Page MenuHomeFreeBSD
Differential D49414

tcp: fix detection of bad RTOs
ClosedPublic
Actions

Authored by tuexen on Wed, Mar 19, 10:04 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Mar 31, 2:30 AM
Unknown Object (File)
Sun, Mar 30, 8:16 PM
Unknown Object (File)
Sun, Mar 30, 7:52 PM
Unknown Object (File)
Fri, Mar 28, 3:08 AM
Unknown Object (File)
Thu, Mar 27, 3:24 PM
Unknown Object (File)
Mon, Mar 24, 9:27 AM
Unknown Object (File)
Mon, Mar 24, 9:27 AM
Unknown Object (File)
Mon, Mar 24, 9:27 AM
View All 19 Files
Subscribers
dch
imp
melifaro

Details

Reviewers
rrs
glebius
rscheff
cc
peter.lei_ieee.org
lstewart
Group Reviewers
transport
Commits
rGfbcf3b74e8f2: tcp: fix detection of bad RTOs
Summary

If timestamps are enabled, the actions does by a retransmission timeout were rolled back,
when they should not. We need to make sure the incoming packet advances the SND.UNA.

To do this, remove the incorrect upfront check and extend the check in the fast path to
handle also the case of timestamps.

This addresses the recently observed panics with the message: sent too much.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

tuexen created this revision.Wed, Mar 19, 10:04 PM
Herald added a reviewer: transport. · View Herald TranscriptWed, Mar 19, 10:04 PM
Herald added subscribers: melifaro, imp. · View Herald Transcript
tuexen requested review of this revision.Wed, Mar 19, 10:04 PM
rscheff added inline comments.Thu, Mar 20, 12:30 AM
sys/netinet/tcp_input.c
1805

Any specific reason to write the or statement as two separate if clauses?

I believe in other parts we do it ((true & x & y & z) | (false & a & b &c )) - as multiline checks;

I don't like them both get executed "always", so at the very least, an "else" just before the 2nd if would be good.

The logic looks ok to me.

glebius added inline comments.Thu, Mar 20, 2:10 AM
sys/netinet/tcp_input.c
1805

I agree with Richard, better one complex if clause. The two clauses are mutually exclusive as one wants TOF_TS and other !TOF_TS, so cc_cong_signal() can be executed only once. My first reading was that it is intentionally written this way cause we may want two calls into cc_cong_singal(), so it was a misleading reading.

Oh, the upper level embracing if can also be merged into one big clause:

if ((tp->t_rxtshift == 1 &&
    tp->t_flags & TF_PREVVALID &&
    tp->t_badrxtwin != 0) &&
    (((to.to_flags & TOF_TS) != 0 &&
    (to.to_tsecr != 0) &&
    TSTMP_LT(to.to_tsecr, tp->t_badrxtwin)) ||
    ((to.to_flags & TOF_TS) == 0 &&
    TSTMP_LT(ticks, tp->t_badrxtwin))))
        cc_cong_signal(tp, th, CC_RTO_ERR);

This will also fix lines longer than 79 chars. IMHO, we may slightly violate style(9) and add single space indentation to highlight our three main large blocks (a && (b || c)).

tuexen updated this revision to Diff 152457.Thu, Mar 20, 9:02 AM

Use one big condition and try to use indentation to structure the boolean expression.

tuexen marked 2 inline comments as done.Thu, Mar 20, 9:03 AM
tuexen added inline comments.
sys/netinet/tcp_input.c
1805

It was a try to break things up for improved readability by humans.

1805

Now using one and two spaces of indentation to make the expression more readable.

rscheff accepted this revision.Thu, Mar 20, 9:21 AM

lgtm

This revision is now accepted and ready to land.Thu, Mar 20, 9:21 AM
peter.lei_ieee.org accepted this revision.Thu, Mar 20, 3:26 PM
cc accepted this revision.Thu, Mar 20, 3:43 PM

This is for the fast path fix. Just want to confirm with your that a second patch may be around to improve both of the fast and slow path?

tuexen marked an inline comment as done.Thu, Mar 20, 3:53 PM
In D49414#1127111, @cc wrote:

This is for the fast path fix. Just want to confirm with your that a second patch may be around to improve both of the fast and slow path?

For the slow path no patch is needed. It already checks that SND.UNA is moved forward and only the timestamp condition is checked.

We can improve the detection of bad RTO later (for example also take D-SACKs into account), but I wanted to focus on fixing incorrect code. The code being incorrect is the one I am removing. Just removing it, would not consider the timestamp based criterium on the fast path, therefore I added it there.

Closed by commit rGfbcf3b74e8f2: tcp: fix detection of bad RTOs (authored by tuexen). · Explain WhyThu, Mar 20, 7:35 PM
This revision was automatically updated to reflect the committed changes.
tuexen added a commit: rGfbcf3b74e8f2: tcp: fix detection of bad RTOs.
dch added a subscriber: dch.Fri, Mar 21, 12:42 PM

thanks, can't reproduce this issue anymore after this patch

All go for 🗡 week.

