Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 12 Jul 2019 15:23:15 -0700
From:      Vishali Somaskanthan <vishali.somaskanthan@viptela.com>
To:        freebsd-bugs@freebsd.org
Subject:   crash at tcp_usr_close
Message-ID:  <CABfsTT6bzckL3fLwswb9z9bL-CX-bUU245Rb36M%2B_oy=4Boh6w@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
Hi all,
We are using F-stack of version v1.11.
We run F-stack on our system and send high traffic through it. After 10
minutes or so, there was a crash in our system at tcp_usr_close and the
following is the traceback. Not sure, why this has to crash at this point
when there was an assert on the same, few lines above. Any help on this is
much appreciated.

#0 tcp_usr_close (so=0x7f3b03aaba20) at
/f-stack/lib/../freebsd/netinet/tcp_usrreq.c:1139
#1 0x000000000045506a in soclose (so=0x7f3b03aaba20) at
/f-stack/lib/../freebsd/kern/uipc_socket.c:889
#2 0x0000000000430847 in fo_close (td=<optimized out>, fp=0x7f3b0755b280)
at /f-stack/lib/../freebsd/sys/file.h:350
#3 _fdrop (fp=0x7f3b0755b280, td=<optimized out>) at
/f-stack/lib/../freebsd/kern/kern_descrip.c:2827
#4 0x0000000000430b47 in closefp (fdp=0x7f3b672ee8a0, fd=<optimized out>,
fp=0x7f3b0755b280, td=0xdb7620 <thread0_st>, holdleaders=0,
holdleaders@entry=1) at /f-stack/lib/../freebsd/kern/kern_descrip.c:1189
#5 0x0000000000430d57 in kern_close (td=<optimized out>, fd=<optimized
out>) at /f-stack/lib/../freebsd/kern/kern_descrip.c:1237
#6 0x0000000000429cd6 in ff_close (fd=<optimized out>) at
ff_syscall_wrapper.c:574

Module:

static void
tcp_usr_close(struct socket *so)
{
        struct inpcb *inp;
        struct tcpcb *tp = NULL;
        TCPDEBUG0;

        inp = sotoinpcb(so);
        KASSERT(inp != NULL, ("tcp_usr_close: inp == NULL"));

        INP_INFO_RLOCK(&V_tcbinfo);
        INP_WLOCK(inp);
        KASSERT(inp->inp_socket != NULL,
            ("tcp_usr_close: inp_socket == NULL"));

        /*
         * If we still have full TCP state, and we're not dropped, initiate
         * a disconnect.
         */
        if (!(inp->inp_flags & INP_TIMEWAIT) && >>>>>>>>>>>> crashed here.
            !(inp->inp_flags & INP_DROPPED)) {
                tp = intotcpcb(inp);
                TCPDEBUG1();
                tcp_disconnect(tp);

-- 
Regards,
Vishali Somaskanthan

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CABfsTT6bzckL3fLwswb9z9bL-CX-bUU245Rb36M%2B_oy=4Boh6w>