This is the mail archive of the
ecos-discuss@sources.redhat.com
mailing list for the eCos project.
Re: uipc_socket.c (and cyg_tcp_maxidle)
Thanks! That works great :-)
On Fri, 2005-06-17 at 22:09 +0200, Andrew Lunn wrote:
> On Thu, Jun 16, 2005 at 09:01:23AM +0200, Hans H?bner wrote:
> > On Wed, 15 Jun 2005, Will Lentz wrote:
> >
> > >I may have found a potential bug in
> > >packages/net/bsd_tcpip/current/src/sys/kern/uipc_socket.c (or I may be
> > >completely wrong :-).
> > >
> > >At the end of sodealloc(), the following code exists:
> > > zfreei(so->so_zone, so);
> > > wakeup(so->so_zone);
> > >The problem is that zfreei() changes so->so_zone. Shouldn't wakeup() be
> > >done on the original so->so_zone? I only noticed this problem by:
> > >1- while(1) {
> > > sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
> > > connect( sock, ... );
> > > close( sock );
> > > }
> > > Eventually this pauses in socket() (in cyg_tsleep()) when you run out
> > >of eCos sockets.
> > >
> > >2- After 2*MSL or so, cyg_wakeup() gets called with chan == 0x0. Why?
> > >The zfreei() call in sodealloc() changes so->so_zone to 0 before the
> > >wakeup() call.
>
> This is not quite correct. zfreei() does not change so->so_zone. What
> it does is return the memory for the so structure to the pool. The
> wakeup then uses the memory which has just been returned to the
> pool. There is a race condition. Once back into the pool the memory
> could be allocated to another thread before the call to wakeup is
> made.
>
> Attached is a patch to fix this.
>
> Andrew
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss