From jayanth@yahoo-inc.com  Mon Nov 25 14:35:04 2002
Return-Path: <jayanth@yahoo-inc.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 25CC137B401
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 25 Nov 2002 14:35:04 -0800 (PST)
Received: from mrout3.yahoo.com (mrout3.yahoo.com [216.145.54.173])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A28E343EB2
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 25 Nov 2002 14:35:03 -0800 (PST)
	(envelope-from jayanth@yahoo-inc.com)
Received: from milk.yahoo.com (milk.yahoo.com [216.145.52.137])
	by mrout3.yahoo.com (8.11.6/8.11.6/y.out) with ESMTP id gAPMYl941320
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 25 Nov 2002 14:34:47 -0800 (PST)
Received: (from jayanth@localhost)
	by milk.yahoo.com (8.11.0/8.11.0) id gAPMYlV19610;
	Mon, 25 Nov 2002 14:34:47 -0800 (PST)
	(envelope-from jayanth)
Message-Id: <200211252234.gAPMYlV19610@milk.yahoo.com>
Date: Mon, 25 Nov 2002 14:34:47 -0800 (PST)
From: jayanth@yahoo-inc.com
Reply-To: jayanth@yahoo-inc.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: file descriptor flags and socket flags out of sync 
X-Send-Pr-Version: 3.2

>Number:         45733
>Category:       kern
>Synopsis:       file descriptor flags and socket flags out of sync
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bms
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Nov 25 14:40:01 PST 2002
>Closed-Date:    Tue Dec 13 00:44:39 GMT 2005
>Last-Modified:  Tue Dec 13 00:44:39 GMT 2005
>Originator:     Jayanth Vijayaraghavan
>Release:        All FreeBSD releases.
>Organization:
Yahoo! Inc.  
>Environment:

	

>Description:

Some developers here have encountered a scenario where the file
descriptor flags and the socket flags seem to be out of sync.

if an application does:

	listen(listenfd)
	while (!done) {
  	select()
        	<-------------------- new connection arrives before fcntl()
  	fcntl(listenfd,O_NONBLOCK)
  	newfd = accept(listenfd,...)
  	fnctl(listenfd,0)   /* make socket blocking */
	flags = fcntl(newfd,GETFL)
  	if (flags & O_NONBLOCK)
        	/* fd is O_NONBLOCK, but socket is blocking */
	}
At this point socket is blocking because the state
of the new socket = state of the listen socket only during the connection
setup phase, not during the accept phase. However, the filedescriptor
flags are copied during the accept phase. So at this point
the filedescriptor flags are nonblocking but the socket is actually blocking.

Agreed, that the solution is to have the application set NONBLOCK before
the listen() call, but it seems incorrect to have the newfd's flags and socket
state be out of sync.

Copying the state of the socket during the accept might lead to a slightly
different behaviour, but will solve this particular problem.

>How-To-Repeat:

	Code snippet shown above.

>Fix:

	One of the ways is to have the state of the socket consistent with
	the listening(parent) socket's state. 
	So repeat the copy of the state of the socket in 
	file uipc_syscalls.c and function accept1() as shown below.

static int
accept1(p, uap, compat)
	struct proc *p;
	register struct accept_args /* {
	int     s;

	....... 
	/* connection has been removed from the listen queue */
	KNOTE(&head->so_rcv.sb_sel.si_note, 0);
                  
	so->so_state |= head->so_state; /* Add this line */
	^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
	so->so_state &= ~SS_COMP;
	so->so_head = NULL;


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->bms 
Responsible-Changed-By: bms 
Responsible-Changed-When: Tue Jun 22 22:58:02 GMT 2004 
Responsible-Changed-Why:  
I'll look after this one. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=45733 

From: Bruce M Simpson <bms@spc.org>
To: freebsd-net@freebsd.org
Cc: Jayanth Vijayaraghavan <jayanth@yahoo-inc.com>,
	freebsd-gnats-submit@freebsd.org
Subject: Re: kern/45733: file descriptor flags and socket flags out of sync
Date: Tue, 22 Jun 2004 23:50:21 +0100

 --KN5l+BnMqAQyZLvT
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 I applied the attached patch to -CURRENT from around April which is
 currently running on my local CVS server. Basic tests with sshd and
 ftp didn't result in any unexpected behaviour. I suspect I really need
 to be running an application similar to the one Jayanth is running
 to unravel things further.
 
