#15016: KDL (network related) when booting on a Hades Canyon NUC8.
----------------------------------------+----------------------------
Reporter: bga | Owner: nobody
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: Drivers/Network/ipro1000 | Version: R1/Development
Resolution: | Keywords:
Blocked By: | Blocking:
Has a Patch: 0 | Platform: All
----------------------------------------+----------------------------
Comment (by bga):
Ok, a final summary for a while as I will not be able to look into this
this weekend (and probably next week).
The actual double free is here:
http://xref.plausible.coop/source/xref/haiku/src/libs/compat/freebsd_network/compat.c#448
Somehow it looks like there are 2 devices pointing to the same memory for
their softc (assuming it is not just some memory corruption going on,
although I would expect it to be less deterministic on how the crash look
like if this was the case).
I could not really use guarded pages to see if I could find anything else
as it runs out of memory in my machine (64 bit build, 32 Gb of RAM).
I also went through the code to see if I could find a place where softc
was being arbitrarily set but it looks like it is only allocated and set
here:
http://xref.plausible.coop/source/xref/haiku/src/libs/compat/freebsd_network/compat.c#287
The other way I thought about debugging this was to keep track of all
softc pointers and then panic if we found the same pointer in different
devices. Depending on where the panic() was, we could figure out how this
is happening (again, assuming it is not simply memory corruption.
If I simply comment out the free() call for softc, I am back to the
original spinlock KDL. I *THINK* they might be related anyway as it looks
like softc is related to both code paths affected.
--
Ticket URL: <https://dev.haiku-os.org/ticket/15016#comment:16>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.
