"Memory modified after free" - by whom?
Garrett Cooper
yanegomi at gmail.com
Tue Dec 11 01:37:18 UTC 2012
On Mon, Dec 10, 2012 at 3:21 PM, Adrian Chadd <adrian at freebsd.org> wrote:
> On 10 December 2012 15:18, <mdf at freebsd.org> wrote:
>> On Mon, Dec 10, 2012 at 3:10 PM, Adrian Chadd <adrian at freebsd.org> wrote:
>>> 9216 sounds like a jumbo frame mbuf. So the NIC is writing to an mbuf
>>> after it's finalised/freed.
>>>
>>> I have a similar bug showing up on ath(4) RX. :(
>>
>> Compile with DEBUG_MEMGUARD in the kernel configuration, and then set
>> vm.memguard.desc to the name of the UMA zone used for the 9216 byte
>> allocations, mbuf_jumbo_9k. This should cause a panic when the memory
>> is touched after free.
>
> Right, but I think its a _hardware_ access after the buffer has been freed..
At least that will give me an idea of who to punt the bug over to
next (assuming it lists the driver) -- one of the network folks, jfv,
or np :). It seems to be a recent change that's causing this (it's
spewing out these warnings every couple seconds), but that might also
be related to me getting lagg working on CURRENT as my last known base
was 9-STABLE and a lot of networking changes haven't been MFCed :).
I could probably look through the code too after compiling it, but
it would take too long.
Thanks!
-Garrett
More information about the freebsd-current
mailing list