From dima@satty.npi.msu.su  Sat Jun 15 15:22:03 1996
Received: from satty.npi.msu.su (root@satty.npi.msu.su [158.250.2.251])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA19552
          for <FreeBSD-gnats-submit@freebsd.org>; Sat, 15 Jun 1996 15:22:00 -0700 (PDT)
Received: (from dima@localhost) by satty.npi.msu.su (8.7.4/8.7.3) id CAA09195; Sun, 16 Jun 1996 02:21:53 +0400 (MSD)
Message-Id: <199606152221.CAA09195@satty.npi.msu.su>
Date: Sun, 16 Jun 1996 02:21:53 +0400 (MSD)
From: Dmitry Khrustalev <dima@satty.npi.msu.su>
Reply-To: dima@satty.npi.msu.su
To: FreeBSD-gnats-submit@freebsd.org
Subject: system crash when running gated
X-Send-Pr-Version: 3.2

>Number:         1325
>Category:       kern
>Synopsis:       system crash when running gated
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    fenner
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 15 15:30:01 PDT 1996
>Closed-Date:    Mon Jun 17 17:08:47 PDT 1996
>Last-Modified:  Mon Jun 17 17:11:08 PDT 1996
>Originator:     Dmitry Khrustalev
>Release:        FreeBSD 2.2-CURRENT i386
>Organization:
>Environment:

	FreeBSD-current, ip_output.c rev 1.40, gated

>Description:

	ip_output does not allocate route when IP_ROUTETOIF is set,
	system crash in arpresolve with rt0 = NULL.

>How-To-Repeat:

	run gated.

>Fix:
	

*** ip_output.c.orig	Sun Jun 16 02:10:21 1996
--- ip_output.c	Sun Jun 16 02:13:47 1996
***************
*** 144,149 ****
--- 144,165 ----
  		dst->sin_addr = ip->ip_dst;
  	}
  	/*
+ 	 * If this is the case, we probably don't want to allocate
+ 	 * a protocol-cloned route since we didn't get one from the
+ 	 * ULP.  This lets TCP do its thing, while not burdening
+ 	 * forwarding or ICMP with the overhead of cloning a route.
+ 	 * Of course, we still want to do any cloning requested by
+ 	 * the link layer, as this is probably required in all cases
+ 	 * for correct operation (as it is for ARP).
+ 	 */
+ 	if (ro->ro_rt == 0)
+ 		rtalloc_ign(ro, RTF_PRCLONING);
+ 	if (ro->ro_rt == 0) {
+ 		ipstat.ips_noroute++;
+ 		error = EHOSTUNREACH;
+ 		goto bad;
+ 	}
+ 	/*
  	 * If routing to interface only,
  	 * short circuit routing lookup.
  	 */
***************
*** 160,181 ****
  		ip->ip_ttl = 1;
  		isbroadcast = in_broadcast(dst->sin_addr, ifp);
  	} else {
- 		/*
- 		 * If this is the case, we probably don't want to allocate
- 		 * a protocol-cloned route since we didn't get one from the
- 		 * ULP.  This lets TCP do its thing, while not burdening
- 		 * forwarding or ICMP with the overhead of cloning a route.
- 		 * Of course, we still want to do any cloning requested by
- 		 * the link layer, as this is probably required in all cases
- 		 * for correct operation (as it is for ARP).
- 		 */
- 		if (ro->ro_rt == 0)
- 			rtalloc_ign(ro, RTF_PRCLONING);
- 		if (ro->ro_rt == 0) {
- 			ipstat.ips_noroute++;
- 			error = EHOSTUNREACH;
- 			goto bad;
- 		}
  		ia = ifatoia(ro->ro_rt->rt_ifa);
  		ifp = ro->ro_rt->rt_ifp;
  		ro->ro_rt->rt_use++;
--- 176,181 ----
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: fenner 
State-Changed-When: Mon Jun 17 17:08:47 PDT 1996 
State-Changed-Why:  
Duplicate of kern/1140 .  The included patch is incorrect, since IP_ROUTETOIF 
really means don't look at the routing table at all. 


Responsible-Changed-From-To: freebsd-bugs->fenner 
Responsible-Changed-By: fenner 
Responsible-Changed-When: Mon Jun 17 17:08:47 PDT 1996 
Responsible-Changed-Why:  
Fenner made the change to the arp code that introduced the panic 
>Unformatted:
