Bug 19544
| Summary: | panic in delete_pipe | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Jimmy Olgeni <olgeni> |
| Component: | kern | Assignee: | Luigi Rizzo <luigi> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | 4.0-STABLE | ||
| Hardware: | Any | ||
| OS: | Any | ||
The attached patch solves this problem for me. I think that with the
upcoming 4.1-release, it would be nice if the kernel panicked on one
less occassion ;) Granted, this panic only comes as a result of an
incorrect ipfw command, but how long ago was the last time you
issued a command out of sequence?
G'luck,
Peter
----------------------------------------------
Hey, out there - is it *you* reading me, or is it someone else?
diff -c src/sys/netinet/ip_dummynet.c mysrc/sys/netinet/ip_dummynet.c
*** src/sys/netinet/ip_dummynet.c Tue Jun 27 18:40:50 2000
--- mysrc/sys/netinet/ip_dummynet.c Tue Jun 27 18:35:11 2000
***************
*** 1546,1551 ****
--- 1546,1554 ----
struct dn_pipe *a, *b;
struct dn_flow_set *fs;
+ if (all_pipes == NULL)
+ return EINVAL; /* no pipes defined, nothing to do */
+
/* locate pipe */
for (a = NULL , b = all_pipes ; b && b->pipe_nr < p->pipe_nr ;
a = b , b = b->next) ;
***************
*** 1581,1586 ****
--- 1584,1592 ----
free(b, M_IPFW);
} else { /* this is a dummynet queue (dn_flow_set) */
struct dn_flow_set *a, *b;
+
+ if (all_flow_sets == NULL)
+ return EINVAL; /* no flow sets defined, nothing to do */
/* locate set */
for (a = NULL, b = all_flow_sets ; b && b->fs_nr < p->fs.fs_nr ;
Responsible Changed From-To: freebsd-bugs->luigi Luigi, are you going to have time to look at this for 4.1-RELEASE? Out of sequence? Who? Me? :-) Well, I did... "something" in my firewall script that caused this kind of panic, and this was the simpler way to reproduce it... anyway, it works now! Thanks! bye Jimmy ... 5 minutes later the kernel locked up solid while receiving data via pipe: I ran a script that did a "ipfw -f flush" and "ipfw pipe 1 config bw 1024b/s", maybe dummynet doesn't like if you remove pipes while it is using them? I was under X, I don't know if the kernel tried to save core (but the hard disk led was off). bye Jimmy State Changed From-To: open->closed Luigi has fixed this in HEAD and RELENG_4 and has asked me to close this one. |
If there are no dummynet pipes configured in the system, an attempt to delete any pipe with "ipfw pipe delete" will result in a kernel panic (trap 12). (kgdb) up #3 0xc032fe09 in trap_pfault (frame=0xc64a0d58, usermode=0, eva=0) at ../../i386/i386/trap.c:820 820 trap_fatal(frame, eva); (kgdb) up #4 0xc032f9c3 in trap (frame={tf_fs = 16, tf_es = 16, tf_ds = 16, tf_edi = -968225348, tf_esi = 0, tf_ebp = -968225368, tf_isp = -968225404, tf_ebx = -1058306304, tf_edx = -968232960, tf_ecx = 0, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1071642696, tf_cs = 8, tf_eflags = 66182, tf_esp = -968225348, tf_ss = 0}) at ../../i386/i386/trap.c:426 426 (void) trap_pfault(&frame, FALSE, eva); (kgdb) up #5 0xc02007b8 in delete_pipe (p=0xc64a0dbc) at ../../netinet/ip_dummynet.c:1559 1559 all_pipes = b->next ; (kgdb) print b $1 = (struct dn_pipe *) 0x0 ^^^^^^^^^^^^^^^^^^^^^^^^^^^ (kgdb) up #6 0xc0200c32 in ip_dn_ctl (sopt=0xc64a0f14) at ../../netinet/ip_dummynet.c:1750 1750 error = delete_pipe(p); (kgdb) print p $2 = (struct dn_pipe *) 0xc64a0dbc (kgdb) How-To-Repeat: As root, run: # ipfw pipe show [to check that the pipe list is really empty] # ipfw pipe delete 1 [panic]