Date: Thu, 29 Jun 2006 19:24:26 +0400 From: Yar Tikhiy <yar@comp.chem.msu.su> To: Andre Oppermann <andre@freebsd.org> Cc: cvs-src@freebsd.org, Maxim Konovalov <maxim@macomnet.ru>, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/net if_vlan.c Message-ID: <20060629152426.GB67682@comp.chem.msu.su> In-Reply-To: <44A3E56E.9040705@freebsd.org> References: <200606290752.k5T7qU06021639@repoman.freebsd.org> <20060629132354.D73145@mp2.macomnet.net> <20060629131201.GA67682@comp.chem.msu.su> <44A3E56E.9040705@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 29, 2006 at 04:36:30PM +0200, Andre Oppermann wrote: > Yar Tikhiy wrote: > >On Thu, Jun 29, 2006 at 01:24:56PM +0400, Maxim Konovalov wrote: > >>On Thu, 29 Jun 2006, 07:52-0000, Yar Tikhiy wrote: > >> > >>>yar 2006-06-29 07:52:30 UTC > >>> > >>> FreeBSD src repository > >>> > >>> Modified files: > >>> sys/net if_vlan.c > >>> Log: > >>> Detach the interface first, do vlan_unconfig() then. > >>> Previously, another thread could get a pointer to the > >>> interface by scanning the system-wide list and sleep > >>> on the global vlan mutex held by vlan_unconfig(). > >>> The interface was gone by the time the other thread > >>> woke up. > >>> > >>> In order to be able to call vlan_unconfig() on a detached > >>> interface, remove the purely cosmetic bzero'ing of IF_LLADDR > >>> from the function because a detached interface has no addresses. > >>> > >>> Noticed by: a stress-testing script by maxim > >>> Reviewed by: glebius > >>Still no cookie :-) > >> > >>db> bt > >>Tracing pid 75800 tid 100098 td 0xc2b0e960 > >>in_control(c2a1c67c,c02069f6,c40eece0,c2e66000,c2b0e960) at > >>in_control+0x114 > >>ifioctl(c2a1c67c,c02069f6,c40eece0,c2b0e960,0,...) at ifioctl+0xee > >>soo_ioctl(c27cb4c8,c02069f6,c40eece0,c2c04980,c2b0e960) at soo_ioctl+0x2db > >>ioctl(c2b0e960,d56a4d04) at ioctl+0x370 > >>syscall(3b,3b,3b,bfbfe2c4,0,...) at syscall+0x27e > >>Xint0x80_syscall() at Xint0x80_syscall+0x1f > >>--- syscall (54, FreeBSD ELF32, ioctl), eip = 0x2817cb43, esp = > >>0xbfbfe28c, ebp = 0xbfbfe2d8 --- > >> > >>Let me know if you need more info. > > > >I stress tested gif(4) in the same manner for kicks and got a very > >similar panic in in_control(). I suppose that my change eliminated > >a concurrency problem in vlan(4) and we began to feel the lack of > >refcounting at ifnet level. Indeed, a thread can keep a pointer > >to an ifnet beyond its lifetime and panic the system on access to > >the dead ifnet. > > For the time being we should simply mark ifnet's dead but keep them > around. Refcounting is most likely too expensive, especially on larger > SMP systems. All users of ifnets then have to be teached to obey the > dead flag. AFAIK we refcount vnodes, which are an object used rather heavily. Do you think refcounting ifnets would be worse than that? -- Yar
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060629152426.GB67682>