>Number: 133736 >Category: kern >Synopsis: ip_id not protected ... >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Apr 14 21:10:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Ernest Hua >Release: 7.0-RELEASE >Organization: MaxiScale, Inc. >Environment: FreeBSD r01s18 7.0-RELEASE FreeBSD 7.0-RELEASE #0: ... amd64 This is our own compiled kernel that is based on 7.0-RELEASE with the dump/snapshot patch applied. >Description: We have evidence of IP fragments from different UDP transactions being stamped with the same 16-bit id. >How-To-Repeat: Using a multi-threaded application, transmit lots of large (much greater than MTU) UDP packets of the same size with known but distinctive content to a single destination port using a multi-core system as the transmitter. There will be occasional data corruption found at the destination where data from one transaction is found in the payload of another transaction. >Fix: ip_id needs some atomic protection. The same can probably be said of the random id generator. >Release-Note: >Audit-Trail: >Unformatted: _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"