Date: Fri, 7 Aug 2015 20:25:21 -0700 From: Mark Johnston <markj@FreeBSD.org> To: Larry Rosenman <ler@lerctr.org> Cc: freebsd-current@FreeBSD.org, jch@FreeBSD.org Subject: Re: traceroute6: panic: pcb not read locked Message-ID: <20150808032521.GA66493@raichu> In-Reply-To: <20150808010324.GA1392@borg.lerctr.org> References: <20150808010324.GA1392@borg.lerctr.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--45Z9DzgjV8m4Oswq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Fri, Aug 07, 2015 at 08:04:01PM -0500, Larry Rosenman wrote:
> Trying to debug TimeWarner IPV6 to my HE.NET tunnel, and running traceroute6,
> got the following panic:
>
> borg.lerctr.org dumped core - see /var/crash/vmcore.0
>
> Fri Aug 7 19:58:40 CDT 2015
>
> FreeBSD borg.lerctr.org 11.0-CURRENT FreeBSD 11.0-CURRENT #32 r286338: Wed Aug 5 15:57:55 CDT 2015 root@borg.lerctr.org:/usr/obj/usr/src/sys/VT-LER amd64
>
> panic: Lock tcp not read locked @ /usr/src/sys/netinet/tcp_subr.c:1189
>
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "amd64-marcel-freebsd"...
>
> Unread portion of the kernel message buffer:
> panic: Lock tcp not read locked @ /usr/src/sys/netinet/tcp_subr.c:1189
This appears to be fallout from r286227: the tcpinfo lock assertion in
tcp_notify() is too strong, since tcp_notify() can still be called from
tcp6_ctlinput() with the tcpinfo write lock held.
The attached patch addresses this; could you give it a try?
-Mark
--45Z9DzgjV8m4Oswq
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="tcp6_lock_assert.diff"
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index 808eb97..6face4e 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -906,7 +906,7 @@ tcp_drop(struct tcpcb *tp, int errno)
{
struct socket *so = tp->t_inpcb->inp_socket;
- INP_INFO_RLOCK_ASSERT(&V_tcbinfo);
+ INP_INFO_LOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(tp->t_inpcb);
if (TCPS_HAVERCVDSYN(tp->t_state)) {
@@ -1108,7 +1108,7 @@ tcp_close(struct tcpcb *tp)
struct inpcb *inp = tp->t_inpcb;
struct socket *so;
- INP_INFO_RLOCK_ASSERT(&V_tcbinfo);
+ INP_INFO_LOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(inp);
#ifdef TCP_OFFLOAD
@@ -1186,7 +1186,7 @@ tcp_notify(struct inpcb *inp, int error)
{
struct tcpcb *tp;
- INP_INFO_RLOCK_ASSERT(&V_tcbinfo);
+ INP_INFO_LOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(inp);
if ((inp->inp_flags & INP_TIMEWAIT) ||
--45Z9DzgjV8m4Oswq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150808032521.GA66493>