[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: crash on solaris9/sparc with 4.1.31
From: Joseph Tam <tam () math ! ubc ! ca>
Date: 2008-12-16 1:30:35
Message-ID: 18831_1229391482_49470679_18831_1793_1_Pine.GSO.4.64.0812151717480.2685 () mnc ! zngu ! hop ! pn
[Download RAW message or body]
Thanks, Darren. Helpful as always.
> > gcc -fno-hosted
> >
> > Shouldn't the default gcc flags have "-fno-hosted" for both
> > pfil and ipf to avoid these error message when loading the
> > kernel modules:
> >
> > unix: WARNING: mod_load: cannot load module 'pfil'
> > unix: /kernel/drv/sparcv9/pfil: undefined symbol
> > unix: 'memset'
>
> Actually, I think the problem is the missing -ffreestanding.
The man pages for my gcc says that "-ffreestanding" is synonymous
with "-fno-hosted" but I like your version better since it's more
descriptive.
> > Missing /usr/xpg4/bin/grep
>
> So in that case the actual statement needs to look like this:
> MIOCPULLUP:sh=/usr/ccs/bin/nm -p /dev/ksyms|grep miocpullup >/dev/null
> 2>&1; if ...
>
> Does that work for you?
If it works for you, it works for me. You can even specify "/usr/bin/grep"
since SUNWcsu is not what you would call "optional".
What I essentially did was find all instances of /usr/xpg4/bin/grep
(and it always used with the -q flag) and replaced it with the "grep
>/dev/null" construct. I took this cue from the GNU grep man pages
-s, --no-messages
Suppress error messages about nonexistent or unreadable
files. Portability note: unlike GNU grep, traditional
grep did not conform to POSIX.2, because traditional
grep lacked a -q option and its -s option behaved like
GNU grep's -q option. Shell scripts intended to be
portable to traditional grep should avoid both -q and
-s and should redirect output to /dev/null instead.
Don't forget about
pfil/SunOS/postinstall
> > arc4random.c
> > ...
> > It looks like some bug in the system header rather than ipfilter
> > (or perhaps I'm using the wrong OS specific gcc). Whatever the
> > reason, since it doesn't seem to be required, can't this include
> > statemen just be removed?
>
> I've got a funny feeling that it is needed, somewhere else...
> It feels like I should upload a 4.1.32-RC0.
I sympathize with your attempt at trying to maintain a working code
base across many architectures, OS's, versions, and compilers.
> > Kernel crash?
> >
> > When should IPF be recompiled? Every time "uname -v" changes, or
> > perhaps only when the major patch# changes?
>
> To be safe, every time "uname -v" changes.
What a pain. But then again, one of the Solaris10 patch bundles I tried
completely rendered the system inoperable.
> To diagnose crashes on Solaris 8 and 9, download this package:
> http://coombs.anu.edu.au/~avalon/CTEact-8.5.17.tar.gz
> http://coombs.anu.edu.au/~avalon/CTEactx-8.5.17.tar.gz
>
> .. install that and email me the act.# file from /var/crash/foo.
I'll have a look at it and send you the results. I am re-introducing
firewall rules back into ipf.conf to see if I can narrow the rule that
triggers the crash.
Joseph Tam <tam@math.ubc.ca>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic