From 24989c68ac5ed0620ed7b47e08dd5a126392c715 Mon Sep 17 00:00:00 2001
From: Brian Somers <brian@FreeBSD.org>
Date: Sun, 10 May 1998 22:20:20 +0000
Subject: [PATCH] o Protect against expected NULL fdset pointers. o Log
 FD_SET()s in LogTIMER. o Identify the descriptor that causes an EBADF from
 select()   if LogTIMER is enabled (then exit). o Call the MP server
 UpdateSet() function after calling   the UpdateSet() for all links - the link
 may enter   PHASE_TERMINATE and bring down the MP server - breaking   the
 imminent select().

---
 usr.sbin/ppp/bundle.c   |  5 +++--
 usr.sbin/ppp/main.c     | 42 ++++++++++++++++++++++++++++++++++++-----
 usr.sbin/ppp/mp.c       |  3 ++-
 usr.sbin/ppp/physical.c |  5 ++++-
 usr.sbin/ppp/prompt.c   |  4 +++-
 usr.sbin/ppp/server.c   |  3 ++-
 6 files changed, 51 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/ppp/bundle.c b/usr.sbin/ppp/bundle.c
index 0ae522503314..bb6b989eaa84 100644
--- a/usr.sbin/ppp/bundle.c
+++ b/usr.sbin/ppp/bundle.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: bundle.c,v 1.1.2.79 1998/05/09 14:44:11 brian Exp $
+ *	$Id: bundle.c,v 1.1.2.80 1998/05/10 10:21:10 brian Exp $
  */
 
 #include <sys/types.h>
@@ -373,10 +373,11 @@ bundle_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n)
     result += descriptor_UpdateSet(desc, r, w, e, n);
 
   /* If there are aren't many packets queued, look for some more. */
-  if (bundle->links && bundle_FillQueues(bundle) < 20) {
+  if (r && bundle->links && bundle_FillQueues(bundle) < 20) {
     if (*n < bundle->dev.fd + 1)
       *n = bundle->dev.fd + 1;
     FD_SET(bundle->dev.fd, r);
+    log_Printf(LogTIMER, "tun: fdset(r) %d\n", bundle->dev.fd);
     result++;
   }
 
diff --git a/usr.sbin/ppp/main.c b/usr.sbin/ppp/main.c
index 1ac9ac453ae0..c875b6a1f0d8 100644
--- a/usr.sbin/ppp/main.c
+++ b/usr.sbin/ppp/main.c
@@ -17,7 +17,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * $Id: main.c,v 1.121.2.57 1998/05/08 01:15:11 brian Exp $
+ * $Id: main.c,v 1.121.2.58 1998/05/08 18:50:21 brian Exp $
  *
  *	TODO:
  */
@@ -36,6 +36,7 @@
 #include <signal.h>
 #include <stdio.h>
 #include <string.h>
+#include <sys/time.h>
 #include <termios.h>
 #include <unistd.h>
 
@@ -473,11 +474,10 @@ DoLoop(struct bundle *bundle, struct prompt *prompt)
 
     sig_Handle();
 
-    /* This may nuke a datalink */
-    descriptor_UpdateSet(&bundle->ncp.mp.server.desc, &rfds, &wfds,
-                         &efds, &nfds);
     descriptor_UpdateSet(&bundle->desc, &rfds, &wfds, &efds, &nfds);
     descriptor_UpdateSet(&server.desc, &rfds, &wfds, &efds, &nfds);
+    descriptor_UpdateSet(&bundle->ncp.mp.server.desc, &rfds, &wfds,
+                         &efds, &nfds);
 
     if (bundle_IsDead(bundle))
       /* Don't select - we'll be here forever */
@@ -491,6 +491,39 @@ DoLoop(struct bundle *bundle, struct prompt *prompt)
       if (errno == EINTR)
 	continue;
       log_Printf(LogERROR, "DoLoop: select(): %s\n", strerror(errno));
+      if (log_IsKept(LogTIMER)) {
+        struct timeval t;
+
+        for (i = 0; i <= nfds; i++) {
+          if (FD_ISSET(i, &rfds)) {
+            log_Printf(LogTIMER, "Read set contains %d\n", i);
+            FD_CLR(i, &rfds);
+            t.tv_sec = t.tv_usec = 0;
+            if (select(nfds, &rfds, &wfds, &efds, &t) != -1) {
+              log_Printf(LogTIMER, "The culprit !\n");
+              break;
+            }
+          }
+          if (FD_ISSET(i, &wfds)) {
+            log_Printf(LogTIMER, "Write set contains %d\n", i);
+            FD_CLR(i, &wfds);
+            t.tv_sec = t.tv_usec = 0;
+            if (select(nfds, &rfds, &wfds, &efds, &t) != -1) {
+              log_Printf(LogTIMER, "The culprit !\n");
+              break;
+            }
+          }
+          if (FD_ISSET(i, &efds)) {
+            log_Printf(LogTIMER, "Error set contains %d\n", i);
+            FD_CLR(i, &efds);
+            t.tv_sec = t.tv_usec = 0;
+            if (select(nfds, &rfds, &wfds, &efds, &t) != -1) {
+              log_Printf(LogTIMER, "The culprit !\n");
+              break;
+            }
+          }
+        }
+      }
       break;
     }
 
