From ru@relay.ucb.crimea.ua  Tue Oct  7 02:04:00 1997
Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [194.93.177.113])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id CAA10759
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 7 Oct 1997 02:03:37 -0700 (PDT)
          (envelope-from ru@relay.ucb.crimea.ua)
Received: (from ru@localhost)
	by relay.ucb.crimea.ua (8.8.7/8.8.7) id MAA01982;
	Tue, 7 Oct 1997 12:02:46 +0300 (EEST)
Message-Id: <199710070902.MAA01982@relay.ucb.crimea.ua>
Date: Tue, 7 Oct 1997 12:02:46 +0300 (EEST)
From: Ruslan Ermilov <ru@ucb.crimea.ua>
Reply-To: ru@ucb.crimea.ua
To: FreeBSD-gnats-submit@freebsd.org
Subject: SLIP driver STATIC UNIT bug (stable,current)
X-Send-Pr-Version: 3.2

>Number:         4718
>Category:       kern
>Synopsis:       SLIP driver STATIC UNIT bug (stable,current)
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct  7 02:10:01 PDT 1997
>Closed-Date:    Tue Oct 7 03:51:21 PDT 1997
>Last-Modified:  Tue Oct  7 03:52:44 PDT 1997
>Originator:     Ruslan Ermilov
>Release:        FreeBSD 2.2-STABLE i386
>Organization:
>Environment:

	FreeBSD 2.2-STABLE or FreeBSD 3.0-CURRENT,
	SLIP.

>Description:

	Driver has a bug (see how-to-repeat). As the result,
	`slattach -S <some_fixed_unit>' can not be started and
	killed more than <number_of_slips_configured> times.

>How-To-Repeat:

	Suppose, you have 3 slip units configured in your kernel.
	We will start and kill `slattach -S 1 /dev/cuaa0'.

	First run:
		- slopen() allocates sl_softc[0];
		- sltioctl() exchanges sl_softc[0] and sl_softc[1];
		- sl_softc[1] is assigned SC_STATIC flag.
	Killing:
		- sl_softc[1] has SC_STATIC flag set.

	Second run:
		- slopen() allocates sl_softc[0];
		- sltioctl() exchanges sl_softc[0] and sl_softc[1];
		- sl_softc[0] due to this exchange gets SC_STATIC (!!! BUG !!!)
		- sl_softc[1] is assigned SC_STATIC flag.
	Killing:
		- sl_softc[0 and 1] have SC_STATIC flag set.

	Third run:
		- slopen() allocates sl_softc[2] (sl_softc[0 and 1]] can't be
		  allocates - they have SC_STATIC flag set);
		- sltioctl() exchanges sl_softc[2] and sl_softc[1];
		- sl_softc[2] due to this exchange gets SC_STATIC (!!! BUG !!!)
		- sl_softc[1] is assigned SC_STATIC flag.
	Killing:
		- sl_softc[0,1,2] all have SC_STATIC flag set.
		
	Fouth run:
		- slopen() can't allocate any of the sl_softc[0,1,2]
		  because all they have SC_STATIC flag set.
		- slopen() returns ENXIO error (device not configured).

>Fix:

	The following patch solves the problem.
	It was applied to 1.45.2.2 version of src/sys/net/if_sl.c.
	
/*********************************************************************/
*** if_sl.c.old	Tue Oct  7 10:39:00 1997
--- if_sl.c	Tue Oct  7 10:38:57 1997
***************
*** 390,395 ****
--- 390,396 ----
  					nc->sc_if = tmpnc->sc_if;
  					tmpnc->sc_if = sc->sc_if;
  					*sc = *tmpnc;
+ 					sc->sc_flags &= ~SC_STATIC;
  					free(tmpnc, M_TEMP);
  					if (sc->sc_if.if_flags & IFF_UP) {
  						if_down(&sc->sc_if);
/*********************************************************************/
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: ache 
State-Changed-When: Tue Oct 7 03:51:21 PDT 1997 
State-Changed-Why:  
Fixed. 
>Unformatted:
