Re: Panic in arpresolve->rt_check?

From: Kris Kennaway <kris_at_FreeBSD.org>
Date: Fri, 12 Oct 2007 17:26:09 +0200
Dan Nelson wrote:
> In the last episode (Oct 10), John Baldwin said:
>> On Wednesday 12 September 2007 02:50:37 pm Ivan Voras wrote:
>>> Dan Nelson wrote:
>>>> The same panic was also reported for 6.2 via PR 107865 and PR
>>>> 112490.  112490 included a workaround patch (I haven't tried it;
>>>> just found it).
>>> The proposed patch in kern/112490 looks trivial but someone who
>>> knows more about net locking should check it out. Unfortunately it
>>> lacks context and I don't know the code in question to apply it
>>> safely on a production machine :(
>> I also get panics with what appears to be a double free of rt_gwroute
>> in rtexpunge(), so I think while this PR may help some with figuring
>> out the problem, I'm not sure it solves the root bug.
>>
>> Hmm, possibly try this patch:
> 
> This makes the panics more frequent on my machine, actually :)
>  
>> Index: route.c
>> ===================================================================
>> RCS file: /usr/cvs/src/sys/net/route.c,v
>> retrieving revision 1.120
>> diff -c -r1.120 route.c
>> *** route.c	11 Jun 2007 12:19:34 -0000	1.120
>> --- route.c	10 Oct 2007 20:12:54 -0000
>> ***************
>> *** 1314,1319 ****
>> --- 1314,1321 ----
>>   				return (ENETUNREACH);
>>   			}
>>   			RT_LOCK(rt0);
>> + 			if (rt0->rt_gwroute != NULL)
>> + 				RTFREE(rt0->rt_gwroute);
>>   			rt0->rt_gwroute = rt;
>>   			if (rt == NULL) {
>>   				RT_UNLOCK(rt0);
> 

Since you can reproduce this frequently the best thing might be to 
instrument all the route handling with KTR so that you can do 
post-mortem and try to figure out where the double-free or missing 
reference happened.

Kris
Received on Fri Oct 12 2007 - 13:26:14 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:19 UTC