cvs commit: src/sys/netinet tcp_input.c tcp_subr.c tcp_timer.c tcp_usrreq.c tcp_var.h

Robert Watson rwatson at
Sat Apr 1 21:10:38 UTC 2006

On Sun, 2 Apr 2006, Peter Jeremy wrote:

> On Sat, 2006-Apr-01 16:36:37 +0000, Robert Watson wrote:
>>  - Annotate the existence of a long-standing race in the TCP timer code,
>>    in which timers are stopped but not drained when the socket is freed,
>>    as waiting for drain may lead to deadlocks, or have to occur in a
>>    context where waiting is not permitted.  This race has been handled
>>    by testing to see if the tcpcb pointer in the inpcb is NULL (and vice
>>    versa), which is not normally permitted, but may be true of a inpcb
>>    and tcpcb have been freed.  Add a counter to test how often this race
>>    has actually occurred, and a large comment for each instance where
>>    we compare potentially freed memory with NULL.  This will have to be
>>    fixed in the near future, but requires is to further address how to
>>    handle the timer shutdown shutdown issue.
> Is it worthwhile (or possible) to merge this bit into 6.x earlier to provide 
> greater exposure and therefore more statistics on the occurrence of this 
> race?

Yes.  I'll merge it after 6.1.  If I forget, please remind me.

Robert N M Watson

More information about the cvs-src mailing list