Date: Thu, 23 Apr 2009 09:11:10 -0700 From: Maksim Yevmenkin <maksim.yevmenkin@gmail.com> To: pluknet <pluknet@gmail.com> Cc: Alexander Best <alexbestms@math.uni-muenster.de>, freebsd-current@freebsd.org Subject: Re: possible bug in the sbappendrecord_locked()? (Was: Re: core dump with bluetooth device) Message-ID: <bb4a86c70904230911p4063c7edg10e7fdedbe2ecf7f@mail.gmail.com> In-Reply-To: <a31046fc0904230156v6e788a01h94924a2ebf76f4f9@mail.gmail.com> References: <bb4a86c70904161922t38819fd8r839e5e832aa1f1@mail.gmail.com> <bb4a86c70904161941v53cc0f90i8a1c94b1c0458e61@mail.gmail.com> <bb4a86c70904161945g32ab6e44nae447d027293733d@mail.gmail.com> <a31046fc0904162148y4c783a99w881100b9553c28ec@mail.gmail.com> <bb4a86c70904170855u7162ec56x51fa09f6941a156c@mail.gmail.com> <a31046fc0904180741x5ddf9cf6r4991cf7f017faf7b@mail.gmail.com> <a31046fc0904230156v6e788a01h94924a2ebf76f4f9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 23, 2009 at 1:56 AM, pluknet <pluknet@gmail.com> wrote: > 2009/4/18 pluknet <pluknet@gmail.com>: >> 2009/4/17 Maksim Yevmenkin <maksim.yevmenkin@gmail.com>: >>> > [snip] >>> >>> ok, this is completely untested, so be warned :) would something like >>> the following work? am i missing something? >> >> I'm on vacations and will not able to test it until after 4/23. :( >> > > So, come back now. > > Works for me (tm) on stable/7 with SOCKBUF_DEBUG enabled. > (writing this message currently via ng_ubt(4)). > Please, commit. thanks! i've committed slightly different patch to -head, but the idea is still the same. === SVN rev 191366 on 2009-04-21 19:14:13Z by emax Fix sbappendrecord_locked(). The main problem is that sbappendrecord_locked() relies on sbcompress() to set sb_mbtail. This will not happen if sbappendrecord_locked() is called with mbuf chain made of exactly one mbuf (i.e. m0->m_next == NULL). In this case sbcompress() will be called with m == NULL and will do nothing. I'm not entirely sure if m == NULL is a valid argument for sbcompress(), and, it rather pointless to call it like that, but keep calling it so it can do SBLASTMBUFCHK(). The problem is triggered by the SOCKBUF_DEBUG kernel option that enables SBLASTRECORDCHK() and SBLASTMBUFCHK() checks. PR: kern/126742 Investigated by: pluknet < pluknet -at- gmail -dot- com > No response from: freebsd-current@, freebsd-bluetooth@ MFC after: 3 days == thanks, max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bb4a86c70904230911p4063c7edg10e7fdedbe2ecf7f>