Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 04 Jun 2012 10:48:38 +0400
From:      "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To:        Andriy Gapon <avg@FreeBSD.org>
Cc:        freebsd-net@FreeBSD.org, FreeBSD-Current <freebsd-current@FreeBSD.org>
Subject:   Re: null pointer panic in bpf_peers_present
Message-ID:  <4FCC5A46.8020007@FreeBSD.org>
In-Reply-To: <4FCBE3B6.1020003@FreeBSD.org>
References:  <4FCBCF7E.9020603@FreeBSD.org> <4FCBE3B6.1020003@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------030701000408000400090005
Content-Type: text/plain; charset=x-viet-vps; format=flowed
Content-Transfer-Encoding: 7bit

On 04.06.2012 02:22, Andriy Gapon wrote:
> on 03/06/2012 23:56 Andriy Gapon said the following:
>>
>> I wonder if anybody else is seeing this and if there is a fix...
>> This is very recent (today's) FreeBSD head with pretty dull network
>> configuration.  During boot I run into the following panic:
>>
>> <118>Setting hostname: xxxxx
>> <118>Starting dhclient.
>>
> My current guess is that the panic occurs because of the newly added (r235745)
> bpf_ifdetach which is an ifnet_departure_event handler.  My rc.conf is
> configured to do interface renaming and SIOCSIFNAME seems to post
> ifnet_departure_event followed by ifnet_arrival_event.
>
> Not sure if it's a window between ifnet_departure_event and ifnet_arrival_event
> when if_bpf is NULL, or if if_bpf is never restored in this case.
if_bpf is never restored.

Can you please try an attached patch ?

>>
>
>


--------------030701000408000400090005
Content-Type: text/plain;
 name="bpf_rename.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="bpf_rename.diff"

Index: sys/net/bpf.c
===================================================================
--- sys/net/bpf.c	(revision 236540)
+++ sys/net/bpf.c	(working copy)
@@ -2542,13 +2542,23 @@ bpf_ifdetach(void *arg __unused, struct ifnet *ifp
 {
 	struct bpf_if *bp;
 
-	if ((bp = ifp->if_bpf) == NULL)
+	BPF_LOCK();
+	if ((bp = ifp->if_bpf) == NULL) {
+		BPF_UNLOCK();
 		return;
+	}
 
+	if ((bp->flags & BPFIF_FLAG_DYING) == 0) {
+		BPF_UNLOCK();
+		return;
+	}
+
 	CTR3(KTR_NET, "%s: freing BPF instance %p for interface %p",
 	    __func__, bp, ifp);
 
 	ifp->if_bpf = NULL;
+	BPF_UNLOCK();
+
 	rw_destroy(&bp->bif_lock);
 	free(bp, M_BPF);
 }

--------------030701000408000400090005--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FCC5A46.8020007>