From owner-freebsd-bugs  Mon Jul 27 18:41:18 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id SAA05602
          for freebsd-bugs-outgoing; Mon, 27 Jul 1998 18:41:18 -0700 (PDT)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA05593
          for <freebsd-bugs@FreeBSD.org>; Mon, 27 Jul 1998 18:41:12 -0700 (PDT)
          (envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id SAA02098;
	Mon, 27 Jul 1998 18:40:01 -0700 (PDT)
Received: (from nobody@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id SAA04111;
          Mon, 27 Jul 1998 18:32:37 -0700 (PDT)
          (envelope-from nobody)
Message-Id: <199807280132.SAA04111@hub.freebsd.org>
Date: Mon, 27 Jul 1998 18:32:37 -0700 (PDT)
From: ioannis@andrew.cmu.edu, pnm@andrew.cmu.edu
To: freebsd-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: www-1.0
Subject: i386/7420: Maximum socket buffer size (SB_MAX) could not go higher than 2^21
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         7420
>Category:       i386
>Synopsis:       Maximum socket buffer size (SB_MAX) could not go higher than 2^21
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 27 18:40:00 PDT 1998
>Last-Modified:
>Originator:     Yannis Pavlidis, Parag Manihar
>Organization:
Carnegie Mellon University
>Release:        2.2.6
>Environment:
FreeBSD z3.ini.cmu.edu 2.2.6-RELEASE FreeBSD 2.2.6-RELEASE #4: Mon Jul 27 21:07:57 EDT 1998     root@z3.ini.cmu.edu:/usr/src/sys/compile/Z3  i386

>Description:
Hi,

I was trying to increase the maximum socket buffer size (SB_MAX or kern.maxsockbuf)
in my kernel and I realized that the maximum I could go was: 2097151 (2^21 - 1).
If the SB_MAX was >= 2^21 I could not open any socket.

After spending a lot of time I realised that in the file:

kern/uipc_socket2.c in the sbreserve function there is the following line:

if (cc > sb_max * MCLBYTES / (MSIZE + MCLBYTES))

Taking into account that the highest number we can have is 2^32 -1 and that

MCLBYTES = 2048 = 2^11 it is obvious that if sb_max was 2^21 we would have
an overflow (sb_max * MCLBYTES = 2^21 * 2^11 = 2^32 overflow)


>How-To-Repeat:

>Fix:
The above can be easily corrected by replacing the above line with the 
following:

if (cc > (sb_max / (MSIZE + MCLBYTES)) * MCLBYTES)

In this case we can have SB_MAX with greater values.

Thanks.
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message