svn commit: r345527 - head/sys/netinet
Randall Stewart
rrs at FreeBSD.org
Tue Mar 26 10:41:28 UTC 2019
Author: rrs
Date: Tue Mar 26 10:41:27 2019
New Revision: 345527
URL: https://svnweb.freebsd.org/changeset/base/345527
Log:
Fix a small bug in the tcp_log_id where the bucket
was unlocked and yet the bucket-unlock flag was not
changed to false. This can cause a panic if INVARIANTS
is on and we go through the right path (though rare).
Reported by: syzbot+179a1ad49f3c4c215fa2 at syzkaller.appspotmail.com
Reviewed by: tuexen@
MFC after: 1 week
Modified:
head/sys/netinet/tcp_output.c
Modified: head/sys/netinet/tcp_output.c
==============================================================================
--- head/sys/netinet/tcp_output.c Tue Mar 26 09:46:17 2019 (r345526)
+++ head/sys/netinet/tcp_output.c Tue Mar 26 10:41:27 2019 (r345527)
@@ -138,7 +138,8 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto_lowat
* non-ACK.
*/
#define TCP_XMIT_TIMER_ASSERT(tp, len, th_flags) \
- KASSERT(((len) == 0 && ((th_flags) & (TH_SYN | TH_FIN)) == 0) ||\
+ KASSERT(((len) == 0 && ((th_flags) & \
+ (TH_SYN | TH_FIN | TH_RST)) != 0) || \
tcp_timer_active((tp), TT_REXMT) || \
tcp_timer_active((tp), TT_PERSIST), \
("neither rexmt nor persist timer is set"))
More information about the svn-src-head
mailing list