Re: socket/IPsec panic with 4.99.69

To: current-users%netbsd.org@localhost
Subject: Re: socket/IPsec panic with 4.99.69
From: mlelstv%serpens.de@localhost (Michael van Elst)
Date: Sun, 13 Jul 2008 16:29:51 +0000 (UTC)

gdt%ir.bbn.com@localhost (Greg Troxel) writes:

>and the problem is either that the pcb is null or the so pointer has
>been overwritten.  so_send and so_receiver don't quite look right, but
>the rest of things do.

When a PCB is detached it leaves the so_pcb field cleared while
waiting to reclaim the softnet_lock. The ipsec code path basically
dereferences PCB->socket->PCB and the last link is then broken.

My current solution is to move the section

        so->so_pcb = 0; 
        /* sofree drop's the socket's lock */
        sofree(so);
        mutex_enter(softnet_lock);

to the end of in_pcbdetach() (and similar for in6_pcbdetach()).

However, that's not the only issue with the locking. The final
solution may look different.

-- 
-- 
                                Michael van Elst
Internet: mlelstv%serpens.de@localhost
                                "A potential Snark may lurk in every tree."

References:
- socket/IPsec panic with 4.99.69
  - From: Greg Troxel

Prev by Date: NetBSD CVS Digest volume 2, issue 15
Next by Date: Has someone tested NetBSD on a netbook (eeepc, aspire one etc.)?
Previous by Thread: socket/IPsec panic with 4.99.69
Next by Thread: NetBSD CVS Digest volume 2, issue 15
Indexes:

Home | Main Index | Thread Index | Old Index