From owner-freebsd-virtualization@FreeBSD.ORG  Thu Jul  5 19:18:36 2012
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 31678106564A;
	Thu,  5 Jul 2012 19:18:36 +0000 (UTC)
	(envelope-from delphij@delphij.net)
Received: from anubis.delphij.net (anubis.delphij.net
	[IPv6:2001:470:1:117::25])
	by mx1.freebsd.org (Postfix) with ESMTP id 14ABA8FC0A;
	Thu,  5 Jul 2012 19:18:36 +0000 (UTC)
Received: from delta.delphij.net (unknown [206.40.55.65])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by anubis.delphij.net (Postfix) with ESMTPSA id E18811B0A0;
	Thu,  5 Jul 2012 12:18:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis;
	t=1341515915; bh=XRvBYzrccyzSBvKIXXiTkB9oIxjQgOjDA+mxpcDe6RQ=;
	h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To;
	b=mkFPiC/e7JphELVpYxIe3aWJWP33go69v6wL1ZoxiEVZu2shf50a2rRNn1Fq2WSRg
	Zi8ue0p2uRG2XRLZfJsBRRv6FA26MTRdiXMt+UlV0RLiwLp2CGUNeZMK6hqYaTs9uW
	2944cYkkYbVJfJacI318ny9iz/oFQLefYdw4xBPM=
Message-ID: <4FF5E87C.2020908@delphij.net>
Date: Thu, 05 Jul 2012 12:18:20 -0700
From: Xin Li <delphij@delphij.net>
Organization: The FreeBSD Project
MIME-Version: 1.0
To: Mikolaj Golub <trociny@freebsd.org>
References: <4FF32FC4.6020701@delphij.net> <86wr2kau38.fsf@in138.ua3>
In-Reply-To: <86wr2kau38.fsf@in138.ua3>
X-Enigmail-Version: 1.4.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: d@delphij.net, freebsd-virtualization@FreeBSD.org
Subject: Re: GPF when doing jail -r, possibly an use-after-free
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: d@delphij.net
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
	<freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
	<mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2012 19:18:36 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi, Mikolaj,

On 07/04/12 00:00, Mikolaj Golub wrote:
> Is this observed after destroying epair? There is an issue with
> epair: on destroy, when epair_clone_destroy() calls
> ether_ifdetach() for its second half it does not switch to its vnet
> and if_detach_internal() can't find the interface and just returns.
> As a result V_ifnet list is left with dead reference.

Yes.

> http://lists.freebsd.org/pipermail/freebsd-virtualization/2011-January/000628.html
>
>  Here is an updated patch against CURRENT:
> 
> http://people.freebsd.org/~trociny/if_epair.c.epair_clone_destroy.1.patch

Your
> 
patch did fixed the problem, thanks!  Are you going to commit it
against -HEAD and then MFC after a while?

Cheers,
- -- 
Xin LI <delphij@delphij.net>	https://www.delphij.net/
FreeBSD - The Power to Serve!		Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iQEcBAEBCAAGBQJP9eh8AAoJEG80Jeu8UPuzrKQH/3HT/qdW1r8a/sS9XSVK1OFZ
u5M1GUUsrfCpcEYcn1YMgfJKvicy2H56OCHUNwEHfJkngqAvVZD0nZu+dcS7UTQZ
djWHnkealtKg+57jG/FdL+tt8wViq8anYN2I0UUqGqne/tVHkbS9VY0KTr1b9JRv
CNkBMKEJ3ii7eWNft+8c8cRXlOOFbGGuYVOdE8vVB7YDTOkeCGwwbJaLNXheMyld
yNYc4ZNLD8f/TUuxKvbN4Ee514SfvjWsJa9CgiGWTD4u74Brml3zSUGWdWChINqV
uZ14VYzIPmXiPAD1fqidSPPJQ0QpAy1sdwSVnKOkoQ5/zbZzKUXoNGCB+K0z460=
=qZ5q
-----END PGP SIGNATURE-----