From owner-freebsd-net@FreeBSD.ORG Fri Jun 6 08:25:58 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CF8791065671 for ; Fri, 6 Jun 2008 08:25:58 +0000 (UTC) (envelope-from marc.loerner@hob.de) Received: from mailgate.hob.de (mailgate.hob.de [212.185.199.3]) by mx1.freebsd.org (Postfix) with ESMTP id 857FD8FC18 for ; Fri, 6 Jun 2008 08:25:58 +0000 (UTC) (envelope-from marc.loerner@hob.de) Received: from imap.hob.de (mail2.hob.de [172.25.1.102]) by mailgate.hob.de (Postfix) with ESMTP id A48A752005A; Fri, 6 Jun 2008 10:25:57 +0200 (CEST) Received: from [172.22.0.190] (linux03.hob.de [172.22.0.190]) by imap.hob.de (Postfix on SuSE eMail Server 2.0) with ESMTP id 0EC0FFD3AA; Fri, 6 Jun 2008 10:25:57 +0200 (CEST) From: Marc =?iso-8859-1?q?L=F6rner?= Organization: hob To: Peter Jeremy Date: Fri, 6 Jun 2008 10:25:37 +0200 User-Agent: KMail/1.6.2 References: <200806051712.47048.marc.loerner@hob.de> <200806060930.28527.marc.loerner@hob.de> <20080606075210.GD67629@server.vk2pj.dyndns.org> In-Reply-To: <20080606075210.GD67629@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Message-Id: <200806061025.37856.marc.loerner@hob.de> Cc: freebsd-net@freebsd.org Subject: Re: Probable Bug in tcp.h X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2008 08:25:58 -0000 On Friday 06 June 2008 09:52, Peter Jeremy wrote: > On 2008-Jun-06 09:30:28 +0200, Marc Lörner wrote: > >th_x2 and th_off are created as a bitfield. But C-Standard says that > >bitfields are accessed as integers => 4-bytes > > > >On itanium integers are read with ld4-command but the address of > >th_x2/th_off may not be aligned to 4-bytes => we get an unaligned > >reference fault. > > If the C compiler chooses to implement bitfields as a subset of a > 32-bit integers, it is up to it to load an aligned 32-bit integer > and shift/mask the result appropriately to extract the fields. > > In this particular case, th_x2/th_off are immediately preceeded by > a tcp_seq (u_int32_t) field and so will have 32-bit alignment. Note > that the presence of 32-bit fields in the definition for struct tcphdr > means that the struct must be aligned to at least 32 bits. > > >If we'd change to 1 byte-accesses => I won't get any misaligned faults > >anymore. > > I gather from this comment that you have some code using struct tcphdr > that is getting alignment errors. struct tcphdr is extensively used > in the TCP stack within the kernel so it's likely that any layout or > alignment problem with it would show up there. I suspect you are > dereferencing a mis-aligned struct tcphdr. The funny thing is that the dereferencing occurs in "/usr/src/sys/netinet/tcp_input.c" in function tcp_input in line 550: /* * Check that TCP offset makes sense, * pull out TCP options and adjust length. XXX */ off = th->th_off << 2; <----- here if (off < sizeof (struct tcphdr) || off > tlen) { tcpstat.tcps_rcvbadoff++; goto drop; } So the misalignment may probably lie in TCP stack?