From owner-svn-src-head@FreeBSD.ORG  Wed May 26 10:46:03 2010
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 619B3106566C;
	Wed, 26 May 2010 10:46:03 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from svn.freebsd.org (unknown [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 4F2C78FC08;
	Wed, 26 May 2010 10:46:03 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o4QAk3qX018427;
	Wed, 26 May 2010 10:46:03 GMT (envelope-from rwatson@svn.freebsd.org)
Received: (from rwatson@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id o4QAk3Ch018424;
	Wed, 26 May 2010 10:46:03 GMT (envelope-from rwatson@svn.freebsd.org)
Message-Id: <201005261046.o4QAk3Ch018424@svn.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Wed, 26 May 2010 10:46:03 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-head@freebsd.org
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r208562 - head/tools/regression/sockets/unix_close_race
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2010 10:46:03 -0000

Author: rwatson
Date: Wed May 26 10:46:03 2010
New Revision: 208562
URL: http://svn.freebsd.org/changeset/base/208562

Log:
  Add unix_close_race, a regresion test to catch ENOTCONN being returned
  improperly from one of two instances of close(2) being called
  simultaneously on both ends of a connected UNIX domain socket.  The test
  tool is slightly tweaked to improve failure modes, and while often does
  trigger the problem, doesn't do so consistently due to the nature of the
  race.
  
  PR:		kern/144061
  Submitted by:	Mikolaj Golub <to.my.trociny@gmail.com>
  MFC after:	3 days

Added:
  head/tools/regression/sockets/unix_close_race/
  head/tools/regression/sockets/unix_close_race/Makefile   (contents, props changed)
  head/tools/regression/sockets/unix_close_race/unix_close_race.c   (contents, props changed)

Added: head/tools/regression/sockets/unix_close_race/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/tools/regression/sockets/unix_close_race/Makefile	Wed May 26 10:46:03 2010	(r208562)
@@ -0,0 +1,7 @@
+# $FreeBSD$
+
+PROG=	unix_close_race
+NO_MAN=
+WARNS?=	3
+
+.include <bsd.prog.mk>

Added: head/tools/regression/sockets/unix_close_race/unix_close_race.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/tools/regression/sockets/unix_close_race/unix_close_race.c	Wed May 26 10:46:03 2010	(r208562)
@@ -0,0 +1,132 @@
+/*-
+ * Copyright (c) 2010 Mikolaj Golub
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+/*
+ * This regression test attempts to trigger a race that occurs when both
+ * endpoints of a connected UNIX domain socket are closed at once.  The two
+ * close paths may run concurrently leading to a call to sodisconnect() on an
+ * already-closed socket in kernel.  Before it was fixed, this might lead to
+ * ENOTCONN being returned improperly from close().
+ *
+ * This race is fairly timing-dependent, so it effectively requires SMP, and
+ * may not even trigger then.
+ */
+
+#include <sys/types.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/sysctl.h>
+#include <sys/un.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <strings.h>
+#include <string.h>
+#include <unistd.h>
+#include <err.h>
+
+#define	UNIXSTR_PATH	"/tmp/mytest.socket"
+#define	USLEEP	100
+#define	LOOPS	100000
+
+int
+main(int argc, char **argv)
+{
+	struct sockaddr_un servaddr;
+	int listenfd, connfd, pid;
+	u_int counter, ncpus;
+	size_t len;
+
+	len = sizeof(ncpus);
+	if (sysctlbyname("kern.smp.cpus", &ncpus, &len, NULL, 0) < 0)
+		err(1, "kern.smp.cpus");
+	if (len != sizeof(ncpus))
+		errx(1, "kern.smp.cpus: invalid length");
+	if (ncpus < 2)
+		warnx("SMP not present, test may be unable to trigger race");
+
+	/*
+	 * Create a UNIX domain socket that the parent will repeatedly
+	 * accept() from, and that the child will repeatedly connect() to.
+	 */
+	if ((listenfd = socket(AF_LOCAL, SOCK_STREAM, 0)) < 0)
+		err(1, "parent: socket error");
+	(void)unlink(UNIXSTR_PATH);
+	bzero(&servaddr, sizeof(servaddr));
+	servaddr.sun_family = AF_LOCAL;
+	strcpy(servaddr.sun_path, UNIXSTR_PATH);
+	if (bind(listenfd, (struct sockaddr *) &servaddr,
+	    sizeof(servaddr)) < 0)
+		err(1, "parent: bind error");
+	if (listen(listenfd, 1024) < 0)
+		err(1, "parent: listen error");
+
+	pid = fork();
+	if (pid == -1)
+		err(1, "fork()");
+	if (pid != 0) {
+		/*
+		 * In the parent, repeatedly connect and disconnect from the
+		 * socket, attempting to induce the race.
+		 */
+		close(listenfd);
+		sleep(1);
+		bzero(&servaddr, sizeof(servaddr));
+		servaddr.sun_family = AF_LOCAL;
+		strcpy(servaddr.sun_path, UNIXSTR_PATH);
+		for (counter = 0; counter < LOOPS; counter++) {
+			if ((connfd = socket(AF_LOCAL, SOCK_STREAM, 0)) < 0)
+				err(1, "child: socket error");
+			if (connect(connfd, (struct sockaddr *)&servaddr,
+			    sizeof(servaddr)) < 0)
+				err(1, "child: connect error");
+			if (close(connfd) < 0)
+				err(1, "child: close error");
+			usleep(USLEEP);
+		}
+		(void)kill(pid, SIGTERM);
+	} else {
+		/*
+		 * In the child, loop accepting and closing.  We may pick up
+		 * the race here so report errors from close().
+		 */
+		for ( ; ; ) {
+			if ((connfd = accept(listenfd,
+			    (struct sockaddr *)NULL, NULL)) < 0)
+				err(1, "parent: accept error");
+			if (close(connfd) < 0)
+				err(1, "parent: close error");
+		}
+	}
+	printf("OK\n");
+	exit(0);
+}