cvs commit: src/sys/netinet ip_output.c ip_var.h tcp_usrreq.c
Robert Watson
rwatson at FreeBSD.org
Tue Nov 28 13:41:13 PST 2006
rwatson 2006-11-28 21:41:12 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_6)
sys/netinet ip_output.c ip_var.h tcp_usrreq.c
Log:
Reformulate ip_ctloutput() and tcp_ctloutput() to work around the fact
that so_pcb can be invalidated at any time due to an untimely reset.
Move the body of ip_ctloutput() to ip_ctloutput_pcbinfo(), which
accepts a pcbinfo argument, and wrap it with ip_ctloutput(), which
passes a NULL. Modify tcp_ctloutput() to directly invoke
ip_ctloutput_pcbinfo() and pass tcbinfo. Hold the pcbinfo lock when
dereferencing so_pcb and acquiring the inpcb lock in order to prevent
the inpcb from being freed; the pcbinfo lock is then immediately
dropped. This is required as TCP may free the inppcb and invalidate
so_pcb due to a reset at any time in the RELENG_6 network stack, which
otherwise leads to a panic.
This panic might be frequently seen on highly loaded IRC and Samba
servers, which have long-lasting TCP connections, query socket options
frequently, and see a significant number of reset connections.
This change has been merged directly to RELENG_6 as the problem does
not exist in HEAD, where the invariants for so_pcb are much stronger;
the architectural changes in HEAD avoid the need to acquire a global
lock in the socket option path. This change will be merged to
RELENG_6_2.
PR: 102412, 104765
Reviewed by: Diane Bruce <db at db.net>
Tested by: Daniel Austin <daniel at kewlio dot net>,
Kai Gallasch <gallasch at free dot de>
Revision Changes Path
1.242.2.17 +34 -1 src/sys/netinet/ip_output.c
1.95.2.1 +3 -0 src/sys/netinet/ip_var.h
1.124.2.4 +1 -1 src/sys/netinet/tcp_usrreq.c
More information about the cvs-src
mailing list