From owner-freebsd-net@FreeBSD.ORG Mon Jun 4 06:48:45 2012 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 168AD106566C; Mon, 4 Jun 2012 06:48:45 +0000 (UTC) (envelope-from melifaro@FreeBSD.org) Received: from mail.ipfw.ru (unknown [IPv6:2a01:4f8:120:6141::2]) by mx1.freebsd.org (Postfix) with ESMTP id 9EF358FC0C; Mon, 4 Jun 2012 06:48:44 +0000 (UTC) Received: from v6.mpls.in ([2a02:978:2::5] helo=ws.su29.net) by mail.ipfw.ru with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.76 (FreeBSD)) (envelope-from ) id 1SbR5s-000G3Q-Vs; Mon, 04 Jun 2012 10:48:49 +0400 Message-ID: <4FCC5A46.8020007@FreeBSD.org> Date: Mon, 04 Jun 2012 10:48:38 +0400 From: "Alexander V. Chernikov" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120121 Thunderbird/9.0 MIME-Version: 1.0 To: Andriy Gapon References: <4FCBCF7E.9020603@FreeBSD.org> <4FCBE3B6.1020003@FreeBSD.org> In-Reply-To: <4FCBE3B6.1020003@FreeBSD.org> Content-Type: multipart/mixed; boundary="------------030701000408000400090005" Cc: freebsd-net@FreeBSD.org, FreeBSD-Current Subject: Re: null pointer panic in bpf_peers_present X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2012 06:48:45 -0000 This is a multi-part message in MIME format. --------------030701000408000400090005 Content-Type: text/plain; charset=x-viet-vps; format=flowed Content-Transfer-Encoding: 7bit On 04.06.2012 02:22, Andriy Gapon wrote: > on 03/06/2012 23:56 Andriy Gapon said the following: >> >> I wonder if anybody else is seeing this and if there is a fix... >> This is very recent (today's) FreeBSD head with pretty dull network >> configuration. During boot I run into the following panic: >> >> <118>Setting hostname: xxxxx >> <118>Starting dhclient. >> > My current guess is that the panic occurs because of the newly added (r235745) > bpf_ifdetach which is an ifnet_departure_event handler. My rc.conf is > configured to do interface renaming and SIOCSIFNAME seems to post > ifnet_departure_event followed by ifnet_arrival_event. > > Not sure if it's a window between ifnet_departure_event and ifnet_arrival_event > when if_bpf is NULL, or if if_bpf is never restored in this case. if_bpf is never restored. Can you please try an attached patch ? >> > > --------------030701000408000400090005 Content-Type: text/plain; name="bpf_rename.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="bpf_rename.diff" Index: sys/net/bpf.c =================================================================== --- sys/net/bpf.c (revision 236540) +++ sys/net/bpf.c (working copy) @@ -2542,13 +2542,23 @@ bpf_ifdetach(void *arg __unused, struct ifnet *ifp { struct bpf_if *bp; - if ((bp = ifp->if_bpf) == NULL) + BPF_LOCK(); + if ((bp = ifp->if_bpf) == NULL) { + BPF_UNLOCK(); return; + } + if ((bp->flags & BPFIF_FLAG_DYING) == 0) { + BPF_UNLOCK(); + return; + } + CTR3(KTR_NET, "%s: freing BPF instance %p for interface %p", __func__, bp, ifp); ifp->if_bpf = NULL; + BPF_UNLOCK(); + rw_destroy(&bp->bif_lock); free(bp, M_BPF); } --------------030701000408000400090005--