Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 May 2006 01:56:17 +0100 (BST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Maxim Konovalov <maxim@macomnet.ru>
Cc:        current@freebsd.org
Subject:   Re: HEADS UP: socket and pcb reference changes entering tree today
Message-ID:  <20060515015102.F9273@fledge.watson.org>
In-Reply-To: <20060515025600.U70399@mp2.macomnet.net>
References:  <20060317141627.W2181@fledge.watson.org> <20060329100839.V19236@fledge.watson.org> <20060401102918.P79188@fledge.watson.org> <20060401170554.R82503@fledge.watson.org> <20060402233436.P76562@fledge.watson.org> <20060515025600.U70399@mp2.macomnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Mon, 15 May 2006, Maxim Konovalov wrote:

> There is a bug in raw ip code processing which panics system.  I put a small 
> regression test in src/tools/regression/netinet/rawconnect.
>
> At the moment the code path for the connected raw ip socket looks like that:
>
> % soclose()
> %   sodisconnect()
> %     rip_disconnect()
> %       rip_abort()
> %         rip_pcbdetach()
> %   rip_detach <<<--------- panic
> %     rip_pcbdetach()
>
> .. and we panics in rip_detach() at KASSERT(inp != NULL).
>
> With this patch panic has gone.

This patch looks good!  Thanks for tracking this down :-).

Robert N M Watson

>
> Index: raw_ip.c
> ===================================================================
> RCS file: /home/ncvs/src/sys/netinet/raw_ip.c,v
> retrieving revision 1.160
> diff -u -p -r1.160 raw_ip.c
> --- raw_ip.c	21 Apr 2006 09:25:39 -0000	1.160
> +++ raw_ip.c	14 May 2006 23:39:15 -0000
> @@ -661,9 +661,19 @@ rip_abort(struct socket *so)
> static int
> rip_disconnect(struct socket *so)
> {
> +	struct inpcb *inp;
> +
> 	if ((so->so_state & SS_ISCONNECTED) == 0)
> 		return ENOTCONN;
> -	rip_abort(so);
> +
> +	inp = sotoinpcb(so);
> +	KASSERT(inp != NULL, ("rip_disconnect: inp == NULL"));
> +	INP_INFO_WLOCK(&ripcbinfo);
> +	INP_LOCK(inp);
> +	inp->inp_faddr.s_addr = INADDR_ANY;
> +	INP_UNLOCK(inp);
> +	INP_INFO_WUNLOCK(&ripcbinfo);
> +	so->so_state &= ~SS_ISCONNECTED;
> 	return (0);
> }
> %%%
>
> -- 
> Maxim Konovalov
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060515015102.F9273>