From owner-freebsd-net@FreeBSD.ORG  Thu Apr 23 19:40:02 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C4A23106574C
	for <freebsd-net@hub.freebsd.org>; Thu, 23 Apr 2009 19:40:02 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id B1A2A8FC22
	for <freebsd-net@hub.freebsd.org>; Thu, 23 Apr 2009 19:40:02 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n3NJe2ZE091055
	for <freebsd-net@freefall.freebsd.org>; Thu, 23 Apr 2009 19:40:02 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n3NJe2XU091054;
	Thu, 23 Apr 2009 19:40:02 GMT (envelope-from gnats)
Date: Thu, 23 Apr 2009 19:40:02 GMT
Message-Id: <200904231940.n3NJe2XU091054@freefall.freebsd.org>
To: freebsd-net@FreeBSD.org
From: Robert Watson <rwatson@FreeBSD.org>
Cc: 
Subject: Re: kern/132734: panic in net/if_mib.c
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Robert Watson <rwatson@FreeBSD.org>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2009 19:40:05 -0000

The following reply was made to PR kern/132734; it has been noted by GNATS.

From: Robert Watson <rwatson@FreeBSD.org>
To: Mikolaj Golub <to.my.trociny@gmail.com>
Cc: Alexey Illarionov <littlesavage@orionet.ru>, bug-followup@FreeBSD.org
Subject: Re: kern/132734: panic in net/if_mib.c
Date: Thu, 23 Apr 2009 20:33:43 +0100 (BST)

 On Thu, 23 Apr 2009, Mikolaj Golub wrote:
 
 > SVN rev 191435 on 2009-04-23 18:23:08Z by rwatson
 >
 > Merge r191434 from stable/7 to releng/7.2:
 >
 >  In sysctl_ifdata(), query the ifnet pointer using the index only
 >  once, rather than querying it, validating it, and then re-querying
 >  it without validating it.  This may avoid a NULL pointer
 >  dereference and resulting kernel page fault if an interface is
 >  being deleted while bsnmp or other tools are querying data on the
 >  interface.
 >
 >  The full fix, to properly refcount the interface for the duration
 >  of the sysctl, is in 8.x, but is considered too high-risk for
 >  7.2, so instead will appear in 7.3 (if all goes well).
 >
 > So, Alexey, can you try upgrading to the latest stable/7 or releng/7.2 or 
 > apply attached patch to see if this tweak at least eliminates the instant 
 > panic?
 
 I'll try to get the refcount fix into 7-STABLE in about two weeks, assuming no 
 hitches in the 8.x version.  This will close a number of related race 
 conditions, which we've had occasional reports of (and others that we 
 haven't).
 
 Robert N M Watson
 Computer Laboratory
 University of Cambridge