Site Navigation

Date:      Sat, 6 Apr 2013 18:04:25 +0800
From:      Sepherosa Ziehau <sepherosa@gmail.com>
To:        Gleb Smirnoff <glebius@freebsd.org>
Cc:        "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject:   Re: misc/177456: An error of calculating TCP sequence number will resault in the machine to restart
Message-ID:  <CAMOc5cxTafEb81gA%2BFebwParii-si3HEOAUzqQj=3oR6uFUY4A@mail.gmail.com>
In-Reply-To: <201304031530.r33FU1AY097998@freefall.freebsd.org>
References:  <201304031530.r33FU1AY097998@freefall.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Wed, Apr 3, 2013 at 11:30 PM, Gleb Smirnoff <glebius@freebsd.org> wrote:
> The following reply was made to PR kern/177456; it has been noted by GNATS.
>
> From: Gleb Smirnoff <glebius@FreeBSD.org>
> To: ?????? <lglion718@163.com>
> Cc: bug-followup@FreeBSD.org
> Subject: Re: misc/177456: An error of calculating TCP sequence number will
>  resault in the machine to restart
> Date: Wed, 3 Apr 2013 19:21:12 +0400
>
>    Hi!
>
>  On Wed, Apr 03, 2013 at 07:52:42AM +0800, ?????? wrote:
>  ?> I mean there is a bug in FreeBSD's tcp code.  I'm trying to describe it by pictuer. Pelease see the attachments??
>
>  I am trying to model what you are describing in the picture by
>  special crafted code.
>
>  I intentionally model memory allocation failure on first two
>  packets for a connection that has special socket option.
>
>  I'm modelling allocation failure at tcp_output.c near line 900:
>
>  Index: tcp_output.c
>  ===================================================================
>  --- tcp_output.c        (revision 249051)
>  +++ tcp_output.c        (working copy)
>  @@ -898,6 +898,13 @@ send:
>                  else
>                          TCPSTAT_INC(tcps_sndwinup);
>
>  +               /* Fail allocating first 2 packets. */
>  +               if (tp->t_flags & TF_ZHOPA && tp->t_zhopa < 2) {
>  +                       tp->t_zhopa++;
>  +                       m = NULL;
>  +                       error = ENOBUFS;
>  +                       goto out;
>  +               } else
>                  m = m_gethdr(M_NOWAIT, MT_DATA);
>                  if (m == NULL) {
>                          error = ENOBUFS;
>
>
>  I have no success in reproducing your problems. With above code,
>  first 2 packets are failing to allocate, but third retransmission
>  succeeds and connection is established with no problems.
>
>  May be I incorrectly understand your description :( Please don't
>  give up and try to explain again.
>
>  A modelling code that demonstrates problem would be appreciated.

Hope the following analysis helps; IMHO, the reporter probably had hit
the same bug:
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1ff9b7d322dc5a26f7173aa8c38ecb79da80e419

Best Regards,
sephe

--
Tomorrow Will Never Die

On Wed, Apr 3, 2013 at 11:30 PM, Gleb Smirnoff <glebius@freebsd.org> wrote:
> The following reply was made to PR kern/177456; it has been noted by GNATS.
>
> From: Gleb Smirnoff <glebius@FreeBSD.org>
> To: ?????? <lglion718@163.com>
> Cc: bug-followup@FreeBSD.org
> Subject: Re: misc/177456: An error of calculating TCP sequence number will
>  resault in the machine to restart
> Date: Wed, 3 Apr 2013 19:21:12 +0400
>
>    Hi!
>
>  On Wed, Apr 03, 2013 at 07:52:42AM +0800, ?????? wrote:
>  ?> I mean there is a bug in FreeBSD's tcp code.  I'm trying to describe it by pictuer. Pelease see the attachments??
>
>  I am trying to model what you are describing in the picture by
>  special crafted code.
>
>  I intentionally model memory allocation failure on first two
>  packets for a connection that has special socket option.
>
>  I'm modelling allocation failure at tcp_output.c near line 900:
>
>  Index: tcp_output.c
>  ===================================================================
>  --- tcp_output.c        (revision 249051)
>  +++ tcp_output.c        (working copy)
>  @@ -898,6 +898,13 @@ send:
>                  else
>                          TCPSTAT_INC(tcps_sndwinup);
>
>  +               /* Fail allocating first 2 packets. */
>  +               if (tp->t_flags & TF_ZHOPA && tp->t_zhopa < 2) {
>  +                       tp->t_zhopa++;
>  +                       m = NULL;
>  +                       error = ENOBUFS;
>  +                       goto out;
>  +               } else
>                  m = m_gethdr(M_NOWAIT, MT_DATA);
>                  if (m == NULL) {
>                          error = ENOBUFS;
>
>
>  I have no success in reproducing your problems. With above code,
>  first 2 packets are failing to allocate, but third retransmission
>  succeeds and connection is established with no problems.
>
>  May be I incorrectly understand your description :( Please don't
>  give up and try to explain again.
>
>  A modelling code that demonstrates problem would be appreciated.
>
>  --
>  Totus tuus, Glebius.
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"



-- 
Tomorrow Will Never Die

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMOc5cxTafEb81gA%2BFebwParii-si3HEOAUzqQj=3oR6uFUY4A>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact