Date: Fri, 26 Apr 2002 16:54:18 -0700 From: Qing <qingli@speakeasy.net> To: freebsd-net@freebsd.org Subject: genmask , rt_fixchange and kernel panic Message-ID: <200204262354.g3QNsI012926@spidey.speakeasy.net>
next in thread | raw e-mail | index | archive | help
Creating a route entry with -cloning flag and the -genmask
option causes a kernel panic on 4.5-STABLE.
The cloned entry created is a network route. The problem
appears to be in route.c, in "rtrequest1" function, where
if (!(rt->rt_flags & RTF_HOST) && (rt_mask(rt) !=0)
<snip>
rnh->rnh_walktree_from(..,rt_fixchange,.)
This newly created entry is immediately removed inside
rt_fixchange. This invalid "rt" pointer is returned back
to the caller.
This problem did not show up in the previous version of
the code apparently due to the missing flag check on
RTF_CLONING in the code above,
if (cmd == RTM_RESOLVE)
<snip>
if ((*ret_nrt)->rt_flags & RTF_PRCLONING) (old version)
new version
if ((*ret_nrt)->rt_flags & (RTF_CLONING & RTF_PRCLONING)
The rt_parent is not assigned so rt_fixchange returned
immediately in the previous version.
I am also not sure why rt_fixchange is needed if
cmd is RTM_RESOLVE.
Has anyone else seen this?
-- Qing
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204262354.g3QNsI012926>