From f58747375d5ea2cddc9d240ba6b7c706390c3972 Mon Sep 17 00:00:00 2001 From: Andre Oppermann Date: Sat, 9 Jun 2007 17:49:39 +0000 Subject: [PATCH] Handle a race condition on >2 core machines in tcp_timer() when a timer issues a shutdown and a simultaneous close on the socket happens. This race condition is inherent in the current socket/ inpcb life cycle system but can be handled well. Reported by: kris Tested by: kris (on 8-core machine) --- sys/netinet/tcp_timer.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c index c861f129c85..5afcbef3443 100644 --- a/sys/netinet/tcp_timer.c +++ b/sys/netinet/tcp_timer.c @@ -386,8 +386,14 @@ shutdown: INP_INFO_WLOCK(&tcbinfo); INP_LOCK(inp); - /* When tp is gone we've lost the race. */ - if (inp->inp_ppcb == NULL) { + /* + * XXX: When our tcpcb went into TIMEWAIT, is gone or no + * longer the one we used to work with we've lost the race. + * This race is inherent in the current socket/inpcb life + * cycle system. + */ + if ((inp->inp_vflag & INP_TIMEWAIT) || inp->inp_ppcb == NULL || + inp->inp_ppcb != tp) { CTR3(KTR_NET, "%p %s inp %p lost shutdown race", tp, __func__, inp); tcp_timer_race++;