From owner-freebsd-ipfw  Sat Aug  3 10: 0:31 2002
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 10C3037B401
	for <ipfw@FreeBSD.ORG>; Sat,  3 Aug 2002 10:00:26 -0700 (PDT)
Received: from iguana.icir.org (iguana.icir.org [192.150.187.36])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 310FF43E5E
	for <ipfw@FreeBSD.ORG>; Sat,  3 Aug 2002 10:00:25 -0700 (PDT)
	(envelope-from rizzo@iguana.icir.org)
Received: (from rizzo@localhost)
	by iguana.icir.org (8.11.6/8.11.3) id g73H09i01121;
	Sat, 3 Aug 2002 10:00:09 -0700 (PDT)
	(envelope-from rizzo)
Date: Sat, 3 Aug 2002 10:00:09 -0700
From: Luigi Rizzo <rizzo@icir.org>
To: Valentine Zaretsky <valik@apex.dp.ua>
Cc: ipfw@FreeBSD.ORG
Subject: Re: ipfw2 & dummynet
Message-ID: <20020803100008.A98813@iguana.icir.org>
References: <007601c23b07$8c667550$226e03d4@zhome>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <007601c23b07$8c667550$226e03d4@zhome>; from valik@apex.dp.ua on Sat, Aug 03, 2002 at 07:05:08PM +0300
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG

good catch :)

The problem was in fact a missing #include "opt_ipdn.h" to let us know
whether we are being compiled for the old ipfw or for IPFW2.

Without that, compilation defaulted to ipfw, resulting in
a number of erroneous manipulations of data.

Just committed a fix, thanks

	luigi

On Sat, Aug 03, 2002 at 07:05:08PM +0300, Valentine Zaretsky wrote:
> Hi,
> 
> Playing with ipfw2 in -stable (last time cvsup'ed yesterday), I found a bug when using dummynet pipes and queues
> 
> Here is the simplest example to repeat it:
> 
> ipfw pipe 1 config bw 20KBytes/s
> ipfw add 400 pipe 1 ip from any to me
> 
> The first packet matching rule 400 leads to kernel panic caused by "division by zero"
> 
> Analyzing crashdump with gdb, I found that it happens in the following code in /usr/src/sys/netinet/ip_dummynet.c:
> (lines 1198-1205)
> ==============================
>         if (DN_KEY_GT(q->S, q->F)) { /* means timestamps are invalid */
>             q->S = pipe->V ;
>             pipe->sum += fs->weight ; /* add weight of new queue */
>         } else {
>             heap_extract(&(pipe->idle_heap), q);
>             q->S = MAX64(q->F, pipe->V ) ;
>         }
>         q->F = q->S + ( len<<MY_M )/(u_int64_t) fs->weight;      
> ==============================
> 
> So the weight is 0 when it should be 1. 
> And it's not quite understood why should this code execute at all? There is no queues (only simple pipe, so "is_pipe" should be 1)
> 
> Adding dumb "if(fs->weight==0) fs->weight=1;" before the code above, fixes this kernel panic.
> 
> I think it could/should be fixed a little smarter ;)
> 
> --
> With best regards, Valentine Zaretsky
> 
> 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message