LOR + panic in scope6.c
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Tue Aug 9 20:50:10 GMT 2005
On Tue, 9 Aug 2005, John Baldwin wrote:
> > > > (gdb) l *0xffffffff804990a0
> > > > 0xffffffff804990a0 is in in6_setscope (sys/netinet6/scope6.c:417).
> > > > 412 u_int32_t zoneid = 0;
> > > > 413 struct scope6_id *sid;
> > > > 414
> > > > 415 IF_AFDATA_LOCK(ifp);
> > > > 416
> > > > 417 sid = SID(ifp);
> > > > 418
> > > > 419 #ifdef DIAGNOSTIC
> > > > 420 if (sid == NULL) { /* should not happen */
> > > > 421 panic("in6_setscope: scope array is NULL");
> > >
> > > Well, SID is a macro that expands this to:
> > >
> > > sid = ifp->if_afdata[AF_INET6]->scope6_id
> > >
> > > If if_afdata[AF_INET6] has already been freed that could be the problem.
> > > It might have never been non-null either I guess. You can try having
> > > in6_setscope() bail if ifp->if_afdata[AF_INET6] is NULL.
> >
> > I will. I think I found another problem with attach/detach in sk.
> > Might be a double free.
> > The above seems to happen in the "No PHY found" case (which I fixed
> > already locally and everything went away).
>
> Well, I've seen this when attach fails on de(4) as well, so I think it's some
> sort of bug where you ether_ifdetach() an interface before it's fully up or
> something.
exactly. what was the solution?
And the other question: why does this happen?
if_{a,de}ttach looked ok to me on order. Havent' had the time to go to
netinet6/ and check what's going on there...
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
More information about the freebsd-current
mailing list