If the call to pf_state_key_clone() in pf_get_translation() fails (i.e. there's
no more memory for it) it frees skp. This is wrong, because skp is a
pf_state_key **, so we need to free *skp, as is done later in the function.
Getting it wrong means we try to free a stack variable of the calling
pf_test_rule() function, and we panic.
dim [Wed, 8 Mar 2017 07:58:29 +0000 (07:58 +0000)]
MFC r314061:
Add __int128-related symbols to libcxxrt's version map. Put these into
the same CXXABI verions as recent libstdc++.
Note that __int128 types are only available on arches where long long is
128 bit wide.
Noticed by: harti
MFC r314104:
Surround any unmangled C++ names in libcxxrt's version map with 'extern
"C++"', otherwise ld refuses to make the symbols global in the final
library. This causes the __int128-related symbols to go missing when
the library is stripped during installation.
We see long spa_sync(). We are waiting to hold dp_config_rwlock for writer. Some
other thread holds dp_config_rwlock for reader, then calls arc_get_data_buf(),
which finds that arc_is_overflowing()==B_TRUE. So it waits (while holding
dp_config_rwlock for reader) for arc_reclaim_thread to signal arc_reclaim_waiters_cv.
Before signaling, arc_reclaim_thread does arc_kmem_reap_now(), which takes ~seconds.
Author: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Approved by: Dan McDonald <danmcd@omniti.com>
mav [Tue, 7 Mar 2017 05:57:18 +0000 (05:57 +0000)]
MFC r314374: Add safety check against too long CDB.
SBP-2 specification defined maximum CDB length as 12 bytes. Newer SBP-3
specification allows CDB of any size, but this driver is too old. Proper
solution would be to look on maximal ORB size supported by the target.
MFC r314430:
When IPv6 fragments reassembly is complete, update mbuf's csum_data
and csum_flags using information from all fragments. This fixes
dropping of reassembled packets due to wrong checksum when the IPv6
checksum offloading is enabled on a network card.
Merge content from ^/projects/netbsd-tests-upstream-01-2017 into ^/head
The primary end-goal of this drop is ease future merges with NetBSD and
collaborate further with the NetBSD project.
The goal was (largely, not completely as some items are still oustanding
in the NetBSD GNATS system) achieved by doing the following:
- Pushing as many changes required to port contrib/netbsd-tests
back to NetBSD as possible, then pull the upstream applied changes
back in to FreeBSD.
- Diff reduce with upstream where possible by:
-- Improving libnetbsd header, etc compat glue.
-- Using _SED variables to modify test scripts on the fly for items
that could not be upstreamed to NetBSD.
As a bonus for this work, this change also introduces testcases for
uniq(1).
Many thanks to Christos for working with me to get many of the changes
back into the NetBSD project.
In collaboration with: Christos Zoulas <christos@netbsd.org>
r314509:
cxgbe/iw_cxgbe: Do not check the size of the memory region being
registered. T4/5/6 have no internal limit on this size. This is
probably a copy paste from the T3 iw_cxgb driver.
ULPs can set a qp's state to ERROR and then post a work request on the
sq and/or rq. When the reply for that work request comes back it is
guaranteed that all previous work requests posted on that queue have
been drained.
mav [Mon, 6 Mar 2017 06:38:26 +0000 (06:38 +0000)]
MFC r314299, r314300: Fix residual length reporting in target mode.
This allows to properly handle cases when target wants to receive or send
more data then initiator wants to send or receive. Previously in such
cases isp(4) returned CAM_DATA_RUN_ERR, while now it returns resid > 0.
mav [Mon, 6 Mar 2017 06:35:32 +0000 (06:35 +0000)]
MFC r314255: Reenable CTL_WITH_CA, optimizing it for lower memory usage.
This code was disabled due to its high memory usage. But now we need this
functionality for cfumass(4) frontend, since USB MS BBB transport does not
support autosense.
mav [Mon, 6 Mar 2017 06:22:37 +0000 (06:22 +0000)]
MFC r314086: Fix multiple problems around LUN disable under load.
