Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: socket/IPsec panic with 4.99.69



gdt%ir.bbn.com@localhost (Greg Troxel) writes:

>and the problem is either that the pcb is null or the so pointer has
>been overwritten.  so_send and so_receiver don't quite look right, but
>the rest of things do.

When a PCB is detached it leaves the so_pcb field cleared while
waiting to reclaim the softnet_lock. The ipsec code path basically
dereferences PCB->socket->PCB and the last link is then broken.

My current solution is to move the section

        so->so_pcb = 0; 
        /* sofree drop's the socket's lock */
        sofree(so);
        mutex_enter(softnet_lock);

to the end of in_pcbdetach() (and similar for in6_pcbdetach()).

However, that's not the only issue with the locking. The final
solution may look different.

-- 
-- 
                                Michael van Elst
Internet: mlelstv%serpens.de@localhost
                                "A potential Snark may lurk in every tree."


Home | Main Index | Thread Index | Old Index