cvs commit: src/sys/netinet ip_fw2.c
Roman Divacky
rdivacky at FreeBSD.org
Tue Sep 30 16:43:38 UTC 2008
On Tue, Sep 30, 2008 at 05:19:57PM +0100, Robert Watson wrote:
>
> On Sun, 28 Sep 2008, Ganbold wrote:
>
> >>Indeed -- when an inpcb doesn't have a socket, ipfw will go ahead and do
> >>a lookup for an inpcb even though one is passed down. I've committed a
> >>change that short-circuits that and marks the credential lookup as
> >>failed. Give it a try now?
> >
> >Thanks a lot, Robert, it was indeed simple effective fix. So far no crash
> >:) With loads like pkg_adding emacs (which adds bunch of other packages)
> >on plain CURRENT, downloading FreeBSD ISO with axel (20 simultaneous
> >connection) through http works fine here.
>
> Good news. We'll want to keep an eye on this one as the 7.0 release cycle
> progresses, and there may be other unexpected edge case problems from the
> rwlock change. On the whole it seems to have been very successful, but the
> view that -CURRENT doesn't receive a whole lot of stress testing is
> reinforced...
I think this is a little different case... I guess people are willing to
test -CURRENT on their desktops etc. but not on "servers". ie. when you
have immediate access to the machine you easily use -CURRENT but not
on the remote server.
Also, people don't tend to run firewalls on their desktops (as opposed to
servers where they dont). This is why I think this bug slipped. Not that
-CURRENT is so badly tested...
roman
More information about the cvs-src
mailing list