看板 FB_smp 關於我們 聯絡資訊
發信人tanimura@r.dl.itc.u-tokyo.ac.jp (Seigo Tanimura),
看板FB_smp
標 題The updated socket patch and axing sotryfree() (Re: Locking down a soc
發信站NCTU CSIE FreeBSD Server (Sat May 13 13:00:39 2000)
轉信站Ptt!FreeBSD.csie.NCTU!not-for-mail
On Wed, 24 Apr 2002 20:08:56 +0900, Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> said: tanimura> I am now working on locking down a socket. (I have heard that Jeffrey tanimura> Hsu is also doing that, but I have never seen his patch. Has anyone tanimura> seen that?) My first milestone patch is now available at: I updated the patch slightly, found at http://people.FreeBSD.org/~tanimura/patches/socket_milestone1b.diff.gz tanimura> The works I have done so far are: tanimura> - Determine the lock required to protect each of the members in struct tanimura> socket. tanimura> - Add mutexes to each of the sockbufs in a socket as BSD/OS does. tanimura> - Lock down so_count, so_options, so_linger and so_state. tanimura> - Add a global mutex socq_lock to protect the connection queues of a tanimura> listening socket. Lock socq_lock to lock two sockets at once, tanimura> followed by enqueuing or dequeuing a socket, or moving a socket across tanimura> queues. socq_lock is not an sx lock because we usually have to lock tanimura> two sockets to modify them. This is reverted. I cleaned up soisconnected() to avoid locking two sockets at once. *_locked() functions and macros no longer exist. The following functions and macros require a socket lock: o soref(), sorele(), sotryfree() o so[rw]wakeup() I would like to commit this patch in one or two weeks to start working on a possible race between a user process and a netisr kthread, prevented by only the Giant lock at the moment. When a user process calls sofree() for a listening socket, it attempts to free the sockets in the connection queues by soabort(). If the connection of an aborting socket gets dropped by a remote host (eg by TCP RST), a netisr kthread also attempts to free the socket. Since the reference count of a socket in a connection queue is zero, this would resust in doubly freeing a socket. To solve that problem, I would like to axe sotryfree(). The PCB of a socket and a connection queue should hold a reference to the socket. This should make the reference count of an alive socket always be >= 1, and ensure that there is only one referer to a socket to be freed. Comments? -- Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> <tanimura@FreeBSD.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-smp" in the body of the message