Revision Contents
Changeset List

PathSize
sys/
netinet/
17 lines

Diff 152457

View Options

sys/netinet/tcp_input.c

Show First 20 LinesShow All 1,629 Lines▼ Show 20 Lines#endif
* fall back to non RFC1323 RTT calculation. Normalize * fall back to non RFC1323 RTT calculation. Normalize
* timestamp if syncookies were used when this connection * timestamp if syncookies were used when this connection
* was established. * was established.
*/ */
if ((to.to_flags & TOF_TS) && (to.to_tsecr != 0)) { if ((to.to_flags & TOF_TS) && (to.to_tsecr != 0)) {
to.to_tsecr -= tp->ts_offset; to.to_tsecr -= tp->ts_offset;
if (TSTMP_GT(to.to_tsecr, tcp_ts_getticks())) { if (TSTMP_GT(to.to_tsecr, tcp_ts_getticks())) {
to.to_tsecr = 0; to.to_tsecr = 0;
} else if (tp->t_rxtshift == 1 &&
tp->t_flags & TF_PREVVALID &&
tp->t_badrxtwin != 0 &&
TSTMP_LT(to.to_tsecr, tp->t_badrxtwin)) {
cc_cong_signal(tp, th, CC_RTO_ERR);
} }
} }
/* /*
* Process options only when we get SYN/ACK back. The SYN case * Process options only when we get SYN/ACK back. The SYN case
* for incoming connections is handled in tcp_syncache. * for incoming connections is handled in tcp_syncache.
* According to RFC1323 the window field in a SYN (i.e., a <SYN> * According to RFC1323 the window field in a SYN (i.e., a <SYN>
* or <SYN,ACK>) segment itself is never scaled. * or <SYN,ACK>) segment itself is never scaled.
* XXX this is traditional behavior, may need to be cleaned up. * XXX this is traditional behavior, may need to be cleaned up.
▲ Show 20 LinesShow All 136 Lines▼ Show 20 Lines if (tlen == 0) {
(to.to_flags & TOF_SACK) == 0 && (to.to_flags & TOF_SACK) == 0 &&
TAILQ_EMPTY(&tp->snd_holes)) { TAILQ_EMPTY(&tp->snd_holes)) {
/* /*
* This is a pure ack for outstanding data. * This is a pure ack for outstanding data.
*/ */
TCPSTAT_INC(tcps_predack); TCPSTAT_INC(tcps_predack);
/* /*
* "bad retransmit" recovery without timestamps. * "bad retransmit" recovery.
*/ */
if ((to.to_flags & TOF_TS) == 0 && if (tp->t_rxtshift == 1 &&
tp->t_rxtshift == 1 &&
tp->t_flags & TF_PREVVALID && tp->t_flags & TF_PREVVALID &&
tp->t_badrxtwin != 0 && tp->t_badrxtwin != 0 &&
TSTMP_LT(ticks, tp->t_badrxtwin)) { (((to.to_flags & TOF_TS) != 0 &&
to.to_tsecr != 0 &&
TSTMP_LT(to.to_tsecr, tp->t_badrxtwin)) ||
((to.to_flags & TOF_TS) == 0 &&
TSTMP_LT(ticks, tp->t_badrxtwin))))
cc_cong_signal(tp, th, CC_RTO_ERR); cc_cong_signal(tp, th, CC_RTO_ERR);
}
/* /*
* Recalculate the transmit timer / rtt. * Recalculate the transmit timer / rtt.
* *
* Some boxes send broken timestamp replies * Some boxes send broken timestamp replies
rscheffUnsubmitted
Done
Inline Actions

Any specific reason to write the or statement as two separate if clauses?

I believe in other parts we do it ((true & x & y & z) | (false & a & b &c )) - as multiline checks;

I don't like them both get executed "always", so at the very least, an "else" just before the 2nd if would be good.

The logic looks ok to me.

rscheff: Any specific reason to write the or statement as two separate if clauses? I believe in other…
glebiusUnsubmitted
Done
Inline Actions

I agree with Richard, better one complex if clause. The two clauses are mutually exclusive as one wants TOF_TS and other !TOF_TS, so cc_cong_signal() can be executed only once. My first reading was that it is intentionally written this way cause we may want two calls into cc_cong_singal(), so it was a misleading reading.

Oh, the upper level embracing if can also be merged into one big clause:

if ((tp->t_rxtshift == 1 &&
    tp->t_flags & TF_PREVVALID &&
    tp->t_badrxtwin != 0) &&
    (((to.to_flags & TOF_TS) != 0 &&
    (to.to_tsecr != 0) &&
    TSTMP_LT(to.to_tsecr, tp->t_badrxtwin)) ||
    ((to.to_flags & TOF_TS) == 0 &&
    TSTMP_LT(ticks, tp->t_badrxtwin))))
        cc_cong_signal(tp, th, CC_RTO_ERR);

This will also fix lines longer than 79 chars. IMHO, we may slightly violate style(9) and add single space indentation to highlight our three main large blocks (a && (b || c)).

glebius: I agree with Richard, better one complex if clause. The two clauses are mutually exclusive as…
tuexenAuthorUnsubmitted
Done
Inline Actions

Now using one and two spaces of indentation to make the expression more readable.

tuexen: Now using one and two spaces of indentation to make the expression more readable.
tuexenAuthorUnsubmitted
Done
Inline Actions

It was a try to break things up for improved readability by humans.

tuexen: It was a try to break things up for improved readability by humans.
* during the SYN+ACK phase, ignore * during the SYN+ACK phase, ignore
* timestamps of 0 or we could calculate a * timestamps of 0 or we could calculate a
* huge RTT and blow up the retransmit timer. * huge RTT and blow up the retransmit timer.
*/ */
if ((to.to_flags & TOF_TS) != 0 && if ((to.to_flags & TOF_TS) != 0 &&
to.to_tsecr) { to.to_tsecr) {
uint32_t t; uint32_t t;
▲ Show 20 LinesShow All 2,424 LinesShow Last 20 Lines