On Tue, Sep 06, 2011 at 02:19:09PM +0200, Stefan Rinkes wrote:
> Hi,
>
> During some testing in a Carp-HA setup, we noticed that the PROMISC flag
> on carpdevs never was removed when we destroyed the carp interface.
>
> Some investigation showed that a counter, which values defines if the
> ifpromisc() is called to remove the flag, was not initialized and the counter
> started with the DEADBEEF0 value:
>
> #define DEADBEEF0 0xefffeecc /* malloc's filler */
>
> Diff:
> Index: ip_carp.c
> ===================================================================
> retrieving revision 1.189
> diff -u -r1.189 ip_carp.c
> --- ip_carp.c 8 Jul 2011 19:07:18 -0000 1.189
> +++ ip_carp.c 6 Sep 2011 12:04:49 -0000
> @@ -1821,6 +1821,7 @@
>
> if (ifp->if_carp == NULL) {
> ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT);
> + ncif->vhif_nvrs = 0;
> if (ncif == NULL)
> return (ENOBUFS);
> if ((error = ifpromisc(ifp, 1))) {
>
> Fix is to initialize the value with 0 and now the PROMISC flag is removed if
> the
> carp device is destroyed.
>
Oh, nice catch!
But I'd prefer to fix this with M_ZERO.
Index: ip_carp.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_carp.c,v
retrieving revision 1.189
diff -p -u -p -u -r1.189 ip_carp.c
--- ip_carp.c 8 Jul 2011 19:07:18 -0000 1.189
+++ ip_carp.c 6 Sep 2011 13:40:09 -0000
@@ -1820,7 +1820,7 @@ carp_set_ifp(struct carp_softc *sc, stru
return (EINVAL);
if (ifp->if_carp == NULL) {
- ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT);
+ ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT|M_ZERO);
if (ncif == NULL)
return (ENOBUFS);
if ((error = ifpromisc(ifp, 1))) {
