tech-net: Re: Recent nbftp panic analysis

Subject: Re: Recent nbftp panic analysis
To: None <tech-net@netbsd.org>
From: Charles M. Hannum <abuse@spamalicious.com>
List: tech-net
Date: 02/14/2005 09:57:53
--Boundary-00=_iYHECCRckaTxN6G
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

This patch should completely fix the problem, as well as making the callout 
interface more compatible with FreeBSD.

This does not address the issue that the TCP stack really should not be 
storing state this way -- but it has always done something like this, and I 
don't want to rototill the stack for a change that needs to go into the 
release branch.

--Boundary-00=_iYHECCRckaTxN6G
Content-Type: text/x-diff;
  charset="iso-8859-1";
  name="tcp.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="tcp.diff"

Index: share/man/man9/callout.9
===================================================================
RCS file: /cvsroot/src/share/man/man9/callout.9,v
retrieving revision 1.13
diff -u -r1.13 callout.9
--- share/man/man9/callout.9	27 Oct 2003 16:52:01 -0000	1.13
+++ share/man/man9/callout.9	14 Feb 2005 09:56:08 -0000
@@ -34,7 +34,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd October 26, 2003
+.Dd February 14, 2005
 .Dt CALLOUT 9
 .Os
 .Sh NAME
@@ -67,6 +67,8 @@
 .Ft int
 .Fn "callout_expired" "struct callout *c"
 .Ft int
+.Fn "callout_active" "struct callout *c"
+.Ft int
 .Fn "callout_invoking" "struct callout *c"
 .Ft void
 .Fn "callout_ack" "struct callout *c"
@@ -192,6 +194,20 @@
 function called.
 .Pp
 The
+.Fn callout_active
+function returns true if a timer has been started but not explicitly stopped.
+.Fn callout_active
+is logically the same as testing both
+.Fn callout_pending
+and
+.Fn callout_expired ;
+it is implemented as a separate function for compatibility with
+.Fx
+and for the special case of
+.Fn TCP_TIMER_ISARMED .
+It should be used sparingly, and may be removed in the future.
+.Pp
+The
 .Fn callout_invoking
 function tests the
 .Em INVOKING
Index: sys/netinet/tcp_timer.h
===================================================================
RCS file: /cvsroot/src/sys/netinet/tcp_timer.h,v
retrieving revision 1.20
diff -u -r1.20 tcp_timer.h
--- sys/netinet/tcp_timer.h	7 Aug 2003 16:33:19 -0000	1.20
+++ sys/netinet/tcp_timer.h	14 Feb 2005 09:56:08 -0000
@@ -162,7 +162,7 @@
 	callout_stop(&(tp)->t_timer[(timer)])
 
 #define	TCP_TIMER_ISARMED(tp, timer)					\
-	callout_pending(&(tp)->t_timer[(timer)])
+	callout_active(&(tp)->t_timer[(timer)])
 
 /*
  * Force a time value to be in a certain range.
Index: sys/sys/callout.h
===================================================================
RCS file: /cvsroot/src/sys/sys/callout.h,v
retrieving revision 1.20
diff -u -r1.20 callout.h
--- sys/sys/callout.h	30 Oct 2003 04:32:56 -0000	1.20
+++ sys/sys/callout.h	14 Feb 2005 09:56:08 -0000
@@ -123,6 +123,7 @@
 
 #define	callout_pending(c)	((c)->c_flags & CALLOUT_PENDING)
 #define	callout_expired(c)	((c)->c_flags & CALLOUT_FIRED)
+#define	callout_active(c)	((c)->c_flags & (CALLOUT_PENDING|CALLOUT_FIRED))
 #define	callout_invoking(c)	((c)->c_flags & CALLOUT_INVOKING)
 #define	callout_ack(c)		((c)->c_flags &= ~CALLOUT_INVOKING)
 #endif /* _KERNEL */

--Boundary-00=_iYHECCRckaTxN6G--