From nobody@FreeBSD.org  Wed May 23 17:30:08 2001
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 6B96E37B423
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 23 May 2001 17:30:03 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f4O0U3N72560;
	Wed, 23 May 2001 17:30:03 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200105240030.f4O0U3N72560@freefall.freebsd.org>
Date: Wed, 23 May 2001 17:30:03 -0700 (PDT)
From: gunther@aurora.regenstrief.org
To: freebsd-gnats-submit@FreeBSD.org
Subject: infinite loop at end (?) of ifnet list ...
X-Send-Pr-Version: www-1.0

>Number:         27601
>Category:       kern
>Synopsis:       infinite loop at end (?) of ifnet list ...
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 23 17:40:01 PDT 2001
>Closed-Date:    Sun Aug 19 03:08:46 PDT 2001
>Last-Modified:  Sun Aug 19 03:09:29 PDT 2001
>Originator:     Gunther Schadow
>Release:        FreeBSD-4.2-RELEASE + KAME-SNAP end of April (last 4.2 based)
>Organization:
Regenstrief Institute
>Environment:
it's KAME SNAP the last 4.2-RELEASE based. Will try this with more
recent release as soon as I have time to upgrade.
>Description:
Problem: apparently machine hangs during boot after device
initialization. Turns out that it hangs in the pseudo device
initialization. Peculiar but not unreasonable configuration
makes this problem manifest.

Problem appears (only) if I have only one real ethernet device
with nwip and ef:

device sis
pseudo-device ef
pseudo-device nwip

(The nwip stuff is from Boris Popov of Kazachstan. I moved the 
 if_nwip.c file into /sys/net and added links in /sys/conf/files.net
 etc.)

I am not certain that this is necessarily a problem in if_nwip.c

I went in with the kernel debugger and found the following: if_ef.c
in ef_load() has an iteration through the ifnet list of network
devices to find which are ethernets and then to clone its special
ethernet-frame handlers. This iteration never terminates because
the nwip pseudo-device entry in the ifnet list has a next link that
points back to itself. Since nwip is not an ethernet device, this
iteration "continues" before any resources are allocated or anything
and thus this is just a very fast infinite loop.

While it is suspicious that the infinite loop is around the nwip
entry in the ifnet list, I do not hesitate to bother FreeBSD 
maintainers with this bug for two reasons:

- the ifnet list belongs to the kernel and it should not be allowed
  for a module to insert an infinite loop to this list.

- the problem goes away simply by adding an additional ethernet 
  device probe into the config file. E.g., I just added 

  device fxp0

  behind the sis device even though I don't have an fxp card
  in that machine.

I will upgrade to 4.3 RELEASE and try it again. I will then 
see if I can find anything wrong in the if_nwip.c stuff, if
not I will chime again.
>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->suspended  
State-Changed-By: jesper 
State-Changed-When: Sun May 27 16:41:14 PDT 2001 
State-Changed-Why:  
Asked submitter to test with released FreeBSD version. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27601 

From: Jesper Skriver <jesper@FreeBSD.org>
To: freebsd-gnats-submit@freebsd.org, gunther@aurora.regenstrief.org
Cc:  
Subject: Re: kern/27601: infinite loop at end (?) of ifnet list ...
Date: Mon, 28 May 2001 01:40:22 +0200

 Please test with 4.3-RELEASE or 4.3-STABLE, if problem persist we'll
 look at it, for
 now I'll put this pr into suspend.
 
 /Jesper
 
State-Changed-From-To: suspended->closed 
State-Changed-By: kris 
State-Changed-When: Sun Aug 19 03:08:46 PDT 2001 
State-Changed-Why:  
Feedback timeout.  4.4-RELEASE will have updated KAME code 
so chances are this is fixed anyway. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27601 
>Unformatted:
