Bug 437047

Summary: Crash on manual driver select and load (double free or corruption)
Product: [Fedora] Fedora Reporter: Dr. Tilmann Bubeck <tilmann>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-03-13 02:25:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 235706    

Description Dr. Tilmann Bubeck 2008-03-11 21:16:44 UTC 
Description of problem:
Whenever you manually select a driver to load then anaconda crashes. This is
regardless of the selected driver and happens with every driver with:
*** glibc detected *** /sbin/loader: double free or corruption (!prev):
0x09bc7388 ***
======= Backtrace: ========
[...deleted...]


Version-Release number of selected component (if applicable):


How reproducible:
Every time

Steps to Reproduce:
1. Boot from DVD with kernel option "noprobe" to force a driver selection.
2. Select NFS installation
3. You will be prompted for a driver to select and load
4. Select an arbitrary driver (e.g. 8139too, or e1000 or ppp_generic)
5. Crash occurs
  
Actual results:
Above crash

Expected results:
Load driver

Additional info:
Comment 1 Jeremy Katz 2008-03-12 03:06:41 UTC 
Can you provide the full traceback you received?
Comment 2 Dr. Tilmann Bubeck 2008-03-12 08:41:26 UTC 
This traceback is from selecting "ppp_generic" driver:
*** glibc detected *** /sbin/loader: double free or corruption (!prev): 
0x09617700 ***
======= Backtrace: ========
[0x819fba2]
[0x81a3f6b]
[0x8070bfd]
[0x806e5cc]
[0x80590e5]
[0x804c93e]
[0x8175004]
[0x8048151]
======= Memory Map: ======
00110000-00111000 r-xp 00110000 00:00 0   [vdso]
08048000-0828e000 r-xp 00000000 00:01 36  /sbin/loader
0828e000-08299000 rw-p 00245000 00:01 36  /sbin/loader
08299000-082d3000 rw-p 08299000 00:00 0
095a4000-0964c000 rw-p 095a4000 00:00 0
b7e00000-b7e26000 rw-p b7e00000 00:00 0
b7e26000-b7f00000 ---p b7e26000 00:00 0
b7f2d000-b7f30000 rw-p b7f2d000 00:00 0
bfc09000-bfc1e000 rw-p bffea000 00:00 0   [stack]
Comment 3 Chris Lumens 2008-03-12 20:22:34 UTC 
is this better in F9-Alpha?  A quick test here didn't show a segfault, and I
know we've made some changes to this code since F8.
Comment 4 Dr. Tilmann Bubeck 2008-03-12 22:09:35 UTC 
I can confirm, that there is no backtrace in F9-Alpha. Well done!
Comment 5 Chris Lumens 2008-03-13 02:25:17 UTC 
Hooray, something works!