https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197059
--- Comment #7 from commit-h...@freebsd.org --- A commit references this bug: Author: ae Date: Thu Mar 12 09:04:21 UTC 2015 New revision: 279911 URL: https://svnweb.freebsd.org/changeset/base/279911 Log: MFC r279588: Fix deadlock in IPv6 PCB code. When several threads are trying to send datagram to the same destination, but fragmentation is disabled and datagram size exceeds link MTU, ip6_output() calls pfctlinput2(PRC_MSGSIZE). It does notify all sockets wanted to know MTU to this destination. And since all threads hold PCB lock while sending, taking the lock for each PCB in the in6_pcbnotify() leads to deadlock. RFC 3542 p.11.3 suggests notify all application wanted to receive IPV6_PATHMTU ancillary data for each ICMPv6 packet too big message. But it doesn't require this, when we don't receive ICMPv6 message. Change ip6_notify_pmtu() function to be able use it directly from ip6_output() to notify only one socket, and to notify all sockets when ICMPv6 packet too big message received. MFC r279684: tcp6_ctlinput() doesn't pass MTU value to in6_pcbnotify(). Check cmdarg isn't NULL before dereference, this check was in the ip6_notify_pmtu() before r279588. PR: 197059 Sponsored by: Yandex LLC Changes: _U stable/10/ stable/10/sys/netinet6/in6_pcb.c stable/10/sys/netinet6/ip6_input.c stable/10/sys/netinet6/ip6_output.c stable/10/sys/netinet6/ip6_var.h -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
