git: 7c17c354ffed - stable/13 - sctp: add some asserts, no functional changes intended
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 22 Feb 2022 23:27:01 UTC
The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=7c17c354ffed79418f518feed11c974503109d9e commit 7c17c354ffed79418f518feed11c974503109d9e Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2021-11-26 11:19:33 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2022-02-22 23:26:35 +0000 sctp: add some asserts, no functional changes intended This might help in narrowing down https://syzkaller.appspot.com/bug?id=fbd79abaec55f5aede63937182f4247006ea883b (cherry picked from commit 0906362646546843f371bebccb51d5578a99cc7c) --- sys/netinet/sctputil.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/sys/netinet/sctputil.c b/sys/netinet/sctputil.c index 9283b1288dae..738f68af7799 100644 --- a/sys/netinet/sctputil.c +++ b/sys/netinet/sctputil.c @@ -1519,7 +1519,7 @@ select_a_new_ep: SCTP_INP_RUNLOCK(it->inp); goto no_stcb; } - while (it->stcb) { + while (it->stcb != NULL) { SCTP_TCB_LOCK(it->stcb); if (it->asoc_state && ((it->stcb->asoc.state & it->asoc_state) != it->asoc_state)) { /* not in the right state... keep looking */ @@ -1566,16 +1566,23 @@ select_a_new_ep: KASSERT(it->inp == it->stcb->sctp_ep, ("%s: stcb %p does not belong to inp %p, but inp %p", __func__, it->stcb, it->inp, it->stcb->sctp_ep)); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); /* run function on this one */ (*it->function_assoc) (it->inp, it->stcb, it->pointer, it->val); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); /* * we lie here, it really needs to have its own type but * first I must verify that this won't effect things :-0 */ - if (it->no_chunk_output == 0) + if (it->no_chunk_output == 0) { sctp_chunk_output(it->inp, it->stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); + SCTP_INP_RLOCK_ASSERT(it->inp); + SCTP_TCB_LOCK_ASSERT(it->stcb); + } SCTP_TCB_UNLOCK(it->stcb); next_assoc: