On Monday 10 November 2003 02:19 pm, Ian Dowse wrote: > In message <200311101159.44366.sam_at_errno.com>, Sam Leffler writes: > >On Monday 10 November 2003 11:37 am, Larry Rosenman wrote: > >> I removed my wi0 card (with DHCLIENT running), and got the following > >> panic on a -CURRENT from yesterday: > > > >Thanks. Working on it... > > FYI, I've been using the following patch locally which seems to > trigger the printf sometimes when wi0 is ejected. Without the patch, > it used to dereference a stale struct ifnet and crash. I have an > approx 1 week old kernel, so this particular problem may have been > fixed already. Your fix looks fine; please commit. It mimics what ip_output does. But there still look to be basic races with device removal/ifnet destruction. For example, ip_output grabs an ifnet reference from the routing table entry and uses it w/o any locking for a rather long time. If the device gets yanked in the interim it seems like you could be left holding a bogus reference. Seems like the whole if_detach path needs a careful rework. SamReceived on Mon Nov 10 2003 - 13:34:25 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:28 UTC