kern/132734: panic in net/if_mib.c
Robert Watson
rwatson at FreeBSD.org
Thu Apr 23 19:40:05 UTC 2009
The following reply was made to PR kern/132734; it has been noted by GNATS.
From: Robert Watson <rwatson at FreeBSD.org>
To: Mikolaj Golub <to.my.trociny at gmail.com>
Cc: Alexey Illarionov <littlesavage at orionet.ru>, bug-followup at FreeBSD.org
Subject: Re: kern/132734: panic in net/if_mib.c
Date: Thu, 23 Apr 2009 20:33:43 +0100 (BST)
On Thu, 23 Apr 2009, Mikolaj Golub wrote:
> SVN rev 191435 on 2009-04-23 18:23:08Z by rwatson
>
> Merge r191434 from stable/7 to releng/7.2:
>
> In sysctl_ifdata(), query the ifnet pointer using the index only
> once, rather than querying it, validating it, and then re-querying
> it without validating it. This may avoid a NULL pointer
> dereference and resulting kernel page fault if an interface is
> being deleted while bsnmp or other tools are querying data on the
> interface.
>
> The full fix, to properly refcount the interface for the duration
> of the sysctl, is in 8.x, but is considered too high-risk for
> 7.2, so instead will appear in 7.3 (if all goes well).
>
> So, Alexey, can you try upgrading to the latest stable/7 or releng/7.2 or
> apply attached patch to see if this tweak at least eliminates the instant
> panic?
I'll try to get the refcount fix into 7-STABLE in about two weeks, assuming no
hitches in the 8.x version. This will close a number of related race
conditions, which we've had occasional reports of (and others that we
haven't).
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the freebsd-net
mailing list