Factor out actual ifaddr removal logic from if_purgeaddrs().
This simplifies code a bit.
Switch addrhead traversal to ifaddr wlock from epoch.
Current epoch code has the following problem: after end of traversal we exit epoch.
If another thread runs IPv4 ifa deletion code, at the moment when we call in_control(), ifa could have been deleted by epoch callback, resulting in use-after-free. We cannot fix it by extending epoch b/c in_control() uses SX lock.
Do not fallback to CK_STAILQ_REMOVE() if in_control() call fails.
With the current code, if in_control() fails and we don't delete ifaddr from the if_addrhead, we end up in infinite loop in if_purgeaddrs(). However, if we delete it just from this list, as we currently do, we end up in negative refcount once we call in_difaddr_ioctl().
XXX: in6_purgeaddr() has no locking around it, so it is possible
to crash the system by removing addresses from multiple threads.