Page MenuHomeFreeBSD

Incorrect KASSERT

Authored by rrs on Mar 17 2019, 1:15 PM.


Group Reviewers

While testing at NF we have found this incorrect KASSERT. It is rare, which
is why no one probably has hit it. You have to have a session that is
being dropped by persists. And when the tcp_drop() calls tcp_output.c it
will be in the closed state. The interface must be overloaded and return
ENOBUF's. When that occurs, your flags will be set to
TH_RST (you were dropping the connection). The check in the KASSERT
is trying to make sure you don't have the TH_FIN or TH_SYN but it needs to
include TH_RST as well and the
flags in place, but it is the wrong logic it should be != not ==.

Test Plan
  1. Use a small test program to validate that when no timers are set and you pass in to the new logic TH_FIN or TH_SYN and TH_RST you will correctly return true to pass the kassert
  2. place the change in nf and test (which may or may not hit the problem) since its a very rare event (the test prog is better to make sure we are doing the right thing) :)

Diff Detail

Lint Skipped
Unit Tests Skipped

Event Timeline

rrs created this revision.Mar 17 2019, 1:15 PM
rrs updated this revision to Diff 55154.Mar 17 2019, 1:22 PM
rrs edited the summary of this revision. (Show Details)
rrs edited the test plan for this revision. (Show Details)
jtl added a comment.Mar 18 2019, 3:37 PM

I'm confused how a RST could have tripped this assert. In that case, len should have been 0 and ((th_flags) & (TH_SYN | TH_FIN)) == 0 should have been true (i.e. neither SYN nor FIN was set). In other words, it looks to me as if a RST should already pass the assert without tripping it. Can you explain further what I'm missing?

rrs abandoned this revision.Mar 19 2019, 5:36 PM