Date: Mon, 22 Nov 2004 14:32:41 -0500 From: John Baldwin <jhb@FreeBSD.org> To: freebsd-alpha@FreeBSD.org Cc: Robert Watson <rwatson@FreeBSD.org> Subject: Re: alpha and em mtu Message-ID: <200411221432.42028.jhb@FreeBSD.org> In-Reply-To: <Pine.SOC.4.61.0411211105060.10997@tea.blinkenlights.nl> References: <Pine.SOC.4.61.0411142153430.26307@tea.blinkenlights.nl> <200411191601.11773.jhb@FreeBSD.org> <Pine.SOC.4.61.0411211105060.10997@tea.blinkenlights.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 21 November 2004 07:35 am, Sten Spans wrote:
> On Fri, 19 Nov 2004, John Baldwin wrote:
> > On Friday 19 November 2004 04:32 am, Sten Spans wrote:
> >> On Mon, 15 Nov 2004, Sten Spans wrote:
> >>> On Mon, 15 Nov 2004, John Baldwin wrote:
> >>>> On Monday 15 November 2004 04:07 pm, Sten Spans wrote:
> >>>>> On Mon, 15 Nov 2004, John Baldwin wrote:
> >>>>>
> >>>>> changed to ((off0 & 0x3) != 0), didn't seem to print anything.
> >>>>
> >>>> Ok, try this one then instead:
> >>>>
> >>>> Index: netinet/tcp_input.c
> >>>> ===================================================================
> >>>> RCS file: /usr/cvs/src/sys/netinet/tcp_input.c,v
> >>>> retrieving revision 1.255
> >>>> diff -u -r1.255 tcp_input.c
> >>>> --- netinet/tcp_input.c 7 Nov 2004 19:19:35 -0000 1.255
> >>>> +++ netinet/tcp_input.c 15 Nov 2004 21:19:50 -0000
> >>>> @@ -504,6 +504,8 @@
> >>>> }
> >>>> }
> >>>> ip = mtod(m, struct ip *);
> >>>> + if (((uintptr_t)ip & 0x3) != 0)
> >>>> + printf("%s: ip %p is misaligned\n", __func__, ip);
> >>>> ipov = (struct ipovly *)ip;
> >>>> th = (struct tcphdr *)((caddr_t)ip + off0);
> >>>> tlen = ip->ip_len;
> >>>
> >>> This does print something:
> >>> deepthought# ifconfig em0 mtu 1501
> >>> deepthought# tcp_input: ip 0xfffffc001817f00e is misaligned
> >>>
> >>> fatal kernel trap:
> >>>
> >>> trap entry = 0x4 (unaligned access fault)
> >>> faulting va = 0xfffffc001817f02e
> >>> opcode = 0x28
> >>> register = 0x1
> >>> pc = 0xfffffc00004cd134
> >>> ra = 0xfffffc00004ccf94
> >>> sp = 0xfffffe00187a9af0
> >>> curthread = 0xfffffc001f3a70e0
> >>> pid = 14, comm = swi1: net
> >>>
> >>> [thread 100006]
> >>> Stopped at tcp_input+0x3a4: srl t0,#0x2,t0
> >>> <t0=0x45>
> >>>
> >>>
> >>> The ip's used are 192.168.1.3 and 192.168.1.4.
> >>
> >> Any luck or should I turn this into a pr ?
> >
> > Sorry, been busy recently. A PR certainly wouldn't hurt.
>
> Ok, I'll get that going.
>
> > Does this panic go
> > away if you use a different MTU btw?
>
> I've tried running
>
> i=1; while true; echo $i; ifconfig em0 mtu $i; let i++; sleep 2;
>
> and on the client:
> while true; do echo bla | telnet alpha 22; sleep 1; done
>
> this caused no crashes with mtu 1-1500.
>
> But:
> deepthought# ifconfig em0 mtu 1666
> deepthought# tcp_input: ip 0xfffffc0018cdb00e is misaligned
> deepthought# ifconfig em0 mtu 1564
> deepthought# tcp_input: ip 0xfffffc001857c80e is misaligned
> deepthought# ifconfig em0 mtu 1532
> deepthought# tcp_input: ip 0xfffffc001859300e is misaligned
>
> If it has to be 8 bytes aligned then it's off by 4, doesn't
> seem to be vlanmtu though.
Ok, this is helpful I think. (Big MTU -> panic.) The next step is probably
to start walking up the stack determining where the pointer starts off and
how it ends up aligned. Can you use gdb to figure out the source file/line
of the previous stack frame before tcp_input()?
--
John Baldwin <jhb@FreeBSD.org> <>< http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve" = http://www.FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411221432.42028.jhb>