Date: Mon, 14 May 2018 14:46:29 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 227720] Kernel panic in ppp server Message-ID: <bug-227720-7501-w6yHkiSuA8@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-227720-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-227720-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227720 --- Comment #14 from Eugene Grosbein <eugen@freebsd.org> --- I've downloaded it, thanks. (kgdb) p *((struct rtentry *)rn)->rt_ifp $7 = {if_link = {tqe_next = 0xdeadc0dedeadc0de, tqe_prev = 0xdeadc0dedeadc0de}, if_clones = { le_next = 0xdeadc0dedeadc0de, le_prev = 0xdeadc0dedeadc0de}, if_groups = { tqh_first = 0xdeadc0dedeadc0de, tqh_last = 0xdeadc0dedeadc0de}, if_alloctype = 222 'ч', if_softc = 0xdeadc0dedeadc0de, if_llsoftc = 0xdeadc0dedeadc0de, if_l2com = 0xdeadc0dedeadc0de, if_dname = 0xdeadc0dedeadc0de <Address 0xdeadc0dedeadc0de out of bounds>, etc. This means race condition in the kernel between interface removal procedure when some tunnel is being disconnected and sysctl handler for "net.routetable" that ppp calls, or some subroutine this handler uses. Perhaps, this is guilt of sysctl_rtsock() function that uses RIB_RLOCK() before calling rnh->rnh_walktree(&rnh->head, sysctl_dumpentry, &w) but that does not protect from interface destruction: https://svnweb.freebsd.org/base/release/11.1.0/sys/net/rtsock.c?annotate=321354#l1898 We need some more eyes of networking people here. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227720-7501-w6yHkiSuA8>