> BSD/OS does: > tcp_usrreq(so) > { > sb = so->so_buf; > SOCKBUF_UNLOCK(sb); > /* XXX What if someone modified the socket? */ > INP_LOCK(inp); > SOCKBUF_LOCK(sb); > tcp_do_usrreq(); > INP_UNLOCK(inp); > } The XXX comment is yours. You're thinking locally instead of globally. SMP locking is tricky and fragile because you have to consider all the related code together, not individual accesses to structure fields in isolation. Find the two actual code paths in the source where a race condition arises due to the unlocking above. (Then convince yourself why that race condition doesn't really matter.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-smp" in the body of the message