From owner-freebsd-current@FreeBSD.ORG  Sun Jun  1 06:03:06 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4088F37B401; Sun,  1 Jun 2003 06:03:06 -0700 (PDT)
Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2540243FDD; Sun,  1 Jun 2003 06:00:24 -0700 (PDT)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely5.cicely.de (cicely5.cicely.de
	[IPv6:3ffe:400:8d0:301:200:92ff:fe9b:20e7])
	by srv1.cosmo-project.de (8.12.9/8.12.9) with ESMTP id h51D0DrN051747
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK);
	Sun, 1 Jun 2003 15:00:18 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely12.cicely.de (cicely12.cicely.de
	[IPv6:3ffe:400:8d0:301::12])
	by cicely5.cicely.de (8.12.9/8.12.9) with ESMTP id h51D0BOs015931
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Sun, 1 Jun 2003 15:00:12 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: from cicely12.cicely.de (localhost [127.0.0.1])
	by cicely12.cicely.de (8.12.9/8.12.9) with ESMTP id h51D0BiN002171;
	Sun, 1 Jun 2003 15:00:11 +0200 (CEST)
	(envelope-from ticso@cicely12.cicely.de)
Received: (from ticso@localhost)
	by cicely12.cicely.de (8.12.9/8.12.9/Submit) id h51D09Kw002170;
	Sun, 1 Jun 2003 15:00:09 +0200 (CEST)
Date: Sun, 1 Jun 2003 15:00:09 +0200
From: Bernd Walter <ticso@cicely12.cicely.de>
To: Luigi Rizzo <rizzo@icir.org>
Message-ID: <20030601130008.GA527@cicely12.cicely.de>
References: <3ED94166.7070300@btc.adaptec.com>
	<Pine.NEB.3.96L.1030531201712.3370J-100000@fledge.watson.org>
	<20030531173958.C91048@xorpc.icir.org>
	<20030601013256.GH503@cicely12.cicely.de>
	<20030601022633.A4287@xorpc.icir.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030601022633.A4287@xorpc.icir.org>
X-Operating-System: FreeBSD cicely12.cicely.de 5.1-BETA alpha
User-Agent: Mutt/1.5.4i
cc: Scott Long <scott_long@btc.adaptec.com>
cc: Robert Watson <rwatson@freebsd.org>
cc: ticso@cicely.de
cc: current@freebsd.org
Subject: Re: 5.1-RELEASE TODO
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: ticso@cicely.de
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Jun 2003 13:03:06 -0000

On Sun, Jun 01, 2003 at 02:26:34AM -0700, Luigi Rizzo wrote:
> On Sun, Jun 01, 2003 at 03:32:56AM +0200, Bernd Walter wrote:
> ...
> > :)
> > And I hoped a programmer who knows the source could find out and fix
> > very quickly.
> 
> sorry, i missed the offending line number in your previous email.
> 
> I think i missed a & in all the first arguments to bcopy in
> the src/sbin/ipfw2.c changes :(
> 
> this happens at lines 818, 1224, 1461 and 1701. Fortunately
> the kernel part seems correct.
> 
> In detail, the fix should be the following:
> 
> 818:
> -       bcopy(rule->next_rule, &set_disable, sizeof(set_disable));
> +       bcopy(&rule->next_rule, &set_disable, sizeof(set_disable));
> 
> 1224:
> -       bcopy(d->rule, &rulenum, sizeof(rulenum));
> +       bcopy(&d->rule, &rulenum, sizeof(rulenum));
> 
> 1461:
> -               bcopy(((struct ip_fw *)data)->next_rule,
> +               bcopy(&((struct ip_fw *)data)->next_rule,
> 
> 1701:
> -                               bcopy(d->rule, &rulenum, sizeof(rulenum));
> +                               bcopy(&d->rule, &rulenum, sizeof(rulenum));

Look way bettter now :)
I wasn't able to crash the kernel with missaligned access any more, but
the userland tool still does in some situations:
[59]cicely12# ipfw show
pid 2121 (ipfw): unaligned access: va=0x1200ac09c pc=0x120003bb4 ra=0x120003bfc op=ldq
pid 2121 (ipfw): unaligned access: va=0x1200ac0a4 pc=0x120003bdc ra=0x120003bc8 op=ldq
00100    5237     824333 allow tcp from any to any dst-port 1-65535,1-65535
00200       0          0 allow tcp from any to any dst-port 1-65535,1-65535,1-65535
pid 2121 (ipfw): unaligned access: va=0x1200ac09c pc=0x120002260 ra=0x1200015ec op=ldq
pid 2121 (ipfw): unaligned access: va=0x1200ac0a4 pc=0x120002264 ra=0x1200015ec op=ldq
65535 5836817 1002036976 allow ip from any to any

[64]cicely12# sysctl machdep.unaligned_sigbus=1
machdep.unaligned_sigbus: 0 -> 1
[65]cicely12# ipfw show
pid 2146 (ipfw): unaligned access: va=0x1200ac09c pc=0x120003bb4 ra=0x120003bfc op=ldq
Bus error (core dumped)
Exit 138
[66]cicely12# gdb ./ipfw ipfw.core 
GNU gdb 5.2.1 (FreeBSD)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "alpha-undermydesk-freebsd"...
Core was generated by `ipfw'.
Program terminated with signal 10, Bus error.
#0  0x120003bb4 in list (ac=0, av=0x11fff720) at ipfw2.c:1629
1629                            width = snprintf(NULL, 0, "%llu", r->pcnt);
(gdb) bt
#0  0x120003bb4 in list (ac=0, av=0x11fff720) at ipfw2.c:1629
#1  0x120007d10 in ipfw_main (ac=1, av=0x11fff718) at ipfw2.c:3486
#2  0x1200084bc in main (ac=2, av=0x11fff710) at ipfw2.c:3637

-- 
B.Walter                   BWCT                http://www.bwct.de
ticso@bwct.de                                  info@bwct.de