- Move private data about ATIOs/INOTs from per-LUN to per-channel data.
This allows active commands to continue operation after LUN destruction.
This also simplifies lookup of the data by tag in some situations.
- Unify three restart_queue processing implementations.
- Complete all ATIOs from restart_queue on LUN disable.
- Delete ATIO private data when command completed or aborted, not depending
on the ATIO being requeued, that was ugly hack and could never happen. CAM
should always call ether XPT_CONT_TARGET_IO with status or XPT_ABORT.
- Implement XPT_ABORT for queued ATIOs/INOTs to allow CAM do graceful
shutdown, not depending on LUN disable, as it is done in ahd(4)/targ(4).
- Unify isp_endcmd() arguments to make it more usable in generic code.
- Remove never really used LUN state reference counter.
mav [Mon, 6 Mar 2017 06:21:26 +0000 (06:21 +0000)]
MFC r314045: Remove duplicate INOT allocation.
For some reason isp_handle_platform_notify_fc() allocated INOT just
before calling isp_handle_platform_target_tmf(), which also allocates
INOT. It seems to be a braino introduced in r196008.
mav [Mon, 6 Mar 2017 06:19:02 +0000 (06:19 +0000)]
MFC r314027: Do not blindly free completed ATIOs/INOTs on invalidation.
When LUN is disabled, SIM starts returning queued ATIOs/INOTs. But at the
same time there can be some ATIOs/INOTs still carrying real new requests.
If we free those, SIM may leak some resources, forever expecting for any
response from us. So try to be careful, separating ATIOs/INOTs carrying
requests which still must be processed, from ATIOs/INOTs completed with
errors which can be freed.
bdrewery [Fri, 3 Mar 2017 21:41:17 +0000 (21:41 +0000)]
MFC r313867,r313869,r313870,r314001:
r313867:
Add history and Authors section in the manpage
r313869:
Also add vsevolod@ in the authors
r313870:
Use full name for the month
r314001:
Make it more clear that -k sends SIGKILL, not the -s signal.
cxgbe/iw_cxgbe: fix various double-close panics with iWARP sockets.
Sockets representing the TCP endpoints for iWARP connections are
allocated by the ibcore module. Before this revision they were closed
either by the ibcore module or the iw_cxgbe hardware driver depending on
the state transitions during connection teardown. This is error prone
and there were cases where both iw_cxgbe and ibcore closed the socket
leading to double-free panics. The fix is to let ibcore close the
sockets it creates and never do it in the driver.
- Use sodisconnect instead of soclose (preceded by solinger = 0) in the
driver to tear down an RDMA connection abruptly. This does what's
intended without releasing the socket's fd reference.
- Close the socket in ibcore when the iWARP iw_cm_id is destroyed. This
works for all kinds of sockets: clients that initiate connections,
listeners, and sockets accepted off of listeners.
emaste [Wed, 1 Mar 2017 01:44:40 +0000 (01:44 +0000)]
MFC r313774: localtime: return NULL if time_t out of range of struct tm
Previously we would truncate tm.tm_year for any time_t corresponding to
a year that does not fit in int. This issue was discovered because it
caused the bash-static build to fail when linking with LLD.
As reported by Rafael EspÃndola:
Configure has
AC_FUNC_MKTIME
which expands to a test of mktime that fails with the freebsd
implementation. Given that, bash compiles a mktime.o file that
defines just mktime and uses localtime. That goes in a .a file
that is before libc.
The freebsd libc defines mktime in localtime.o, which also defines
localtime among other functions.
When lld sees an undefined reference to mktime from libc, it uses
the bash provided one and then tries to find a definition of
localtime. It is found on libc's localtime.o, but now we have a
duplicated error.
The reason it works with bfd is that bash doesn't use mktime
directly and the undefined reference from libc is resolved to the
libc implementation. It would also fail to link if bash itself
directly used mktime.
