Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 10 Dec 2012 17:37:17 -0800
From:      Garrett Cooper <yanegomi@gmail.com>
To:        Adrian Chadd <adrian@freebsd.org>
Cc:        mdf@freebsd.org, FreeBSD Current <freebsd-current@freebsd.org>, freebsd-net@freebsd.org
Subject:   Re: "Memory modified after free" - by whom?
Message-ID:  <CAGH67wSQMwUHWRkTde7xkeTx2AR5Q=1dV-6amKgDE_HbOA-U7g@mail.gmail.com>
In-Reply-To: <CAJ-Vmok2C_hWd4sDzoVLNWuAzgeP9Cmv6VNfcikDogG_rw8JYg@mail.gmail.com>
References:  <CAGH67wQKUDLQmL8cnWwgzQpWAN2OhKLu0AemPNuy7EOC-i1p9g@mail.gmail.com> <CAJ-Vmo=MsSV3DhAVEP36d%2BFccHDdQz7%2By7v5xTjYKyBP0PfQoQ@mail.gmail.com> <CAMBSHm96ZEiF4mOhUyk-aDS%2BGs%2BhDsh_dMsd-WFcmZ%2BSm6Zk%2BA@mail.gmail.com> <CAJ-Vmok2C_hWd4sDzoVLNWuAzgeP9Cmv6VNfcikDogG_rw8JYg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Dec 10, 2012 at 3:21 PM, Adrian Chadd <adrian@freebsd.org> wrote:
> On 10 December 2012 15:18,  <mdf@freebsd.org> wrote:
>> On Mon, Dec 10, 2012 at 3:10 PM, Adrian Chadd <adrian@freebsd.org> wrote:
>>> 9216 sounds like a jumbo frame mbuf. So the NIC is writing to an mbuf
>>> after it's finalised/freed.
>>>
>>> I have a similar bug showing up on ath(4) RX. :(
>>
>> Compile with DEBUG_MEMGUARD in the kernel configuration, and then set
>> vm.memguard.desc to the name of the UMA zone used for the 9216 byte
>> allocations, mbuf_jumbo_9k.  This should cause a panic when the memory
>> is touched after free.
>
> Right, but I think its a _hardware_ access after the buffer has been freed..

    At least that will give me an idea of who to punt the bug over to
next (assuming it lists the driver) -- one of the network folks, jfv,
or np :). It seems to be a recent change that's causing this (it's
spewing out these warnings every couple seconds), but that might also
be related to me getting lagg working on CURRENT as my last known base
was 9-STABLE and a lot of networking changes haven't been MFCed :).
    I could probably look through the code too after compiling it, but
it would take too long.
Thanks!
-Garrett

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGH67wSQMwUHWRkTde7xkeTx2AR5Q=1dV-6amKgDE_HbOA-U7g>