 Can anyone more familiar with the socket layer than I think of any
 problems with applying it?
 
 Can anyone think of an application (e.g. in ports) which takes the
 same order of operations as that described in the PR?
 
 Regards,
 BMS
 
 --KN5l+BnMqAQyZLvT
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="accept-sostate.patch"
 
 Index: uipc_syscalls.c
 ===================================================================
 RCS file: /home/ncvs/src/sys/kern/uipc_syscalls.c,v
 retrieving revision 1.181
 diff -u -r1.181 uipc_syscalls.c
 --- uipc_syscalls.c	8 Apr 2004 07:14:34 -0000	1.181
 +++ uipc_syscalls.c	22 Jun 2004 22:23:16 -0000
 @@ -320,6 +320,7 @@
  	/* connection has been removed from the listen queue */
  	KNOTE(&head->so_rcv.sb_sel.si_note, 0);
  
 +	so->so_state |= head->so_state;
  	so->so_state &= ~SS_COMP;
  	so->so_head = NULL;
  	pgid = fgetown(&head->so_sigio);
 
 --KN5l+BnMqAQyZLvT--

From: Robert Watson <rwatson@freebsd.org>
To: Bruce M Simpson <bms@spc.org>
Cc: freebsd-net@freebsd.org,
	Jayanth Vijayaraghavan <jayanth@yahoo-inc.com>,
	freebsd-gnats-submit@freebsd.org, bms@empiric.dek.spc.org
Subject: Re: kern/45733: file descriptor flags and socket flags out of sync
Date: Tue, 22 Jun 2004 19:11:19 -0400 (EDT)

 On Tue, 22 Jun 2004, Bruce M Simpson wrote:
 
 > I applied the attached patch to -CURRENT from around April which is
 > currently running on my local CVS server. Basic tests with sshd and ftp
 > didn't result in any unexpected behaviour. I suspect I really need to be
 > running an application similar to the one Jayanth is running to unravel
 > things further. 
 > 
 > Can anyone more familiar with the socket layer than I think of any
 > problems with applying it? 
 > 
 > Can anyone think of an application (e.g. in ports) which takes the same
 > order of operations as that described in the PR? 
 
 Interesting problem. :-)  Comments on the patch below. 
 
 > Index: uipc_syscalls.c
 > ===================================================================
 > RCS file: /home/ncvs/src/sys/kern/uipc_syscalls.c,v
 > retrieving revision 1.181
 > diff -u -r1.181 uipc_syscalls.c
 > --- uipc_syscalls.c	8 Apr 2004 07:14:34 -0000	1.181
 > +++ uipc_syscalls.c	22 Jun 2004 22:23:16 -0000
 > @@ -320,6 +320,7 @@
 >  	/* connection has been removed from the listen queue */
 >  	KNOTE(&head->so_rcv.sb_sel.si_note, 0);
 >  
 > +	so->so_state |= head->so_state;
 >  	so->so_state &= ~SS_COMP;
 >  	so->so_head = NULL;
 >  	pgid = fgetown(&head->so_sigio);
 
 Hmm.  Maybe we should just copy SS_NBIO?  The other SS_ flags seem
 inappropriate to copy.  I looked at SS_ASYNC, but we fail to also
 propagate the socket buffer flags and it's not clear it's as meaningful,
 so I think just SS_NBIO. So perhaps: 
 
 	so->so_state |= (head->so_state & SS_NBIO);
 
 Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
 robert@fledge.watson.org      Senior Research Scientist, McAfee Research
 
State-Changed-From-To: open->patched 
State-Changed-By: bms 
State-Changed-When: Tue Jun 22 23:58:15 GMT 2004 
State-Changed-Why:  
Thank you for weeding out this fairly nasty little API inconsistency. 
An appropriate fix has been committed to -CURRENT. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=45733 
State-Changed-From-To: patched->closed 
State-Changed-By: bms 
State-Changed-When: Tue Dec 13 00:44:19 UTC 2005 
State-Changed-Why:  
-CURRENT is now -STABLE 


http://www.freebsd.org/cgi/query-pr.cgi?pr=45733 
>Unformatted:
