From owner-freebsd-net@FreeBSD.ORG Fri Jun 6 12:25:42 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 049EA1065678 for ; Fri, 6 Jun 2008 12:25:42 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from mail07.syd.optusnet.com.au (mail07.syd.optusnet.com.au [211.29.132.188]) by mx1.freebsd.org (Postfix) with ESMTP id 728AC8FC22 for ; Fri, 6 Jun 2008 12:25:41 +0000 (UTC) (envelope-from brde@optusnet.com.au) Received: from c220-239-252-11.carlnfd3.nsw.optusnet.com.au (c220-239-252-11.carlnfd3.nsw.optusnet.com.au [220.239.252.11]) by mail07.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m56CPbXS030742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Jun 2008 22:25:38 +1000 Date: Fri, 6 Jun 2008 22:25:37 +1000 (EST) From: Bruce Evans X-X-Sender: bde@delplex.bde.org To: Marc =?iso-8859-1?q?L=F6rner?= In-Reply-To: <200806061025.37856.marc.loerner@hob.de> Message-ID: <20080606221917.A16250@delplex.bde.org> References: <200806051712.47048.marc.loerner@hob.de> <200806060930.28527.marc.loerner@hob.de> <20080606075210.GD67629@server.vk2pj.dyndns.org> <200806061025.37856.marc.loerner@hob.de> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1804253105-1212755137=:16250" Cc: Peter Jeremy , freebsd-net@freebsd.org Subject: Re: Probable Bug in tcp.h X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2008 12:25:42 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-1804253105-1212755137=:16250 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Fri, 6 Jun 2008, Marc [iso-8859-1] L=F6rner wrote: > On Friday 06 June 2008 09:52, Peter Jeremy wrote: >> I gather from this comment that you have some code using struct tcphdr >> that is getting alignment errors. struct tcphdr is extensively used >> in the TCP stack within the kernel so it's likely that any layout or >> alignment problem with it would show up there. I suspect you are >> dereferencing a mis-aligned struct tcphdr. > > The funny thing is that the dereferencing occurs in > "/usr/src/sys/netinet/tcp_input.c" in function tcp_input in line 550: > > =09/* > =09 * Check that TCP offset makes sense, > =09 * pull out TCP options and adjust length.=09=09XXX > =09 */ > =09off =3D th->th_off << 2;=09=09=09=09=09=09=09=09<----- here > =09if (off < sizeof (struct tcphdr) || off > tlen) { > =09=09tcpstat.tcps_rcvbadoff++; > =09=09goto drop; > =09} > > So the misalignment may probably lie in TCP stack? Quite likely. th is normally at offset off0 in ip, where ip is required to be 32-bit aligned (see my previous reply). You can see off0 in a stack trace. Bruce --0-1804253105-1212755137=:16250--