As explained recently, calling refcnt_finalize() for ifp references and
sleeping while holding the NET_LOCK() creates a deadlock situation.
However we can simply fix that by not calling if_idxmap_remove() under
the NET_LOCK(). This is safe since the KERNEL_LOCK() is what is needed
to serialize access to ``if_map''.
ok?
Index: net/if.c
===================================================================
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.500
diff -u -p -r1.500 if.c
--- net/if.c 29 May 2017 06:08:21 -0000 1.500
+++ net/if.c 29 May 2017 10:32:12 -0000
@@ -1014,11 +1014,11 @@ if_detach(struct ifnet *ifp)
ifq_clr_oactive(&ifp->if_snd);
- NET_LOCK(s);
- s2 = splnet();
/* Other CPUs must not have a reference before we start destroying. */
if_idxmap_remove(ifp);
+ NET_LOCK(s);
+ s2 = splnet();
ifp->if_qstart = if_detached_qstart;
ifp->if_ioctl = if_detached_ioctl;
ifp->if_watchdog = NULL;
