From lab@gta.com  Tue Nov 18 21:47:45 2008
Return-Path: <lab@gta.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7731F1065673
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Nov 2008 21:47:45 +0000 (UTC)
	(envelope-from lab@gta.com)
Received: from mailgate.gta.com (mailgate.gta.com [199.120.225.20])
	by mx1.freebsd.org (Postfix) with SMTP id 0ED3B8FC08
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Nov 2008 21:47:44 +0000 (UTC)
	(envelope-from lab@gta.com)
Received: (qmail 78663 invoked by uid 1000); 18 Nov 2008 21:21:03 -0000
Message-Id: <20081118212103.78662.qmail@mailgate.gta.com>
Date: 18 Nov 2008 21:21:03 -0000
From: Larry Baird <lab@gta.com>
Reply-To: Larry Baird <lab@gta.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: unp_connect() unlocking unp if UNP_CONNECTING
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         128974
>Category:       kern
>Synopsis:       [kernel] unp_connect() unlocking unp if UNP_CONNECTING
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 18 21:50:01 UTC 2008
>Closed-Date:    Mon Feb 09 23:39:47 UTC 2009
>Last-Modified:  Mon Feb 09 23:39:47 UTC 2009
>Originator:     Larry Baird
>Release:        FreeBSD 6.3-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD maxwell.gta.com 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #0: Fri Jan 4 05:30:56 EST 2008 root@newmax.gta.com:/usr/src/sys/i386/compile/NEW_MAX i386

>Description:
	In function unp_connect() of uipc_usrreq.c a test for UNP_CONNECTING
being set is made.  If the flag is set, UNP_UNLOCK() is called and EALREADY
is returned. Calling functions of unp_connect() except unp to still be locked.
>How-To-Repeat:
	
>Fix:
Don't call UNP_UNLOCK() if UNP_CONNECTING is set.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->rwatson 
Responsible-Changed-By: rwatson 
Responsible-Changed-When: Mon Feb 9 23:23:00 UTC 2009 
Responsible-Changed-Why:  
Grab ownership since I've worked with UNIX domain socket locking. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=128974 
State-Changed-From-To: open->analyzed 
State-Changed-By: rwatson 
State-Changed-When: Mon Feb 9 23:23:19 UTC 2009 
State-Changed-Why:  
This analysis seems correct; fix forthcoming. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=128974 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/128974: commit references a PR
Date: Mon,  9 Feb 2009 23:23:10 +0000 (UTC)

 Author: rwatson
 Date: Mon Feb  9 23:23:00 2009
 New Revision: 188425
 URL: http://svn.freebsd.org/changeset/base/188425
 
 Log:
   In unp_connect(), don't unlock the global UNIX domain socket lock when
   UNP_CONNECTING is set, as the caller will do that.
   
   (Due to significantly different locking in 7.0 and later, this fix
   applies only to stable/7).
   
   PR:		kern/128974
   Submitted by:	Larry Baird <lab at gta dot com>
 
 Modified:
   stable/6/sys/kern/uipc_usrreq.c
 
 Modified: stable/6/sys/kern/uipc_usrreq.c
 ==============================================================================
 --- stable/6/sys/kern/uipc_usrreq.c	Mon Feb  9 22:59:22 2009	(r188424)
 +++ stable/6/sys/kern/uipc_usrreq.c	Mon Feb  9 23:23:00 2009	(r188425)
 @@ -1027,10 +1027,8 @@ unp_connect(struct socket *so, struct so
  	if (len <= 0)
  		return (EINVAL);
  	strlcpy(buf, soun->sun_path, len + 1);
 -	if (unp->unp_flags & UNP_CONNECTING) {
 -		UNP_UNLOCK();
 +	if (unp->unp_flags & UNP_CONNECTING)
  		return (EALREADY);
 -	}
  	unp->unp_flags |= UNP_CONNECTING;
  	UNP_UNLOCK();
  	sa = malloc(sizeof(struct sockaddr_un), M_SONAME, M_WAITOK);
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: analyzed->feedback 
State-Changed-By: rwatson 
State-Changed-When: Mon Feb 9 23:37:33 UTC 2009 
State-Changed-Why:  


http://www.freebsd.org/cgi/query-pr.cgi?pr=128974 
State-Changed-From-To: feedback->closed 
State-Changed-By: rwatson 
State-Changed-When: Mon Feb 9 23:39:04 UTC 2009 
State-Changed-Why:  
Close PR; this problem should now be fixed in 6.x as of r188425.  Thanks 
for the bug report, and my apologies for how long it has taken someone 
to get to it.  If you experience further problems, please let me know. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=128974 
>Unformatted:
