[lwip-devel] Memory (debugging) problem

[Małowidzki , Marek]

Hi,

 

I believe that there is a problem with memory allocation when memory allocation debugging is on (MEMP_OVERFLOW_CHECK is defined as 2 and MEMP_SANITY_CHECK as 1). In etharp_raw() in etharp.c, a call to

 

p = pbuf_alloc(PBUF_LINK, sizeof(struct etharp_hdr), PBUF_RAM);

causes the following buffer to be returned:

00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00
00 00 00 00  00 00 00 00  00 00 00 00  cd cd cd cd
cd cd cd cd  cd cd cd cd  cd cd cd cd

(0xcd chars are memory guards) and when we call

memset(p->payload, 0, p->len);

which should always be correct, a subsequent call to memp_overflow_check_all() shows that the guards have been overwritten.

A likely cause is a bug in mem_malloc(): the size of a pool selected for allocation grows from 64 (for MEMP_POOL_64 and no memory debugging) to 80, i.e., it looks like the size is increased by the size of the guards and a too-large memory segment is allocated. When we change PBUF_LINK to PBUF_RAW, no problem appears in this place (btw, shouldn't this really be PBUF_RAW here?).

I was trying to go through all the size-related macros but finally gave up so I cannot suggest a patch. Could anybody have a look at this? We have some problems with memory allocation and would like to use debugging - currently it seems to introduce other problems, though.

Best regards,

Marek