From owner-freebsd-net@FreeBSD.ORG Thu Jun 20 14:53:44 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 6C200C9C for ; Thu, 20 Jun 2013 14:53:44 +0000 (UTC) (envelope-from dkandula@gmail.com) Received: from mail-wi0-x230.google.com (mail-wi0-x230.google.com [IPv6:2a00:1450:400c:c05::230]) by mx1.freebsd.org (Postfix) with ESMTP id 0992D1E67 for ; Thu, 20 Jun 2013 14:53:43 +0000 (UTC) Received: by mail-wi0-f176.google.com with SMTP id ey16so1912515wid.3 for ; Thu, 20 Jun 2013 07:53:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=oD4UsRza7EfitMoOcT78QTKHuOia1MOTsigQueep7ko=; b=nYKfMgyAeVWsR0Tf/GVThmtnn9sGOEwJy9Ld5REelULTJ2cQvBZ1kSkuSxHQB02/Oc W819yj0S08rtww97igxJuNMDjrmI775uU15rJ36jnz997lfe6HHVThYY2goRRzrrP33k DAJguHSi252pLDSs9ro01/CiUlMkcBkcfCZPsQz7y9eAY4a31qfXEoV3IXBKKxxeoq/r /sXqTGiaUToitqrhTouPoCeOiXLgMco1JlZ8I63doRunMZqbaW5RP9BinvSDHmB6by5M i7dR6bKuzp/5mkHENxmHl9y0de2+3AT+4u7FLm+iW0ofSnDL9htNnPhLDFgkt5TdlSLq uBRQ== MIME-Version: 1.0 X-Received: by 10.180.20.228 with SMTP id q4mr5818186wie.1.1371740023235; Thu, 20 Jun 2013 07:53:43 -0700 (PDT) Received: by 10.194.6.137 with HTTP; Thu, 20 Jun 2013 07:53:43 -0700 (PDT) Date: Thu, 20 Jun 2013 10:53:43 -0400 Message-ID: Subject: Route deletion when processing a packet by ip_output From: Dheeraj Kandula To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jun 2013 14:53:44 -0000 Hey All, I have been going through the routing and packet processing code in FreeBSD and am not sure how this scenario is handled though this looks basic. Am I missing something here? When ip_output function is processing a packet and uses a route to send it on it's way to the destination, ip_output doesn't hold the read lock of the routing tree while processing the packet. This can be observed from the fact that the ignore flag is set to 0 when invoking in_rtalloc_ign(). Hence even though we increment the reference count for the route when we perform a lookup, the route deletion code can proceed with the deletion as the read lock is not acquired by anyone. i.e. there are no readers. Hence acquiring the write lock succeeds for deletion. The rn_delete disconnects the two nodes from the routing tree i.e. leaf and internal nodes for the route. But in rtrequest1_fib(), the memory for route i,e., rtentry is not unallocated as the reference count is not 1. it will be 2. But when we return from rtrequest1_fib() we don't have a handle on the route entry. Hence how do we get back to this route. I guess because we have a handle to it via the route lookup we can delete it once we call RT_REMREF macro. But once the route is disconnected from the routing tree, it doesn't make sense to use it. Isn't it? i.e. ip_output() may still use it to process the packet. Can anyone clarify this? Am I missing something here or didn't consider something along the way. Dheeraj