@@ -512,7 +545,6 @@ DoLoop(struct bundle *bundle, struct prompt *prompt)
     if (descriptor_IsSet(&bundle->desc, &wfds))
       descriptor_Write(&bundle->desc, bundle, &wfds);
 
-    /* This may add a datalink */
     if (descriptor_IsSet(&bundle->desc, &rfds))
       descriptor_Read(&bundle->desc, bundle, &rfds);
   } while (bundle_CleanDatalinks(bundle), !bundle_IsDead(bundle));
diff --git a/usr.sbin/ppp/mp.c b/usr.sbin/ppp/mp.c
index 7e36b0646a37..e792104a88bc 100644
--- a/usr.sbin/ppp/mp.c
+++ b/usr.sbin/ppp/mp.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: mp.c,v 1.1.2.25 1998/05/06 23:49:48 brian Exp $
+ *	$Id: mp.c,v 1.1.2.26 1998/05/08 01:15:16 brian Exp $
  */
 
 #include <sys/types.h>
@@ -848,6 +848,7 @@ mpserver_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e,
     if (*n < s->fd + 1)
       *n = s->fd + 1;
     FD_SET(s->fd, r);
+    log_Printf(LogTIMER, "mp: fdset(r) %d\n", s->fd);
     return 1;
   }
   return 0;
diff --git a/usr.sbin/ppp/physical.c b/usr.sbin/ppp/physical.c
index d87746c3dfe0..51ef2b3eb38c 100644
--- a/usr.sbin/ppp/physical.c
+++ b/usr.sbin/ppp/physical.c
@@ -16,7 +16,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- *  $Id: physical.c,v 1.1.2.29 1998/05/01 19:22:21 brian Exp $
+ *  $Id: physical.c,v 1.1.2.30 1998/05/01 19:25:35 brian Exp $
  *
  */
 
@@ -130,14 +130,17 @@ physical_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e,
   if (p->fd >= 0) {
     if (r) {
       FD_SET(p->fd, r);
+      log_Printf(LogTIMER, "%s: fdset(r) %d\n", p->link.name, p->fd);
       sets++;
     }
     if (e) {
       FD_SET(p->fd, e);
+      log_Printf(LogTIMER, "%s: fdset(e) %d\n", p->link.name, p->fd);
       sets++;
     }
     if (w && (force || link_QueueLen(&p->link))) {
       FD_SET(p->fd, w);
+      log_Printf(LogTIMER, "%s: fdset(w) %d\n", p->link.name, p->fd);
       sets++;
     }
     if (sets && *n < p->fd + 1)
diff --git a/usr.sbin/ppp/prompt.c b/usr.sbin/ppp/prompt.c
index 3c35cfcb767f..462dabf634c2 100644
--- a/usr.sbin/ppp/prompt.c
+++ b/usr.sbin/ppp/prompt.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: prompt.c,v 1.1.2.28 1998/04/19 15:24:49 brian Exp $
+ *	$Id: prompt.c,v 1.1.2.29 1998/05/01 19:25:41 brian Exp $
  */
 
 #include <sys/param.h>
@@ -126,10 +126,12 @@ prompt_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n)
   if (p->fd_in >= 0) {
     if (r) {
       FD_SET(p->fd_in, r);
+      log_Printf(LogTIMER, "prompt %s: fdset(r) %d\n", p->src.from, p->fd_in);
       sets++;
     }
     if (e) {
       FD_SET(p->fd_in, e);
+      log_Printf(LogTIMER, "prompt %s: fdset(e) %d\n", p->src.from, p->fd_in);
       sets++;
     }
     if (sets && *n < p->fd_in + 1)
diff --git a/usr.sbin/ppp/server.c b/usr.sbin/ppp/server.c
index 4bfc22e4d580..3b1d1f8fc785 100644
--- a/usr.sbin/ppp/server.c
+++ b/usr.sbin/ppp/server.c
@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: server.c,v 1.16.2.17 1998/04/28 01:25:41 brian Exp $
+ *	$Id: server.c,v 1.16.2.18 1998/05/01 19:25:50 brian Exp $
  */
 
 #include <sys/types.h>
@@ -72,6 +72,7 @@ server_UpdateSet(struct descriptor *d, fd_set *r, fd_set *w, fd_set *e, int *n)
     if (*n < s->fd + 1)
       *n = s->fd + 1;
     FD_SET(s->fd, r);
+    log_Printf(LogTIMER, "server: fdset(r) %d\n", s->fd);
     return 1;
   }
   return 0;