lwip-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [patch #9294] memp: Fix memp_overflow_check_element_underfl

From: Axel Lin
Subject: [lwip-devel] [patch #9294] memp: Fix memp_overflow_check_element_underflow/overflow assertion
Date: Thu, 23 Mar 2017 11:39:50 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 
Follow-up Comment #4, patch #9294 (project lwip):

Hi Simon,
Thanks a lot for your review.

I try below test:
p = LWIP_ALIGNMENT_CAST(struct memp*, ((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p1 = LWIP_ALIGNMENT_CAST(struct memp*, (size_t)((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p2 = LWIP_ALIGNMENT_CAST(struct memp*, ((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p3 = LWIP_ALIGNMENT_CAST(struct memp*, (size_t)((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p4 = LWIP_ALIGNMENT_CAST(struct memp*, ((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p5 = LWIP_ALIGNMENT_CAST(struct memp*, (size_t)((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
if (p != p1) {
        LWIP_PLATFORM_DIAG(("p=%p p1=%p p2=%p p3=%p p4=%p p5=%p\n", p, p1, p2,
p3, p4, p5));

Then I reset the device 5 times and got below result.
[23:23:19:097] p=0x20002d14 p1=0x20002d5c p2=0x20002d5c p3=0x20002d5c
p4=0x20002d5c p5=0x20002d5c
[23:23:21:797] p=0x20002d14 p1=0x20002d5c p2=0x20002d5c p3=0x20002d5c
p4=0x20002d5c p5=0x20002d5c
[23:23:23:172] p=0x20002d14 p1=0x20002d5c p2=0x20002d5c p3=0x20002d5c
p4=0x20002d5c p5=0x20002d5c
[23:23:28:094] p=0x20002d14 p1=0x20002d5c p2=0x20002d5c p3=0x20002d5c
p4=0x20002d5c p5=0x20002d5c
[23:23:29:272] p=0x20002d14 p1=0x20002d5c p2=0x20002d5c p3=0x20002d5c
p4=0x20002d5c p5=0x20002d5c

Above memp_overflow_check_all() call is the one called in memp_init().
I still don't figure out why this could happen.

But I found if I change the order to assign p1 first, I no longer hit this
issue.
i.e. In below code p1 always equal to p.

p1 = LWIP_ALIGNMENT_CAST(struct memp*, (size_t)((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));
p = LWIP_ALIGNMENT_CAST(struct memp*, ((u8_t*)p + MEMP_SIZE +
memp_pools[i]->size + MEMP_SANITY_REGION_AFTER_ALIGNED));


    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/patch/?9294>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]