IPv6 locking crash (recursion)

Brian Fundakowski Feldman green at FreeBSD.org
Wed Nov 26 10:46:19 PST 2003

Has anyone else tried out the most basic IPv6 test: ndp -I <iface> and
then ping6 fe80::<normal address without %<iface> extension>? I was
greeted by recursion on a non-recursive lock. After some sleuthing,
I tried to determine what conditions could be tested for that would
indicate "this must not call the nd6_is_addr_neighbor() call because
we're from a normal RTM_RESOLVE initializing a new route", and this
is the most correct thing I can come up with. It actually would do
something entirely different if recursion were allowed. Comments?

Index: nd6.c
RCS file: /u/FreeBSD-cvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.37
diff -u -r1.37 nd6.c
--- nd6.c	8 Nov 2003 23:36:32 -0000	1.37
+++ nd6.c	26 Nov 2003 13:45:45 -0000
@@ -1095,7 +1095,8 @@
 	if (req == RTM_RESOLVE &&
 	    (nd6_need_cache(ifp) == 0 || /* stf case */
-	     !nd6_is_addr_neighbor((struct sockaddr_in6 *)rt_key(rt), ifp))) {
+	    ((!(rt->rt_flags & RTF_WASCLONED) || rt->rt_flags & RTF_LLINFO) &&
+	    !nd6_is_addr_neighbor((struct sockaddr_in6 *)rt_key(rt), ifp)))) {
 		 * FreeBSD and BSD/OS often make a cloned host route based
 		 * on a less-specific route (e.g. the default route).

More information about the freebsd-current mailing list