Date: Tue, 7 Oct 1997 12:02:46 +0300 (EEST) From: Ruslan Ermilov <ru@ucb.crimea.ua> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: kern/4718: SLIP driver STATIC UNIT bug (stable,current) Message-ID: <199710070902.MAA01982@relay.ucb.crimea.ua> Resent-Message-ID: <199710070910.CAA11108@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4718
>Category: kern
>Synopsis: SLIP driver STATIC UNIT bug (stable,current)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 7 02:10:01 PDT 1997
>Last-Modified:
>Originator: Ruslan Ermilov
>Organization:
>Release: FreeBSD 2.2-STABLE i386
>Environment:
FreeBSD 2.2-STABLE or FreeBSD 3.0-CURRENT,
SLIP.
>Description:
Driver has a bug (see how-to-repeat). As the result,
`slattach -S <some_fixed_unit>' can not be started and
killed more than <number_of_slips_configured> times.
>How-To-Repeat:
Suppose, you have 3 slip units configured in your kernel.
We will start and kill `slattach -S 1 /dev/cuaa0'.
First run:
- slopen() allocates sl_softc[0];
- sltioctl() exchanges sl_softc[0] and sl_softc[1];
- sl_softc[1] is assigned SC_STATIC flag.
Killing:
- sl_softc[1] has SC_STATIC flag set.
Second run:
- slopen() allocates sl_softc[0];
- sltioctl() exchanges sl_softc[0] and sl_softc[1];
- sl_softc[0] due to this exchange gets SC_STATIC (!!! BUG !!!)
- sl_softc[1] is assigned SC_STATIC flag.
Killing:
- sl_softc[0 and 1] have SC_STATIC flag set.
Third run:
- slopen() allocates sl_softc[2] (sl_softc[0 and 1]] can't be
allocates - they have SC_STATIC flag set);
- sltioctl() exchanges sl_softc[2] and sl_softc[1];
- sl_softc[2] due to this exchange gets SC_STATIC (!!! BUG !!!)
- sl_softc[1] is assigned SC_STATIC flag.
Killing:
- sl_softc[0,1,2] all have SC_STATIC flag set.
Fouth run:
- slopen() can't allocate any of the sl_softc[0,1,2]
because all they have SC_STATIC flag set.
- slopen() returns ENXIO error (device not configured).
>Fix:
The following patch solves the problem.
It was applied to 1.45.2.2 version of src/sys/net/if_sl.c.
/*********************************************************************/
*** if_sl.c.old Tue Oct 7 10:39:00 1997
--- if_sl.c Tue Oct 7 10:38:57 1997
***************
*** 390,395 ****
--- 390,396 ----
nc->sc_if = tmpnc->sc_if;
tmpnc->sc_if = sc->sc_if;
*sc = *tmpnc;
+ sc->sc_flags &= ~SC_STATIC;
free(tmpnc, M_TEMP);
if (sc->sc_if.if_flags & IFF_UP) {
if_down(&sc->sc_if);
/*********************************************************************/
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710070902.MAA01982>