Mbuf double-free guilty party detection patch
Mike Silbersack
silby at silby.com
Sat Jun 25 02:55:52 GMT 2005
By the way, the subject of this e-mail should be "use after free", not
"double-free" - oops.
Mike "Silby" Silbersack
On Fri, 24 Jun 2005, Mike Silbersack wrote:
>
> The attached patch stores the address of who freed an mbuf/cluster/whatever
> inside it, then prints that address when panicing. You can then feed that
> address into "x 0xwhatever" in DDB to see who the semi-guilty party is.
>
> Two flaws in the patch as is:
>
> - It's messy and not compatible with non-i386, cleanups are needed.
>
> - If the mbuf in question is part of a mbuf chain, we'll see m_freem as the
> guilty party, because it called m_free.
>
> So, if you're one of the people seeing panics due to mbufs being used after
> free, please try applying the patch and see what results you get. If you keep
> getting m_freem as the previous user, then I'll have to enhance it to work
> around that.
>
> Mike "Silby" Silbersack
More information about the freebsd-current
mailing list