From owner-svn-src-head@FreeBSD.ORG  Wed Jul 29 05:23:27 2009
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3A7E31065676;
	Wed, 29 Jul 2009 05:23:27 +0000 (UTC)
	(envelope-from rrs@lakerest.net)
Received: from lakerest.net (unknown [IPv6:2001:240:585:2:213:d4ff:fef3:2d8d])
	by mx1.freebsd.org (Postfix) with ESMTP id C568C8FC1A;
	Wed, 29 Jul 2009 05:23:26 +0000 (UTC)
	(envelope-from rrs@lakerest.net)
Received: from [10.1.1.53] ([10.1.1.53]) (authenticated bits=0)
	by lakerest.net (8.14.3/8.14.3) with ESMTP id n6T5NOx9067702
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT);
	Wed, 29 Jul 2009 01:23:25 -0400 (EDT)
	(envelope-from rrs@lakerest.net)
DKIM-Signature: a=rsa-sha1; c=simple/simple; d=lakerest.net; s=mail;
	t=1248845005; h=Cc:Message-Id:From:To:In-Reply-To:Content-Type:
	Content-Transfer-Encoding:Mime-Version:Subject:Date:References:
	X-Mailer; b=Ucss2vgJLoq/Tf4lyVOzEzdHAU6NS+HORZRXCOIZCLDXOA41nFyB0O/
	0tm8yKOdwK8xjN1E+W2r3qD/+WGYJwA==
Message-Id: <354E0657-DC37-4493-8E17-D09B257B5A28@lakerest.net>
From: Randall Stewart <rrs@lakerest.net>
To: Pawel Jakub Dawidek <pjd@FreeBSD.org>
In-Reply-To: <20090729051016.GB3550@garage.freebsd.pl>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v935.3)
Date: Wed, 29 Jul 2009 01:23:24 -0400
References: <200907281409.n6SE971u034585@svn.freebsd.org>
	<20090729051016.GB3550@garage.freebsd.pl>
X-Mailer: Apple Mail (2.935.3)
Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org,
	src-committers@FreeBSD.org
Subject: Re: svn commit: r195918 - head/sys/netinet
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2009 05:23:27 -0000


On Jul 29, 2009, at 1:10 AM, Pawel Jakub Dawidek wrote:

> On Tue, Jul 28, 2009 at 02:09:07PM +0000, Randall Stewart wrote:
>> Author: rrs
>> Date: Tue Jul 28 14:09:06 2009
>> New Revision: 195918
>> URL: http://svn.freebsd.org/changeset/base/195918
>>
>> Log:
>>  Turns out that when a receiver forwards through its TNS's the
>>  processing code holds the read lock (when processing a
>>  FWD-TSN for pr-sctp). If it finds stranded data that
>>  can be given to the application, it calls sctp_add_to_readq().
>>  The readq function also grabs this lock. So if INVAR is on
>>  we get a double recurse on a non-recursive lock and panic.
>>
>>  This fix will change it so that readq() function gets a
>>  flag to tell if the lock is held, if so then it does not
>>  get the lock.
>>
>>  Approved by:	re@freebsd.org (Kostik Belousov)
>>  MFC after:	1 week
> [...]
>> 	sctp_add_to_readq(stcb->sctp_ep, stcb, control,
>> -	    &stcb->sctp_socket->so_rcv, 1, so_locked);
>> +	    &stcb->sctp_socket->so_rcv, 1, SCTP_READ_LOCK_NOT_HELD,  
>> so_locked);
> [...]
>> @@ -4301,6 +4306,7 @@ sctp_add_to_readq(struct sctp_inpcb *inp
>>     struct sctp_queued_to_read *control,
>>     struct sockbuf *sb,
>>     int end,
>> +    int inp_read_lock_held,
>>     int so_locked
>> #if !defined(__APPLE__) && !defined(SCTP_SO_LOCK_TESTING)
>>     SCTP_UNUSED
>> @@ -4321,7 +4327,8 @@ sctp_add_to_readq(struct sctp_inpcb *inp
>> #endif
>> 		return;
>> 	}
>> -	SCTP_INP_READ_LOCK(inp);
>> +	if (inp_read_lock_held == 0)
>
> It would be a bit cleaner to compare with SCTP_READ_LOCK_NOT_HELD  
> here,
> instead of 0.

I suppose so ;-)


>
>> +		SCTP_INP_READ_LOCK(inp);
>> 	if (!(control->spec_flags & M_NOTIFICATION)) {
>> 		atomic_add_int(&inp->total_recvs, 1);
>> 		if (!control->do_not_ref_stcb) {
>> @@ -4362,14 +4369,16 @@ sctp_add_to_readq(struct sctp_inpcb *inp
>> 		control->tail_mbuf = prev;
>> 	} else {
>> 		/* Everything got collapsed out?? */
>> -		SCTP_INP_READ_UNLOCK(inp);
>> +		if (inp_read_lock_held == 0)
>> +			SCTP_INP_READ_UNLOCK(inp);
>> 		return;
>> 	}
>> 	if (end) {
>> 		control->end_added = 1;
>> 	}
>> 	TAILQ_INSERT_TAIL(&inp->read_queue, control, next);
>> -	SCTP_INP_READ_UNLOCK(inp);
>> +	if (inp_read_lock_held == 0)
>> +		SCTP_INP_READ_UNLOCK(inp);
>> 	if (inp && inp->sctp_socket) {
>> 		if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_ZERO_COPY_ACTIVE)) {
>> 			SCTP_ZERO_COPY_EVENT(inp, inp->sctp_socket);
>
> Instead of using additional argument to the sctp_add_to_readq()
> function, wouldn't it be sufficient to just check with mtx_owned(9) if
> the lock is already held?

Hmm... I suppose one could go that way... but traditionally upper code  
as
told the lower code that it holds/does not hold the lock. This is true
in quite a few other functions...

R

>
> -- 
> Pawel Jakub Dawidek                       http://www.wheel.pl
> pjd@FreeBSD.org                           http://www.FreeBSD.org
> FreeBSD committer                         Am I Evil? Yes, I Am!

------------------------------
Randall Stewart
803-317-4952 (cell)
803-345-0391(direct)