John-Mark Gurney wrote:
Randall Stewart wrote this message on Mon, Aug 28, 2006 at 17:04 -0400:atomic_fetchadd_int(m->m_ext.ref_cnt, -1) == 0) {^This should be 1 not 0.. as apparently fetchadd_int returns the old value (at least that's what atomic(9) says), which means that if we ever race on this comparision, we won't free though we should of... if we look at refcount.h, it does: return (atomic_fetchadd_int(count, -1) == 1); which release a reference and apparently returns true if it needs to be free'd... Though the wierd part is that andre, "fixed" it to be 0 in 1.157: Fix a logic error introduced with mandatory mbuf cluster refcounting and freeing of mbufs+clusters back to the packet zone.
Honestly I'm a bit confused myself now and have to dig up things from when I did the change. However I'm certain there was a problem and the commit fixed it in some way (not necessarily the correct way). Before the 'fix' there were some larger leaks going on. -- Andre _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
