Date: Sat, 16 Mar 2002 15:08:00 +0700 (KRAT) From: Eugene Grosbein <eugen@grosbein.pp.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/35969: kernel option PPP_DEFLATE often procudes kernel panics; PPP_BSDCOMP sometimes procudes stalled connections Message-ID: <200203160808.g2G880k17109@D00015.dialonly.kemerovo.su>
next in thread | raw e-mail | index | archive | help
>Number: 35969 >Category: kern >Synopsis: kernel option PPP_DEFLATE often procudes kernel panics; PPP_BSDCOMP sometimes procudes stalled connections >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Mar 16 00:20:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Eugene Grosbein >Release: FreeBSD 4.5-STABLE i386 >Organization: Svyaz Service >Environment: System: FreeBSD D00015.dialonly.kemerovo.su 4.5-STABLE FreeBSD 4.5-STABLE #4: Sat Mar 9 13:41:04 KRAT 2002 eu@D00015.dialonly.kemerovo.su:/usr/local/obj/usr/local/src/sys/DADV i386 pseudo-device ppp 2 options PPP_DEFLATE options PPP_BSDCOMP options PPP_FILTER >Description: Using pppd with compression 'deflate' produces kernel panics with 4.5-STABLE at least after 1 March 2002. Some investigation performed by Kirk McKusick shows corription of kernel structures. 4.5-RELEASE doesn't have this problem. Really the problem appeared much later but I can't say exact date. >How-To-Repeat: 1. Build kernel with pseudo-device ppp 2 options PPP_DEFLATE options PPP_BSDCOMP options PPP_FILTER For debugging purposes, add makeoptions DEBUG=-g options DDB and enable creating of crashdumps via /etc/rc.conf (dumpdev parameter) 2. Create user 'pppuser' with shell '/usr/sbin/pppd', group dialer, create empty ~pppuser/.hushlogin, empty /etc/ppp/options and say: # cat >~pppuser/.ppprc <<EOF local -crtscts 172.20.0.1:172.20.0.2 EOF 3. The problem was first discovered with dialin service, so you can attach an analog modem with phone line and dial to the system. Use client supporting 'deflate' compression method. Make some traffic and you'll get some kind of kernel panic shortly. I've found that there is no need to use hardware modem to trigger this bug. It's can be shown even with tunnelling PPP over TCP connection via loopback. I personally used this small helper to make connection pppd <-> pppd over rlogin TCP stream: #include <unistd.h> #include <errno.h> #include <string.h> #include <limits.h> #include <stdio.h> #include <libutil.h> int main(int argc, char* argv[]) { char *me=argv[0]; char ptyname[PATH_MAX]; int master; ++argv; --argc; if(argc<1) { fprintf(stderr,"usage: %s command [params]\n",me); exit(1); } switch(forkpty(&master,ptyname,NULL,NULL)) { case -1: /* failure */ fprintf(stderr,"%s: cannot forkpty: %s\n",me,strerror(errno)); exit(1); case 0: /* slave, new pty - running process*/ execlp("/usr/sbin/pppd","/usr/sbin/pppd",NULL); _exit(1); /* NOT REACHED */ default: /* master */ dup2(master, 0); dup2(master, 1); dup2(master, 2); if (master > 2) close(master); execvp(*argv,argv); } return 1; } /* END OF FILE */ Compile this: cc runatpty.c -o runatpty -lutil Then enable 'rlogin' in /etc/inetd.conf and say: # echo 'localhost +' > ~pppuser/.rhosts # chown pppuser ~pppuser/.rhosts # chmod 600 ~pppuser/.rhosts Test your settings using 'rlogin -8E -l pppuser localhost'. You should be able to login without password and see pppd trying to talk PPP with you. It will timeout and fail. Now say: # ./runatpty rlogin -8E -l pppuser localhost It will not go background, leave it run. You should have two up and running ppp interfaces - both sides of PPP connection over rlogin TCP stream. Try using it, make some traffic and you'll get kernel panic. >Fix: Unknown for me. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203160808.g2G880k17109>