cvs commit: src/sys/net if.c

Max Laier max at love2party.net
Wed Jun 21 09:13:42 UTC 2006 

On Wednesday 21 June 2006 10:06, Maxim Konovalov wrote:
> On Wed, 21 Jun 2006, 06:02-0000, Gleb Smirnoff wrote:
> > glebius     2006-06-21 06:02:35 UTC
> >
> >   FreeBSD src repository
> >
> >   Modified files:
> >     sys/net              if.c
> >   Log:
> >   - First initialize ifnet, and then insert it into global
> >     list.
> >   - First remove from global list, then start destroying.
> >
> >   PR:             kern/97679
> >   Submitted by:   Alex Lyashkov <shadow itt.net.ru>
> >   Reviewed by:    rwatson, brooks
>
> FWIW, even with Yar's recent commit to if_vlan.c it still panics.  I
> told Alex about that.  A testcase below.  Run it for several minutes.
>
> #11 0xc05e1a4a in calltrap () at /usr/src/sys/i386/i386/exception.s:138
> #12 0xc05608cb in in6ifa_ifpwithaddr (ifp=0xdeadc0de, addr=0xc39b5218)
> at /usr/src/sys/netinet6/in6.c:1862
> #13 0xc055e81d in in6_control (so=0xc2bbda60, cmd=0xc1206949,
> data=0xc39b5200 "vlan2349", ifp=0xc3973000,
>     td=0xc39b5210) at /usr/src/sys/netinet6/in6.c:459
> #14 0xc052c43c in ifioctl (so=0xc2bbda60, cmd=0xc1206949,
> data=0xc39b5200 "vlan2349", td=0xc2afd870)
>     at /usr/src/sys/net/if.c:1530
> #15 0xc04efb47 in soo_ioctl (fp=0xdeadc0de, cmd=0xc1206949,
> data=0xc39b5200, active_cred=0xc2e64700, td=0xc2afd870)
>     at /usr/src/sys/kern/sys_socket.c:214
> #16 0xc04ea810 in ioctl (td=0xc2afd870, uap=0xd56a7d04) at file.h:265

Yes, we simply keep too many implicit references to ifnets.  The real sequence 
for interface destruction should be:

First mark unusable, wait long enough[*], remove from global list***s***, wait 
long enough[*], free.

Note that there is more than one global list an ifnet takes part in.  There is 
the index2ifp table, there are address lists in inet[6] etc. etc. ... I tried 
to tackle this once and figured it was a minefield.  It is one of the 
problematic cases where we have *way* more reads than writes(=changes) and 
nobody cared to introduce locking as we usually don't see the race effects.

[*] Unfortunately we don't know what long enough is as we don't do reference 
counting for ifnets (and we shouldn't as it would be a massive performance 
hit).  Waiting for as long a possible or at least for "a very long time" 
would be a good start though.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20060621/cf1a229a/attachment.pgp

More information about the cvs-src mailing list