________________________________
From: Alexander Bluhm <alexander.bl...@gmx.net>
Sent: Thursday, July 6, 2023 13:54
To: Valdrin MUJA <valdrin_m...@outlook.com>
Cc: bugs@openbsd.org <bugs@openbsd.org>
Subject: Re: kernel diagnostic assertion "!_kernel_lock_held()" failed
On Wed, Jul 05, 2023 at 12:17:15PM +0000, Valdrin MUJA wrote:
> ddb{3}> show panic
> *cpu3: kernel diagnostic assertion "!ISSET(rt->rt_flags, RTF_UP)" failed:
> file "
> /usr/src/sys/net/route.c", line 496
>
> ddb{3}> trace
> db_enter() at db_enter+0x10
> panic(ffffffff82067518) at panic+0xbf
> __assert(ffffffff820de23b,ffffffff8206be5d,1f0,ffffffff820e901b) at
> __assert+0x
> 25
> rtfree(fffffd8275365a90) at rtfree+0x1af
> route_output(fffffd8065dd1f00,fffffd821540a920) at route_output+0x413
> route_send(fffffd821540a920,fffffd8065dd1f00,0,0) at route_send+0x57
> sosend(fffffd821540a920,0,ffff80002254d3e0,0,0,80) at sosend+0x37f
> dofilewritev(ffff80002251f390,6,ffff80002254d3e0,0,ffff80002254d4e0) at
> dofilew
> ritev+0x14d
> sys_writev(ffff80002251f390,ffff80002254d480,ffff80002254d4e0) at
> sys_writev+0x
> d2
> syscall(ffff80002254d550) at syscall+0x3d4
> Xsyscall() at Xsyscall+0x128
Looks like your routing table is busted. I just found a bug in
-current. Maybe this also causes your problem.
Could you apply the diff below an recompile the kernel. It should
be the same fix for 7.3.
bluhm
Index: net/rtable.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/rtable.c,v
retrieving revision 1.82
diff -u -p -r1.82 rtable.c
--- net/rtable.c 19 Apr 2023 17:42:47 -0000 1.82
+++ net/rtable.c 5 Jul 2023 20:05:26 -0000
@@ -604,6 +604,11 @@ rtable_insert(unsigned int rtableid, str
SRPL_INSERT_HEAD_LOCKED(&rt_rc, &an->an_rtlist, rt, rt_next);
prev = art_insert(ar, an, addr, plen);
+ if (prev == an) {
+ rw_exit_write(&ar->ar_lock);
+ /* keep the refcount for rt while it is in an_rtlist */
+ return (0);
+ }
if (prev != an) {
SRPL_REMOVE_LOCKED(&rt_rc, &an->an_rtlist, rt, rtentry,
rt_next);
@@ -689,9 +694,10 @@ rtable_delete(unsigned int rtableid, str
npaths++;
if (npaths > 1) {
- KASSERT(refcnt_read(&rt->rt_refcnt) >= 1);
+ KASSERT(refcnt_read(&rt->rt_refcnt) >= 2);
SRPL_REMOVE_LOCKED(&rt_rc, &an->an_rtlist, rt, rtentry,
rt_next);
+ rtfree(rt);
mrt = SRPL_FIRST_LOCKED(&an->an_rtlist);
if (npaths == 2)
@@ -703,8 +709,9 @@ rtable_delete(unsigned int rtableid, str
if (art_delete(ar, an, addr, plen) == NULL)
panic("art_delete failed to find node %p", an);
- KASSERT(refcnt_read(&rt->rt_refcnt) >= 1);
+ KASSERT(refcnt_read(&rt->rt_refcnt) >= 2);
SRPL_REMOVE_LOCKED(&rt_rc, &an->an_rtlist, rt, rtentry, rt_next);
+ rtfree(rt);
art_put(an);
leave:
@@ -821,12 +828,11 @@ rtable_mpath_reprio(unsigned int rtablei
*/
rt->rt_priority = prio;
} else {
- rtref(rt); /* keep rt alive in between remove and insert */
+ KASSERT(refcnt_read(&rt->rt_refcnt) >= 2);
SRPL_REMOVE_LOCKED(&rt_rc, &an->an_rtlist,
rt, rtentry, rt_next);
rt->rt_priority = prio;
rtable_mpath_insert(an, rt);
- rtfree(rt);
error = EAGAIN;
}
rw_exit_write(&ar->ar_lock);
@@ -839,6 +845,9 @@ rtable_mpath_insert(struct art_node *an,
{
struct rtentry *mrt, *prt = NULL;
uint8_t prio = rt->rt_priority;
+
+ /* increment the refcount for rt while it is in an_rtlist */
+ rtref(rt);
if ((mrt = SRPL_FIRST_LOCKED(&an->an_rtlist)) == NULL) {
SRPL_INSERT_HEAD_LOCKED(&rt_rc, &an->an_rtlist, rt, rt_next);
