Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 12 Oct 2007 17:26:09 +0200
From:      Kris Kennaway <kris@FreeBSD.org>
To:        Dan Nelson <dnelson@allantgroup.com>
Cc:        freebsd-current@freebsd.org, Ivan Voras <ivoras@freebsd.org>
Subject:   Re: Panic in arpresolve->rt_check?
Message-ID:  <470F9211.8010604@FreeBSD.org>
In-Reply-To: <20071012143800.GA76105@dan.emsphone.com>
References:  <fc89en$fc2$1@sea.gmane.org>	<20070912172752.GA13960@dan.emsphone.com>	<fc9ce3$jps$1@sea.gmane.org> <200710101615.48760.jhb@freebsd.org> <20071012143800.GA76105@dan.emsphone.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Dan Nelson wrote:
> In the last episode (Oct 10), John Baldwin said:
>> On Wednesday 12 September 2007 02:50:37 pm Ivan Voras wrote:
>>> Dan Nelson wrote:
>>>> The same panic was also reported for 6.2 via PR 107865 and PR
>>>> 112490.  112490 included a workaround patch (I haven't tried it;
>>>> just found it).
>>> The proposed patch in kern/112490 looks trivial but someone who
>>> knows more about net locking should check it out. Unfortunately it
>>> lacks context and I don't know the code in question to apply it
>>> safely on a production machine :(
>> I also get panics with what appears to be a double free of rt_gwroute
>> in rtexpunge(), so I think while this PR may help some with figuring
>> out the problem, I'm not sure it solves the root bug.
>>
>> Hmm, possibly try this patch:
> 
> This makes the panics more frequent on my machine, actually :)
>  
>> Index: route.c
>> ===================================================================
>> RCS file: /usr/cvs/src/sys/net/route.c,v
>> retrieving revision 1.120
>> diff -c -r1.120 route.c
>> *** route.c	11 Jun 2007 12:19:34 -0000	1.120
>> --- route.c	10 Oct 2007 20:12:54 -0000
>> ***************
>> *** 1314,1319 ****
>> --- 1314,1321 ----
>>   				return (ENETUNREACH);
>>   			}
>>   			RT_LOCK(rt0);
>> + 			if (rt0->rt_gwroute != NULL)
>> + 				RTFREE(rt0->rt_gwroute);
>>   			rt0->rt_gwroute = rt;
>>   			if (rt == NULL) {
>>   				RT_UNLOCK(rt0);
> 

Since you can reproduce this frequently the best thing might be to 
instrument all the route handling with KTR so that you can do 
post-mortem and try to figure out where the double-free or missing 
reference happened.

Kris



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?470F9211.8010604>