[Bug 260393] Page Fault tcp_output/tcp_input

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 21 Dec 2021 23:40:26 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260393

--- Comment #36 from Hans Petter Selasky <hselasky@FreeBSD.org> ---
Hi,

I wonder if we need to subtract 1 from tp->snd_max, when TF_SENTFIN is set?

t_state = 8 

#define TCPS_LAST_ACK           8       /* had fin and close; await FIN ACK */

t_flags = 554697333 = 0x21100275

#define  TF_SENTFIN      0x00000010      /* have sent FIN */

I remember we did a similar fix some while back for SACK:

                /*
                 * Exclude FIN sequence space in
                 * the hole for the rescue retransmission,
                 * and also don't create a hole, if only
                 * the ACK for a FIN is outstanding.
                 */
                tcp_seq highdata = tp->snd_max;
                if (tp->t_flags & TF_SENTFIN)
                        highdata--;


Now in this piece of code leading up do the sbdrop() of 1 byte:

                if (tlen == 0) {
                        if (SEQ_GT(th->th_ack, tp->snd_una) &&
                            SEQ_LEQ(th->th_ack, tp->snd_max) &&
                            !IN_RECOVERY(tp->t_flags) &&
                            (to.to_flags & TOF_SACK) == 0 &&
                            TAILQ_EMPTY(&tp->snd_holes)) {

The SEQ_LEQ is compared against the wrong snd_max ?

       SEQ_LEQ(th->th_ack, tp->snd_max)

--HPS

-- 
You are receiving this mail because:
You are the assignee for the bug.