cvs commit: src/sys/dev/io iodev.c
John Baldwin
jhb at freebsd.org
Tue Aug 12 15:15:49 UTC 2008
On Tuesday 12 August 2008 10:07:43 am Bruce Evans wrote:
> I checked that bpf panics (even under UP) due to the obvious bugs in
> its d_close():
>
> # Generate lots of network activity using something like:
> sysctl net.inet.icmp.icmplim=0; ping -fq localhost &
>
> # Race to panic eventually:
> while :; do tcpdump -i lo0 & sleep 0.001; revoke /dev/bpf0
>
> Most or all device drivers have obvious bugs in their d_close(); bpf
> is just a bit easier to understand and more likely to cause a panic
> than most device drivers, since it is simple and frees resources. A
> panic is very likely when si_drv1 is freed, and si_drv1 is only locked
> accidentally.
I think revoke(2) should EINVAL (or ENOTTY) for non-ttys. Of course bpf is
broken with revoke, but nobody uses revoke with bpf. What people do do in
the normal course of using bpf is lots of concurrent bpf accesses, and w/o
D_TRACKCLOSE, bpf devices don't get closed.
--
John Baldwin
More information about the cvs-src
mailing list