Date: Fri, 17 May 2002 14:04:36 +0200 From: Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de> To: Bernd Walter <ticso@cicely5.cicely.de> Cc: alpha@freebsd.org Subject: Re: memory management fault during netbooting on 4.6-PRERELEASE Message-ID: <20020517140436.A347@i2.informatik.rwth-aachen.de> In-Reply-To: <20020515173553.GK4401@cicely5.cicely.de> References: <20020514235608.A69014@xor.obsecurity.org> <xzpg00t26ia.fsf@flood.ping.uio.no> <15586.25870.79809.901266@grasshopper.cs.duke.edu> <xzp4rh9z5zi.fsf@flood.ping.uio.no> <20020515173553.GK4401@cicely5.cicely.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In local.freebsd-alpha, you wrote: > There are many potential of them waiting for a small change elsewhere. > One PR (alpha/34232) is open containing a fix for one of them, which > might be the same you are seeing. > I just did not found the time yet to check if the fix might leak > some kernel internal data in the padding. <delurk; I'm the originator of the PR above> After I discovered the reason, I toyed some more with the fixes and I think the cure is worse than the cause. The problem is that some kernel functions/ioctls which export data to userland are not 64bit friendly because of missing padding -- not in the structures, but how they are used. You will find some comments by itojun(?) in the NetBSD sources where he states the same. What happened for my case is that the interfaces got reported by an ioctl and I had IPv6 addresses on the interfaces. Unluckily, IPv6 address are not x*8 in size, but rather x*8+n. Now the kernel allocates one chunk of contigous memory for all interface addresses and starts to fill them in. This means that the next sa_address following an IPv6 entry will start at an unaligned address. I was using 'dhclient', too, and did observe the same behaviour and tracked it to the same place with gdb in -STABLE (the first IP6 address is one of the fec80, so the first "real" IPv6 address will trigger this). So, to fix this, you'd have to change the layout of the addresses in the chunk *and* fix all applications to behave accrodingly, otherwise they'd read from the wrong offset. That's where SA_ALIGN came into play, which does exactly that. Maybe you could just add trailing padding to the IP6-struct in the header and rebuild world ;) However, YMMV, and the bug DES reported might already be something else. Some patches are still lying around on my disks, but remember, you have to fix the kernel and the userland :-/ Volker To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-alpha" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020517140436.A347>