Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 23 Aug 2000 14:52:45 -0700
From:      Alfred Perlstein <bright@wintelcom.net>
To:        John Polstra <jdp@polstra.com>
Cc:        current@FreeBSD.ORG, green@FreeBSD.ORG
Subject:   Re: panic: reducing sbsize: lost count, uid = 1001
Message-ID:  <20000823145244.J4854@fw.wintelcom.net>
In-Reply-To: <20000823142754.H4854@fw.wintelcom.net>; from bright@wintelcom.net on Wed, Aug 23, 2000 at 02:27:54PM -0700
References:  <XFMail.000823134617.jdp@polstra.com> <20000823142754.H4854@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
* Alfred Perlstein <bright@wintelcom.net> [000823 14:29] wrote:
> 
> I have a feeling that this is related to missing spl protection around
> the chgsbsize subsystem, this was probably an issue before I touched it
> but since I touched it last I'll have a look-see.
> 
> Brian, does that makes sense?

So far, here's functions that look like they call chgsbsize without
splnet:

socreate (called from socket() and socketpair(), on error calls
sofree() which then calls sodealloc() without splnet)

sonewconn3 (called from sonewconn which i'm unsure of the spl at
this point)

I'm sure there's more.

Does it make sense to wrap chgsbsize with spl so callers don't have
to worry about it?

John can you try this patch and let us know if you still experiance
crashes?

Index: kern_proc.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/kern_proc.c,v
retrieving revision 1.69
diff -u -u -r1.69 kern_proc.c
--- kern_proc.c	2000/07/04 11:25:22	1.69
+++ kern_proc.c	2000/08/23 21:49:49
@@ -196,6 +196,7 @@
 	rlim_t	max;
 {
 	struct uidinfo *uip;
+	int	s = splnet();
 
 	uip = uifind(uid);
 	if (diff < 0)
@@ -205,10 +206,12 @@
 	/* don't allow them to exceed max, but allow subtraction */
 	if (diff > 0 && uip->ui_sbsize + diff > max) {
 		(void)uifree(uip);
+		splx(s);
 		return (0);
 	}
 	uip->ui_sbsize += diff;
 	(void)uifree(uip);
+	splx(s);
 	return (1);
 }


If this doesn't work then it may be nessesary to spl around examining
the socketbuffer's size.
 
thanks,
-- 
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000823145244.J4854>