From owner-freebsd-current@FreeBSD.ORG Sun Sep 28 18:44:08 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6510C106568D for ; Sun, 28 Sep 2008 18:44:08 +0000 (UTC) (envelope-from shoesoft@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id A38008FC16 for ; Sun, 28 Sep 2008 18:44:07 +0000 (UTC) (envelope-from shoesoft@gmx.net) Received: (qmail invoked by alias); 28 Sep 2008 18:44:05 -0000 Received: from 85-127-94-178.dynamic.xdsl-line.inode.at (EHLO taxman.pepperland) [85.127.94.178] by mail.gmx.net (mp005) with SMTP; 28 Sep 2008 20:44:05 +0200 X-Authenticated: #16703784 X-Provags-ID: V01U2FsdGVkX195Y9wEmHZ50zb45p6CkGlG1N3aL4y/8CPpd0CI0U EwLWBCPieeiIT1 From: Stefan Ehmann To: Robert Watson Date: Sun, 28 Sep 2008 20:44:00 +0200 User-Agent: KMail/1.10.1 (FreeBSD/7.1-PRERELEASE; KDE/4.1.1; i386; ; ) References: <200809231851.42849.shoesoft@gmx.net> <200809262233.59216.shoesoft@gmx.net> In-Reply-To: MIME-Version: 1.0 Message-Id: <200809282044.01506.shoesoft@gmx.net> X-Y-GMX-Trusted: 0 X-FuHaFi: 0.5600000000000001,0.55 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-current@freebsd.org Subject: Re: ipfw: LOR/panic with uid rules X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Sep 2008 18:44:08 -0000 On Sunday 28 September 2008 16:30:43 Robert Watson wrote: > On Fri, 26 Sep 2008, Stefan Ehmann wrote: > > > > #10 0xc07eccd6 in _rw_rlock (rw=0xc0e5acec, file=0xc103ceed > > > > "/usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c", line=2020) at > > > > /usr/src/sys/kern/kern_rwlock.c:283 > > > > > > > > #11 0xc103b92a in ipfw_chk (args=0xc47328a8) at > > > > /usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c:2020 > > > > > > This surprises me -- can in principle we've passed down 'inp' so there > > > should be no need to look it up. In higher frames, 'inp' is definitely > > > non-NULL, so what happened here? Could you print out the values of the > > > local variables in the check_uidgid() frame? Especially, 'inp' and > > > 'lookup'? > > > > Something seems to be broken or I'm doing something wrong. I can't access > > the locals: > > Dear Stefan: > > Could you update to ip_fw2.c:1.195? I've fixed an issue there that caused > ipfw to look up the inpcb even thought it was passed down in the case that > a TCP connection was in TIMEWAIT: No panic after ~1 hour of testing. Looks very promising. I will give it more testing when it's MFCed. Thanks for your fixes! -- Stefan