From nobody@FreeBSD.org  Mon May  7 14:40:05 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3164916A403
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  7 May 2007 14:40:05 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 2480413C465
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  7 May 2007 14:40:05 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l47Ee4Pd031191
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 7 May 2007 14:40:04 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l47EZ3A3022648;
	Mon, 7 May 2007 14:35:03 GMT
	(envelope-from nobody)
Message-Id: <200705071435.l47EZ3A3022648@www.freebsd.org>
Date: Mon, 7 May 2007 14:35:03 GMT
From: Mehul<mehuljv@yahoo.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Problem In "rt_check" routine.
X-Send-Pr-Version: www-3.0

>Number:         112491
>Category:       kern
>Synopsis:       Problem In "rt_check" routine.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 07 14:50:03 GMT 2007
>Closed-Date:    Mon May 07 15:04:36 GMT 2007
>Last-Modified:  Mon May 07 15:04:36 GMT 2007
>Originator:     Mehul
>Release:        6.2
>Organization:
>Environment:
>Description:
Current implementation of rt_check() routine defined in route.c is not completely  MPSAFE. I found an issue when i started routing with "directisr" enabled. For the first rcvd packet this function initializes rt_gateway of the passed rt_entry. This is done by calling "rtalloc1" routine. But "rt_check" function doesnt hold any lock while calling this function. So incase if we have multiple instances of "ip_input - netisr" running than more than one thread can call this routine which may lead to some corruption, in my case it leads to a dead lock. Problem doesn't happen if before sending heavy traffic a single packet of same kind is sent. But if initially itself heavy traffic is sent than this happens immediately. I have fixed this and it works well after it. Workaround patch for this issue is attached here with. Probably we need to define a macro in route.h for the hardcoded values in the patch.
>How-To-Repeat:

>Fix:
1260a1261
> try_again:
1280a1282,1289
>
>               if(rt0->rt_flags & 0x80000000U){
>                       /*This rt is under process...*/
>                       RT_UNLOCK(rt);
>                       RT_UNLOCK(rt0);
>                       goto try_again;
>               }
>
1281a1291
>                       rt0->rt_flags |= 0x80000000U;
1288a1299
>                       rt0->rt_flags &= (~0x80000000U);

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Mon May 7 15:04:24 UTC 2007 
State-Changed-Why:  
Duplicate of kern/112490. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=112491 
>Unformatted:
