FreeBSD/i386 stable/9 @239722: REDZONE: Buffer underflow
detected
John Baldwin
jhb at freebsd.org
Mon Aug 27 18:40:44 UTC 2012
On Monday, August 27, 2012 9:13:11 am David Wolfskill wrote:
> Starting devd.
> REDZONE: Buffer underflow detected. 1 byte corrupted before 0xced40080
(4294966796 bytes allocated).
This size seems wait outlandish. The only malloc in devctl_queue_data_f() is:
struct dev_event_info *n1 = NULL, *n2 = NULL;
...
n1 = malloc(sizeof(*n1), M_BUS, flags);
On amd64 that structure's size is 24 bytes. On i386 it is probably similar.
Certainly not 4GB. I cannot see any overflow bugs with
'struct dev_event_info' objects. In this case I think the redzone metadata
that specified the object's size was corrupted, but I've no idea how that
could occur.
--
John Baldwin
More information about the freebsd-stable
mailing list