From: Matthew Dillon <dillon@dragonflybsd.org>
Date: Mon, 20 Dec 2004 01:26:44 +0000 (+0000)
Subject: There seems to be a race during shutdown where ifa->ifa_addr can become
X-Git-Tag: v2.0.1~9463
X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/83a415f43bef3d06156f953711a62cf4180ebb5a

There seems to be a race during shutdown where ifa->ifa_addr can become
NULL during or just before the processing of an IP packet.  We probably need
some sort of synchronization between interface updates and the IP stack,
but for now just check for the case.

Reported-by: Jonathon McKitrick <jcm@FreeBSD-uk.eu.org>
---

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 558277fa5b..43909969a6 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -82,7 +82,7 @@
  *
  *	@(#)ip_input.c	8.2 (Berkeley) 1/4/94
  * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $
- * $DragonFly: src/sys/netinet/ip_input.c,v 1.37 2004/11/30 19:21:26 joerg Exp $
+ * $DragonFly: src/sys/netinet/ip_input.c,v 1.38 2004/12/20 01:26:44 dillon Exp $
  */
 
 #define	_IP_VHL
@@ -747,6 +747,8 @@ pass:
 	 */
 	if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
 		TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) {
+			if (ifa->ifa_addr == NULL) /* shutdown/startup race */
+				continue;
 			if (ifa->ifa_addr->sa_family != AF_INET)
 				continue;
 			ia = ifatoia(ifa);