git: 12752978d32b - main - tcp: The rack stack can incorrectly have an overflow when calculating a burst delay.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 26 Oct 2021 17:19:46 UTC
The branch main has been updated by rrs:
URL: https://cgit.FreeBSD.org/src/commit/?id=12752978d32b440f7cc79a9dfb539b5bf42620af
commit 12752978d32b440f7cc79a9dfb539b5bf42620af
Author: Randall Stewart <rrs@FreeBSD.org>
AuthorDate: 2021-10-26 17:17:58 +0000
Commit: Randall Stewart <rrs@FreeBSD.org>
CommitDate: 2021-10-26 17:17:58 +0000
tcp: The rack stack can incorrectly have an overflow when calculating a burst delay.
If the congestion window is very large the fact that we multiply it by 1000 (for microseconds) can
cause the uint32_t to overflow and we incorrectly calculate a very small divisor. This will then
cause the burst timer to be very large when it should be 0. Instead lets make the three variables
uint64_t and avoid the issue.
Reviewed by: Michael Tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D32668
---
sys/netinet/tcp_stacks/rack.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/sys/netinet/tcp_stacks/rack.c b/sys/netinet/tcp_stacks/rack.c
index 059c7d26d81e..eee7db6e7a4c 100644
--- a/sys/netinet/tcp_stacks/rack.c
+++ b/sys/netinet/tcp_stacks/rack.c
@@ -14909,6 +14909,7 @@ pace_to_fill_cwnd(struct tcp_rack *rack, int32_t slot, uint32_t len, uint32_t se
static int32_t
rack_get_pacing_delay(struct tcp_rack *rack, struct tcpcb *tp, uint32_t len, struct rack_sendmap *rsm, uint32_t segsiz)
{
+ uint64_t srtt;
int32_t slot = 0;
int can_start_hw_pacing = 1;
int err;
@@ -14921,7 +14922,7 @@ rack_get_pacing_delay(struct tcp_rack *rack, struct tcpcb *tp, uint32_t len, str
* quicker then possible. But thats ok we don't want
* the peer to have a gap in data sending.
*/
- uint32_t srtt, cwnd, tr_perms = 0;
+ uint64_t cwnd, tr_perms = 0;
int32_t reduce = 0;
old_method:
@@ -14971,7 +14972,7 @@ rack_get_pacing_delay(struct tcp_rack *rack, struct tcpcb *tp, uint32_t len, str
rack_log_pacing_delay_calc(rack, len, slot, tr_perms, reduce, 0, 7, __LINE__, NULL, 0);
} else {
uint64_t bw_est, res, lentim, rate_wanted;
- uint32_t orig_val, srtt, segs, oh;
+ uint32_t orig_val, segs, oh;
int capped = 0;
int prev_fill;
@@ -15196,7 +15197,7 @@ done_w_hdwr:
srtt = rack->rc_tp->t_srtt;
else
srtt = RACK_INITIAL_RTO * HPTS_USEC_IN_MSEC; /* its in ms convert */
- if (srtt < slot) {
+ if (srtt < (uint64_t)slot) {
rack_log_pacing_delay_calc(rack, srtt, slot, rate_wanted, bw_est, lentim, 99, __LINE__, NULL, 0);
slot = srtt;
}