The bash-static configure test verifies that, for many values of t, either
localtime(t) returns NULL or mktime(localtime(t)) == t. This test failed
when localtime returned a truncated tm_year.
This was fixed in tzcode in 2004 but has persisted in our tree since
rS2708.
asomers [Wed, 1 Mar 2017 00:13:58 +0000 (00:13 +0000)]
MFC r312995:
Initialize a stack variable in mprsas_get_sas_address_for_sata_disk
Thought it's difficult to reproduce, I think this variable was responsible
for a use-after-free panic when a SATA disk timed out responding to a SATA
identify command during boot.
asomers [Tue, 28 Feb 2017 23:56:14 +0000 (23:56 +0000)]
MFC r312559:
Fix misc Coverity defects in camdd(8)
CID 1341620 Fix a small memory leak
CID 1341630 Though this is technically a false positive, rearrange the
code for clarity.
CID 1341635 Eliminate dead code
CID 1368663 Fix a double mutex unlock in the error path
Also:
* Use sig_atomic_t for variables accessed from signal handlers
* Don't conditionalize free(3) on its argument being non-null
r311895:
Fix memory leaks during "tail -r" of an irregular file
* Rewrite r_buf to use standard tail queues instead of a hand-rolled
circular linked list. Free dynamic allocations when done.
* Remove an optimization for the case where the file is a multiple of 128KB
in size and there is a scarcity of memory.
* Add ATF tests for "tail -r" and its variants.
CID 1362055, 1362054: File descriptor leaks during shutdown
CID 1362013: Potential null-termination fail with long network device names
CID 1362097: Uncaught exception during memory pressure
CID 1362017, 1362016: Unchecked errors, possibly resulting in weird behavior
if two devd instances start at the same time.
CID 1362015: Unchecked error that will probably never fail
ngie [Tue, 28 Feb 2017 00:56:33 +0000 (00:56 +0000)]
Note: this change reintroduces r314020 after r314327, r314330, and r314332
MFC r313404:
Improve libnetbsd compatibility with NetBSD
This change is being made to diff reduce/reduce duplication in
contrib/netbsd-tests and to facilitate further porting of software from
NetBSD
Add the following headers:
- sys/event.h:
-- sys/types.h is required for kqueue on FreeBSD, but not NetBSD.
- sys/types.h:
-- NBBY is defined in sys/param.h on FreeBSD, not sys/types.h like on NetBSD.
Pull in sys/param.h to have parity with NetBSD.
- sys/wait.h:
-- Define wrusage as __wrusage for parity with NetBSD typedef.
- glob.h
-- Define __gl_stat_t as "struct stat" for parity with NetBSD typedef.
- pthread.h:
-- Pull in pthread_np.h for _np functions defined separately on FreeBSD.
Improve compatibility with NetBSD in the following headers:
- sha1.h:
-- define SHA1_CTX as SHA_CTX
-- define SHA1Final as SHA1_Final
- sha2.h:
-- #include sha384 to pick up all of the SHA 384 bit macros and definitions.
- util.h:
-- Add sys/types.h to util.h to pollute the header for types used in
flags_to_string and string_to_flags (u_long) as NetBSD doesn't require them
for the functions.
cy [Sat, 25 Feb 2017 08:07:28 +0000 (08:07 +0000)]
MFC r312787:
Currently the fragment info is placed at the top of the linked list
under a shared read lock. This patch attempts to upgrade the lock to
an exclusive write lock. If the exclusive write lock fails to be
obtained, the current fragment is not placed at the head of the list.
This portion of the patch was inspired by NetBSD ip_frag.c r1.4 (which
effectively removed the section of code that performed the reordering).
The patch to sys/contrib/ipfilter/netinet/ip_compat.h adds the
MUTEX_TRY_UPGRADE macro to support the patch to ip_frag.c.
The patch to contrib/ipfilter/lib/rwlock_emul.c supports this patch
by emulating the mutex in userspace when exercised by ipftest(1).
mav [Sat, 25 Feb 2017 01:53:45 +0000 (01:53 +0000)]
MFC r313910: Change XCOPY memory allocations.
Before this change XCOPY code could allocate memory in chunks up to 16-32MB
(VMware does XCOPY in 4MB chunks by default), that could be difficult for
VM subsystem to do due to KVA fragmentation, that sometimes created huge
allocation delays, blocking any I/O for respective LU for that time.
This change limits allocations down to TPC_MAX_IO_SIZE, which is 1MB now.
1MB is also not a cookie, but ZFS also can do that for large blocks, so
it should be less dramatic. As drawback this increases CPU overhead, but
it still look acceptable comparing to time consumed by ZFS read/write.
ngie [Sat, 25 Feb 2017 00:42:44 +0000 (00:42 +0000)]
MFC r313924,r313925:
r313924:
Quote path to doxygen/kyua in test(1) -x check
This is a basic stopgap against ${LOCALBASE} containing spaces in it
r313925:
Include ${LOCALBASE}/bin in $PATH when running "make checkworld"
Some of the tests in devel/atf // devel/kyua rely on the tools being in $PATH,
which means that the tests fail when run via "make checkworld" because $PATH
is restricted to exclude directory elements like "${LOCALBASE}/bin".
ken [Fri, 24 Feb 2017 20:51:39 +0000 (20:51 +0000)]
MFC r313893
------------------------------------------------------------------------
r313893 | ken | 2017-02-17 13:04:22 -0700 (Fri, 17 Feb 2017) | 48 lines
Add task attribute support to camcontrol(8).
Users can use the new generic argument, -Q task_attr, to specify a task
attribute (simple, ordered, head of queue, aca) for the commands issued.
The the default is simple, which works with all SCSI devices that support
tagged queueing.
This will mostly be useful for debugging target behavior in certain
situations.
You can try it out by compiling CTL with CTL_IO_DELAY turned on (in
sys/cam/ctl/ctl_io.h) and then do something like this with one of the CTL
LUNs:
And at then before the 10 second timer is up, in another terminal:
camcontrol inquiry da34 -Q ordered -v
The Inquiry should complete just after the TUR completes. Ordinarily
it would complete first because of the delay injection, but because the
task attribute is set to ordered in this case, CTL holds it up until the
previous command has completed.
sbin/camcontrol/camcontrol.c:
Add the new generic argument, -Q, which allows the user to specify
a SCSI task attribute. The user can specify task attributes by
name or numerically.
Add a new task_attr arguments to SCSI sub-functions.
sbin/camcontrol/attrib.c,
sbin/camcontrol/camcontrol.h,
sbin/camcontrol/fwdownload.c,
sbin/camcontrol/modeedit.c,
sbin/camcontrol/persist.c,
sbin/camcontrol/timestamp.c,
sbin/camcontrol/zone.c:
Add the new task_attr argument to SCSI sub-functions.
sbin/camcontrol/camcontrol.8:
Document the new -Q option, and add an example.
dexuan [Thu, 23 Feb 2017 07:04:17 +0000 (07:04 +0000)]
MFC: r312688
Approved by: sephe (mentor)
r312688
hyperv/hn: add the support for VF drivers (SR-IOV)
Hyper-V's NIC SR-IOV implementation needs a Hyper-V synthetic NIC and
a VF NIC to work together (both NICs have the same MAC address), mainly to
support seamless live migration.
When the VF device becomes UP (or DOWN), the synthetic NIC driver needs
to switch the data path from the synthetic NIC to the VF (or the opposite).
Note: multicast/broadcast packets are still received through the synthetic
NIC and we need to inject the packets through the VF interface (if the VF is
UP), even if the synthetic NIC is DOWN (so we need to force the rxfilter
to be NDIS_PACKET_TYPE_PROMISCUOUS, when the VF is UP).