOC is invalid (e.g. 0x122aae48) and I get a trap fault.  The size of allocation is 56 bytes, so I would expect allocation out of kalloc.64 zone.  zprint in gdb shows the following for kalloc.64:

ZONE                 COUNT   TOT_SZ   MAX_SZ ELT_SZ ALLOC_SZ NAME
0xffffff80031105c8   56461   3aa000   445800     64     1000 kalloc.64 CX

Thanks!

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Kernel stack size and kernel memory debugger
      • From: Shantonu Sen <email@hidden>
    • Re: Kernel stack size and kernel memory debugger
      • From: Ronnie Misra <email@hidden>
References: 
 >Kernel stack size and kernel memory debugger (From: mogambo <email@hidden>)
 >Re: Kernel stack size and kernel memory debugger (From: Andrew Myrick <email@hidden>)
 >Re: Kernel stack size and kernel memory debugger (From: mogambo <email@hidden>)

  • Prev by Date: Re: Kernel stack size and kernel memory debugger
  • Next by Date: Re: Kernel stack size and kernel memory debugger
  • Previous by thread: Re: Kernel stack size and kernel memory debugger
  • Next by thread: Re: Kernel stack size and kernel memory debugger
  • Index(es):
    • Date
    • Thread