Date: Mon, 9 Jun 2008 10:13:27 +0200 From: Marc =?iso-8859-1?q?L=F6rner?= <marc.loerner@hob.de> To: Bruce Evans <brde@optusnet.com.au> Cc: Peter Jeremy <peterjeremy@optushome.com.au>, freebsd-net@freebsd.org Subject: Re: Probable Bug in tcp.h Message-ID: <200806091013.27813.marc.loerner@hob.de> In-Reply-To: <20080606221917.A16250@delplex.bde.org> References: <200806051712.47048.marc.loerner@hob.de> <200806061025.37856.marc.loerner@hob.de> <20080606221917.A16250@delplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 06 June 2008 14:25, Bruce Evans wrote:
> On Fri, 6 Jun 2008, Marc [iso-8859-1] Lörner wrote:
> > On Friday 06 June 2008 09:52, Peter Jeremy wrote:
> >> I gather from this comment that you have some code using struct tcphdr
> >> that is getting alignment errors. struct tcphdr is extensively used
> >> in the TCP stack within the kernel so it's likely that any layout or
> >> alignment problem with it would show up there. I suspect you are
> >> dereferencing a mis-aligned struct tcphdr.
> >
> > The funny thing is that the dereferencing occurs in
> > "/usr/src/sys/netinet/tcp_input.c" in function tcp_input in line 550:
> >
> > /*
> > * Check that TCP offset makes sense,
> > * pull out TCP options and adjust length. XXX
> > */
> > off = th->th_off << 2; <----- here
> > if (off < sizeof (struct tcphdr) || off > tlen) {
> > tcpstat.tcps_rcvbadoff++;
> > goto drop;
> > }
> >
> > So the misalignment may probably lie in TCP stack?
>
> Quite likely. th is normally at offset off0 in ip, where ip is required
> to be 32-bit aligned (see my previous reply). You can see off0 in a
> stack trace.
>
off0 is 0x14 => no problem with that
but address of ip is 0xe000000021c8706e => not correct aligned to 32-bits
Can anyone tell me, where ip is allocated, so I can do a little bit more
research?
Marc
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200806091013.27813.marc.loerner>