On Fri, Nov 29, 2013 at 21:17, Stuart Henderson wrote:
> On 2013/11/29 14:34, Ted Unangst wrote:
>> On Fri, Nov 29, 2013 at 13:31, RD Thrush wrote:
>> > I've tried -current (Nov 28) on two real machines (soekris and amd64
>> > homebrew) which panic with apparently the same problem. FWIW, I have not
>> > been able to panic a virtualbox i386 machine. The panic occurs
>> > immediately after connecting to the darkstat port, ie. telnet localhost
>> > 667. I've appended full sendbug details for the amd64 homebrew but can
>> > provide the soekris info if the original report was insufficient.
>>
>> I've reverted bpf.c back to its original condition for now.
>>
>
> It won't be enough I think (at least it wasn't enough for my similar
> panics with ladvd).
I wanted one less variable in the equation. :)
if (d->bd_rtout != -1 && d->bd_rdStart == 0)
d->bd_rdStart = ticks;
else
d->bd_rdStart = 0;
...
if ((d->bd_rtout != -1) ||
(d->bd_rdStart + d->bd_rtout) < ticks) {
error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf",
d->bd_rtout);
What does this code do with bd_rtout == -1? First conditional fails,
so we always set rdStart = 0.
Second if: rtout == -1, so first part fails and we go to the ||
expression. rdStart = 0 from above, so 0 + -1 < ticks will always be
true, right? Then we pass -1 to tsleep. I think the || should be &&.
You should *never* call tsleep with rtout == -1.
I don't know how or why this suddently decided to break, but it seems
it's always been that way. Fix here:
Index: bpf.c
===================================================================
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.89
diff -u -p -r1.89 bpf.c
--- bpf.c 29 Nov 2013 19:28:55 -0000 1.89
+++ bpf.c 29 Nov 2013 21:58:06 -0000
@@ -434,7 +434,7 @@ bpfread(dev_t dev, struct uio *uio, int
ROTATE_BUFFERS(d);
break;
}
- if ((d->bd_rtout != -1) ||
+ if ((d->bd_rtout != -1) &&
(d->bd_rdStart + d->bd_rtout) < ticks) {
error = tsleep((caddr_t)d, PRINET|PCATCH, "bpf",
d->bd_rtout);
