From 7db496de2ce1bdf1da0dd843da8b84ccac53cea0 Mon Sep 17 00:00:00 2001 From: Randall Stewart Date: Sun, 19 Aug 2012 11:54:02 +0000 Subject: [PATCH] Though I disagree, I conceed to jhb & Rui. Note that we still have a problem with this whole structure of locks and in_input.c [it does not lock which it should not, but this *can* lead to crashes]. (I have seen it in our SQA testbed.. besides the one with a refcnt issue that I will have SQA work on next week ;-) --- sys/netinet/in.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netinet/in.c b/sys/netinet/in.c index cee61537853..0e771747dcb 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -573,6 +573,7 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, } TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); IF_ADDR_WUNLOCK(ifp); + ifa_free(&ia->ia_ifa); /* if_addrhead */ IN_IFADDR_WLOCK(); TAILQ_REMOVE(&V_in_ifaddrhead, ia, ia_link); @@ -596,7 +597,6 @@ in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, } else ifa_free(&iap->ia_ifa); - ifa_free(&ia->ia_ifa); /* if_addrhead */ ifa_free(&ia->ia_ifa); /* in_ifaddrhead */ out: if (ia != NULL)