[Bug 227720] Kernel panic in ppp server

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227720

--- Comment #40 from Andrey V. Elsukov <ae at FreeBSD.org> ---
(In reply to Franck Rousseau from comment #37)
> Thanks for the fast reply! Not sure if I continue here or in bug #230498 but
> since this is still related to PPP, I put it here.
> 
> I only had 15 min to test, but it crashed right away on the first try. Here
> is the procedure:
> - setup PC3: configure address on Ethernet interface;
> - setup PC2: configure address on Ethernet interface, add ARP pub entry,
> activate forwarding, start ppp server and wait for connection;
> - setup PC3: start pinging PC3, obviously it fails, start ppp client and
> open connection, add default route, everything works correctly.
> Leave everything running as it is, then quit ppp on both sides, restart the
> server waiting for the connection, connect from client -> crash on PC2.
> 
> Here is the trace, it crashes one call further line rtsock.c:1559 after the
> patch
> 
>  	info.rti_info[RTAX_GENMASK] = 0;
>  	if (rt->rt_ifp) {
> -		info.rti_info[RTAX_IFP] = rt->rt_ifp->if_addr->ifa_addr;
> +		IF_ADDR_RLOCK(rt->rt_ifp);
> +		if (rt->rt_ifp->if_addr != NULL)
> +			info.rti_info[RTAX_IFP] = rt->rt_ifp->if_addr->ifa_addr;
>  		info.rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr;

If this patch is full version that you used, you missed IF_ADDR_RUNLOCK() here,
and this is why it panics.

> #8  0xffffffff80af2893 in __rw_rlock_hard (rw=0xfffff800be4bc990,
> td=0xfffff80105056620, v=<value optimized out>) at
> /usr/src/sys/kern/kern_rwlock.c:493
> #9  0xffffffff80c0ce9b in sysctl_dumpentry (rn=0xfffff80008e74270,
> vw=0xfffffe0468486690) at /usr/src/sys/net/rtsock.c:1559

-- 
You are receiving this mail because:
You are the assignee for the bug.