[U-Boot] memory corruption on nios2 due to overlap of gbl data and malloc

Wed Feb 29 00:32:57 CET 2012

Hi Albert,

On Wed, Feb 29, 2012 at 10:24 AM, Albert ARIBAUD
<albert.u.boot at aribaud.net> wrote:
> Le 29/02/2012 00:20, Graeme Russ a écrit :
>
>> Hi Albert,
>>

>> No - GENERATED_GBL_DATA_SIZE should be sizeof(gd_t)
>>
>> The space reserved between U-Boot and the heap needs to be sizeof(gd_t) +
>> sizeof(bd-t) (on the delicate proviso that only gd and bd live there, and
>> that gd and bd are immediately next to each other)
>
>
> Ok, so :
>
> 1. do you know why here gd = 68 bytes and GENERATED_GBL_DATA_SIZE is 80?

It gets padded:

	/* Round up to make sure size gives nice stack alignment */
	DEFINE(GENERATED_GBL_DATA_SIZE,
		(sizeof(struct global_data) + 15) & ~15);

	DEFINE(GENERATED_BD_INFO_SIZE,
		(sizeof(struct bd_info) + 15) & ~15);

> 2. luckily for my ego, my proposal was actually correct when I suggested the
> following, right?
>
>
> #define CONFIG_SYS_GBL_DATA_OFFSET      (CONFIG_SYS_MALLOC_BASE - \
>                                            sizeof(bd_t) - \
>                                            GENERATED_GBL_DATA_SIZE)

Probably, but I'm really not sure...

And this is why I dislike the implementation - You have to do all sorts of
weird calucations to put things in the right place when, in fact, the
location of gd and bd in memory is totally irrelavent.

Ow, ouch! - And that padding makes things more fun - The memory layout is

U-Boot | gd | pad | bd | pad | heap

So no, your calculation is not right - It should be:

#define CONFIG_SYS_GBL_DATA_OFFSET      (CONFIG_SYS_MALLOC_BASE - \
                                            GENERATED_BD_INFO_SIZE - \
                                            GENERATED_GBL_DATA_SIZE)

Regards,

Graeme