From owner-freebsd-net@FreeBSD.ORG Mon May 5 18:53:16 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 54DCE106566B for ; Mon, 5 May 2008 18:53:16 +0000 (UTC) (envelope-from yusheng.huang@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id 380448FC18 for ; Mon, 5 May 2008 18:53:15 +0000 (UTC) (envelope-from yusheng.huang@bluecoat.com) Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id m45IrFbv020328 for ; Mon, 5 May 2008 11:53:15 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Mon, 5 May 2008 11:53:11 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: timewait state memory leak Thread-Index: Aciu4UPtf0sc4T2ISA+yOzz5gzFzbw== From: "Huang, Yusheng" To: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: timewait state memory leak X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2008 18:53:16 -0000 Hi, =20 I am looking at the tcp_tw_2msl_scan() code and it looks like there is a bug in there. =20 struct tcptw * tcp_tw_2msl_scan(int reuse) { struct tcptw *tw; =20 INP_INFO_WLOCK_ASSERT(&tcbinfo); for (;;) { tw =3D TAILQ_FIRST(&twq_2msl); if (tw =3D=3D NULL || (!reuse && tw->tw_time > ticks)) ^^^^^^^^^^^^^^^^^^ break; INP_WLOCK(tw->tw_inpcb); tcp_twclose(tw, reuse); if (reuse) return (tw); } return (NULL); } =20 Shouldn't the comparison be TSTMP_GT(tw->tw_time, ticks)?=20 =20 -yusheng =20