On Friday 19 October 2007, Robert Watson wrote: > On Thu, 18 Oct 2007, Darren Reed wrote: > > darrenr 2007-10-18 21:42:54 UTC > > > > FreeBSD src repository > > > > src/sys/contrib/ipfilter/netinet - Imported sources > > Update of /home/ncvs/src/sys/contrib/ipfilter/netinet > > In directory repoman.freebsd.org:/tmp/cvs-serv15525 > > > > Log Message: > > Import IPFilter 4.1.28 > > > > Status: > > > > Vendor Tag: DARRENR > > Release Tags: v4-1-28 > > I didn't see a reply from you on the thread on current@ regarding the > ipfilter panics, so I'll ask here: does this import resolve the panics > that users are experiencing with ipfilter on 7.x/8.x when INVARIANTS is > enabled?
According to my reading, the crashes described in http://lists.freebsd.org/pipermail/freebsd-current/2007-October/078484.html are still present due to the following code in ip_fil_freebsd.c line 490ff: READ_ENTER(&ipf_global); error = fr_ioctlswitch(unit, data, cmd, mode, p->p_uid, p); Where fr_ioctlswitch() does the actual copyin/copyout and READ_ENTER acquires a rwlock(9) which can't sleep. This is an improvement over the previous attempt to sleep in the transmission path (due to useing sx(9) locks), but it is still not correct and fragile even without INVARIANTS. -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
signature.asc
Description: This is a digitally signed message part.
