Author: bz Date: Fri Oct 12 22:51:45 2018 New Revision: 339339 URL: https://svnweb.freebsd.org/changeset/base/339339
Log: In udp_input() when walking the pcblist we can come across an inp marked FREED after the epoch(9) changes. Check once we hold the lock and skip the inp if it is the case. Contrary to IPv6 the locking of the inp is outside the multicast section and hence a single check seems to suffice. PR: 232192 Reviewed by: mmacy, markj Approved by: re (kib) Differential Revision: https://reviews.freebsd.org/D17540 Modified: head/sys/netinet/udp_usrreq.c Modified: head/sys/netinet/udp_usrreq.c ============================================================================== --- head/sys/netinet/udp_usrreq.c Fri Oct 12 22:40:54 2018 (r339338) +++ head/sys/netinet/udp_usrreq.c Fri Oct 12 22:51:45 2018 (r339339) @@ -551,6 +551,11 @@ udp_input(struct mbuf **mp, int *offp, int proto) INP_RLOCK(inp); + if (__predict_false(inp->inp_flags2 & INP_FREED)) { + INP_RUNLOCK(inp); + continue; + } + /* * XXXRW: Because we weren't holding either the inpcb * or the hash lock when we checked for a match _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"