Date: Fri, 20 Jun 2014 12:15:21 -0700 From: Navdeep Parhar <navdeep@chelsio.com> To: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>, <asomers@freebsd.org> Subject: ifaddr refcount problem Message-ID: <53A48849.8080504@chelsio.com>
next in thread | raw e-mail | index | archive | help
Revision 264905 and 266860 that followed it seem to leak ifaddr
references. ifa_ifwithdstaddr and ifa_ifwithnet both install a
reference on the ifaddr returned to the caller but ip_output does not
release it, eventually leading to a panic when the refcount wraps over
to 0 and the ifaddr is freed while it is still on various lists.
I'm using this patch for now. Thoughts?
Regards,
Navdeep
diff -r 6dfcecd314af sys/netinet/ip_output.c
--- a/sys/netinet/ip_output.c Fri Jun 20 10:33:22 2014 -0700
+++ b/sys/netinet/ip_output.c Fri Jun 20 12:07:12 2014 -0700
@@ -243,6 +243,7 @@ again:
ifp = ia->ia_ifp;
ip->ip_ttl = 1;
isbroadcast = 1;
+ ifa_free((void *)ia);
} else if (flags & IP_ROUTETOIF) {
if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL &&
(ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0))) == NULL) {
@@ -253,6 +254,7 @@ again:
ifp = ia->ia_ifp;
ip->ip_ttl = 1;
isbroadcast = in_broadcast(dst->sin_addr, ifp);
+ ifa_free((void *)ia);
} else if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) &&
imo != NULL && imo->imo_multicast_ifp != NULL) {
/*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53A48849.8080504>