From owner-svn-src-head@FreeBSD.ORG  Sun Jun  6 16:11:17 2010
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4ECE2106566B;
	Sun,  6 Jun 2010 16:11:17 +0000 (UTC) (envelope-from rrs@FreeBSD.org)
Received: from svn.freebsd.org (unknown [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 3E8E68FC1B;
	Sun,  6 Jun 2010 16:11:17 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o56GBHca089885;
	Sun, 6 Jun 2010 16:11:17 GMT (envelope-from rrs@svn.freebsd.org)
Received: (from rrs@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id o56GBHbE089883;
	Sun, 6 Jun 2010 16:11:17 GMT (envelope-from rrs@svn.freebsd.org)
Message-Id: <201006061611.o56GBHbE089883@svn.freebsd.org>
From: Randall Stewart <rrs@FreeBSD.org>
Date: Sun, 6 Jun 2010 16:11:17 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-head@freebsd.org
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r208876 - head/sys/netinet
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Jun 2010 16:11:17 -0000

Author: rrs
Date: Sun Jun  6 16:11:16 2010
New Revision: 208876
URL: http://svn.freebsd.org/changeset/base/208876

Log:
  1) Further enhance the INVARIANT lock validation (no locks) are
     held by checking the create and inp locks as well.
  
  2) Fix a bug in that when a socket is closed an INIT-ACK
     is returned, we do NOT unlock the locked_tcb unless its
     different (an unlikely scenario). If we blindly unlock as
     we were doing before we can end up unlocking the actual
     stcb thats about to be sent down to the free function which
     requires the lock be held.
  
  MFC after:	1 week

Modified:
  head/sys/netinet/sctp_input.c

Modified: head/sys/netinet/sctp_input.c
==============================================================================
--- head/sys/netinet/sctp_input.c	Sun Jun  6 16:09:12 2010	(r208875)
+++ head/sys/netinet/sctp_input.c	Sun Jun  6 16:11:16 2010	(r208876)
@@ -4534,7 +4534,8 @@ process_control_chunks:
 				if ((stcb) && (stcb->asoc.total_output_queue_size)) {
 					;
 				} else {
-					if (locked_tcb) {
+					if (locked_tcb != stcb) {
+						/* Very unlikely */
 						SCTP_TCB_UNLOCK(locked_tcb);
 					}
 					*offset = length;
@@ -5424,6 +5425,12 @@ __attribute__((noinline))
 			panic("Own lock on stcb at return from input");
 		}
 	}
+	if (mtx_owned(&inp->inp_create_mtx)) {
+		panic("Own create lock on inp");
+	}
+	if (mtx_owned(&inp->inp_mtx)) {
+		panic("Own inp lock on inp");
+	}
 }
 
 #endif