OpenSolaris

Printable Version Enter a New Search
Bug ID 6738310
Synopsis ip_ndp_recover() checks IPIF_CONDEMNED on the wrong ipif flags field
State 10-Fix Delivered (Fix available in build)
Category:Subcategory kernel:tcp-ip
Keywords oss-bite-size
Sponsor
Submitter
Responsible Engineer Peter Memishian
Reported Against
Duplicate Of
Introduced In solaris_nevada
Commit to Fix snv_107
Fixed In snv_107
Release Fixed solaris_nevada(snv_107)
Related Bugs 4705220 , 6783149
Submit Date 18-August-2008
Last Update Date 28-January-2009
Description 
By inspection, the marked line in ip_ndp_recover() checks the wrong
field:

                if (!(ipif->ipif_flags & IPIF_DUPLICATE) ||
-->                  (ipif->ipif_flags & IPIF_CONDEMNED)) {
                        mutex_exit(&ill->ill_lock);
                        continue;
                }

That should be ipif_state_flags, not ipif_flags.  IPIF_CONDEMNED
is the value 0x01, which is the same as IPIF_UP and never true
here (since we're about to call ipif_up_done_v6()), so this
check ends up doing nothing.

oss-bite-size
Work Around 
N/A
Comments 
N/A