null pointer panic in bpf_peers_present
Alexander V. Chernikov
melifaro at FreeBSD.org
Mon Jun 4 06:48:45 UTC 2012
On 04.06.2012 02:22, Andriy Gapon wrote:
> on 03/06/2012 23:56 Andriy Gapon said the following:
>>
>> I wonder if anybody else is seeing this and if there is a fix...
>> This is very recent (today's) FreeBSD head with pretty dull network
>> configuration. During boot I run into the following panic:
>>
>> <118>Setting hostname: xxxxx
>> <118>Starting dhclient.
>>
> My current guess is that the panic occurs because of the newly added (r235745)
> bpf_ifdetach which is an ifnet_departure_event handler. My rc.conf is
> configured to do interface renaming and SIOCSIFNAME seems to post
> ifnet_departure_event followed by ifnet_arrival_event.
>
> Not sure if it's a window between ifnet_departure_event and ifnet_arrival_event
> when if_bpf is NULL, or if if_bpf is never restored in this case.
if_bpf is never restored.
Can you please try an attached patch ?
>>
>
>
-------------- next part --------------
Index: sys/net/bpf.c
===================================================================
--- sys/net/bpf.c (revision 236540)
+++ sys/net/bpf.c (working copy)
@@ -2542,13 +2542,23 @@ bpf_ifdetach(void *arg __unused, struct ifnet *ifp
{
struct bpf_if *bp;
- if ((bp = ifp->if_bpf) == NULL)
+ BPF_LOCK();
+ if ((bp = ifp->if_bpf) == NULL) {
+ BPF_UNLOCK();
return;
+ }
+ if ((bp->flags & BPFIF_FLAG_DYING) == 0) {
+ BPF_UNLOCK();
+ return;
+ }
+
CTR3(KTR_NET, "%s: freing BPF instance %p for interface %p",
__func__, bp, ifp);
ifp->if_bpf = NULL;
+ BPF_UNLOCK();
+
rw_destroy(&bp->bif_lock);
free(bp, M_BPF);
}
More information about the freebsd-current
mailing list