conf/56031: ipfw hangs on every invocation

Thu Sep 4 05:10:13 PDT 2003

The following reply was made to PR conf/56031; it has been noted by GNATS.

From: "James F.  Hranicky" <jfh at cise.ufl.edu>
To: Robert Watson <rwatson at FreeBSD.org>
Cc: FreeBSD-gnats-submit at FreeBSD.org, admin at cise.ufl.edu,
	freebsd-bugs at FreeBSD.org
Subject: Re: conf/56031: ipfw hangs on every invocation
Date: Thu, 4 Sep 2003 08:01:42 -0400

 On Wed, 3 Sep 2003 11:45:41 -0400 (EDT)
 Robert Watson <rwatson at FreeBSD.org> wrote:

 > On Wed, 3 Sep 2003, James F.  Hranicky wrote:

 > I'd step up to the ioctl in question, and then see if it really hangs in
 > the ioctl(), or if it gets past and starts spinning.  If it's the ioctl(),
 > it would be very helpful to know which file descriptor it's on, and what
 > the arguments are.  If it's not the ioctl() call, we need to figure out
 > which loop isn't taking something important into account.

 I think I've found it. First off, I neglected to mention I've added

 	IPFW2=TRUE

 to /etc/make.conf, so I'm using ipfw2 (sorry!).

 After tracing through, it does seem to be a logic error in ipfw2.c .

 At line 1036, there a loop like so:

         for (l = rule->act_ofs, cmd = rule->cmd ;
                         l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) {

 The loop is supposed to quit when l == 0, and l is supposed to be decremented
 by F_LEN(cmd) each time.

 F_LEN is defined as

 	#define   F_LEN_MASK      0x3f
 	#define   F_LEN(cmd)      ((cmd)->len & F_LEN_MASK)

 Checking the values of the cmd struct:

 	(gdb) p *cmd
 	$6 = {opcode = O_NOP, len = 0 '\000', arg1 = 0}

 Darn, l is always decremented by 0.

 I'll probably fix the problem on my end by temporarily disabling ipfw2 (since I'm
 not really even using it at the moment). 

 Hope this helps.

 Jim