TCP/IP panics after a few days

[anevilyak]

I haven't tracked down what revision this started at, but at least for the past week or so, Haiku has been KDLing in the net stack for me after a few days uptime, backtrace as follows:

PANIC: vm_page_fault: unhandled page fault in kernel space at 0x3c, ip 0x80775b91
stack trace for thread 68 "net timer"
    kernel stack: 0x80243000 to 0x80247000
frame               caller     <image>:function + offset
 0 80246a04 (+  48) 800613c1   <kernel_x86>:invoke_debugger_command + 0x00f5
 1 80246a34 (+  64) 800611b1   <kernel_x86> invoke_pipe_segment(debugger_command_pipe*: 0x80121f40, int32: 0, 0x0 "<NULL>") + 0x0079
 2 80246a74 (+  64) 80061538   <kernel_x86>:invoke_debugger_command_pipe + 0x009c
 3 80246ab4 (+  48) 80062ac0   <kernel_x86> ExpressionParser<0x80246b68>::_ParseCommandPipe(0x80246b64) + 0x0234
 4 80246ae4 (+  64) 80061efa   <kernel_x86> ExpressionParser<0x80246b68>::EvaluateCommand(0x80113ea0 "bt", 0x80246b64) + 0x02ba
 5 80246b24 (+ 224) 80063ee8   <kernel_x86>:evaluate_debug_command + 0x0088
 6 80246c04 (+  64) 8005f2be   <kernel_x86> kernel_debugger_loop() + 0x01ae
 7 80246c44 (+  32) 80060141   <kernel_x86>:kernel_debugger + 0x004d
 8 80246c64 (+ 192) 800600e9   <kernel_x86>:panic + 0x0029
 9 80246d24 (+  80) 800c1c95   <kernel_x86>:vm_page_fault + 0x0139
10 80246d74 (+  64) 800d1d3d   <kernel_x86>:page_fault_exception + 0x00d9
11 80246db4 (+  12) 800d5466   <kernel_x86>:int_bottom + 0x0036
kernel iframe at 0x80246dc0 (end = 0x80246e10)
 eax 0x90ac88bc     ebx 0x80779ee8      ecx 0x90ac883c   edx 0x0
 esi 0x81269744     edi 0x90ac8800      ebp 0x80246e68   esp 0x80246df4
 eip 0x80775b91  eflags 0x210282
 vector: 0xe, error code: 0x0
12 80246dc0 (+ 168) 80775b91   </boot/beos/system/add-ons/kernel/network/protocols/ipv4> ipv4_send_routed_data(net_protocol*: 0x813ce5ac, net_route*: 0x8131c7a8, net_buffer*: 0x90ac8800) + 0x003d
13 80246e68 (+ 128) 90af5a1c   </boot/beos/system/add-ons/kernel/network/protocols/tcp> TCPEndpoint<0x81269744>::_SendQueued(false, uint32: 0x16c0 (5824)) + 0x0564
14 80246ee8 (+  48) 90af54af   </boot/beos/system/add-ons/kernel/network/protocols/tcp> TCPEndpoint<0x81269744>::_SendQueued(false) + 0x002b
15 80246f18 (+  64) 90af5d6d   </boot/beos/system/add-ons/kernel/network/protocols/tcp> TCPEndpoint<0x81269744>::_Retransmit(0xffffffff, int8: -104) + 0x0035
16 80246f58 (+  64) 90af5e8d   </boot/beos/system/add-ons/kernel/network/protocols/tcp> TCPEndpoint<0x81269830>::_RetransmitTimer(net_timer*: 0x81269744, 0x80768d20) + 0x0069
17 80246f98 (+  64) 807669f0   </boot/beos/system/add-ons/kernel/network/stack> timer_thread(NULL) + 0x0100
18 80246fd8 (+  32) 8005347f   <kernel_x86> _create_kernel_thread_kentry() + 0x001b
19 80246ff8 (+2145095688) 8005341c   <kernel_x86> thread_kthread_exit() + 0x0000

net_timers at that point:

kdebug> net_timer
timer       hook        data        due in
0x81327918  0x90a18a00  0x813278e8  -7397171850
0x81404030  0x90a18a00  0x81404000  -7631141712
0x816b4a80  0x90a18a00  0x816b4a50  -9184225571
0x816b4300  0x90a18a00  0x816b42d0  -9184167325
0x93c15b70  0x90a18a00  0x93c15b40  -9184026889
0x81e56978  0x81158704  0x81e56978  -9183982072
0x93c15378  0x90a18a00  0x93c15348  -9183891477
0x81269548  0x90af5e24  0x8126945c  -9184549968
0x817f1cd8  0x90a18a00  0x817f1ca8  -9183615204

Not sure what else would be useful at this point.

[Adek336]

#2706 is probably the cause, it's known to result in this very backtrace.

[anevilyak]

Ah, I did have a quick look at #2706, but the first few backtraces didn't look related so I assumed this was a distinct problem. Oddly though, I've never encountered this until very recently, and my usage patterns under Haiku haven't changed, so if it is #2706 it surprises me that I haven't been seeing this KDL for longer.

[axeld]

Duplicate of #2706.

[axeld]

(In #2706) Fixed in hrev29386. TCP is still using net_routes directly, but this doesn't cause any crashes anymore.