From owner-freebsd-current Tue Apr 4 7:14:19 2000 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.freebsd.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id C783E37B778; Tue, 4 Apr 2000 07:14:12 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (hak.nat.Awfulhak.org [172.31.0.12]) by storm.FreeBSD.org.uk (8.9.3/8.9.3) with ESMTP id PAA68337; Tue, 4 Apr 2000 15:14:07 +0100 (BST) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.9.3/8.9.3) with ESMTP id OAA04021; Tue, 4 Apr 2000 14:59:24 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200004041359.OAA04021@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Gary Jennejohn Cc: Maxim Sobolev , current@FreeBSD.ORG, brian@FreeBSD.ORG, brian@hak.lan.Awfulhak.org Subject: Re: PPP segfaulting In-Reply-To: Message from Gary Jennejohn of "Tue, 04 Apr 2000 11:01:32 +0200." <200004040901.LAA26278@peedub.muc.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 04 Apr 2000 14:59:24 +0100 From: Brian Somers Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sorry, I should have done more than a few greps when reviewing this. The slcompress code is diving into the TCP header that comes after the IP header.... There's some nasty stuff going on here between vjcomp.c and slcompress.c - namely, the pointer passed into sl_uncompress_tcp is expected to have MAX_HDR bytes preceeding it (for compressed packets) and slcs_u::csu_ip therefore needs to be more than just an IP header. > Maxim Sobolev writes: > >Hi, > > > >The ppp built from the just cvsup'ed -current sources segfaulting. Following i > >s > >backtrace. Please contact me of some additional debugging info will be > >necessary. > > > >-Maxim > > > >PPP ON vega> > >Program received signal SIGSEGV, Segmentation fault. > >0x806e98e in sl_compress_tcp (m=0x809e000, ip=0x809e01c, comp=0x808583c, > > slstat=0x808900c, compress_cid=0) at slcompress.c:177 > >177 if (ip->ip_src.s_addr != cs->cs_ip.ip_src.s_addr || > >(gdb) bt > >#0 0x806e98e in sl_compress_tcp (m=0x809e000, ip=0x809e01c, comp=0x808583c, > > slstat=0x808900c, compress_cid=0) at slcompress.c:177 > >#1 0x8071f70 in vj_LayerPush (bundle=0x80853a0, l=0x8093000, bp=0x809e000, > > pri=0, proto=0xbfbff41e) at vjcomp.c:73 > >#2 0x8064e0f in link_PushPacket (l=0x8093000, bp=0x809e000, b=0x80853a0, > > pri=0, proto=33) at link.c:225 > >#3 0x805fe46 in ip_PushPacket (l=0x8093000, bundle=0x80853a0) at ip.c:733 > >#4 0x804bf5e in bundle_FillQueues (bundle=0x80853a0) at bundle.c:414 > >#5 0x804bfc7 in bundle_UpdateSet (d=0x80853a0, r=0xbfbff5e8, w=0xbfbff568, > > e=0xbfbff4e8, n=0xbfbff4e0) at bundle.c:437 > >#6 0x80670af in DoLoop (bundle=0x80853a0) at main.c:517 > >#7 0x8067028 in main (argc=2, argv=0xbfbff804) at main.c:495 > >#8 0x804a85d in _start () > > > > Sorry, it looks like removing csu_hdr wasn't such a good idea after all. > Apparently the m_pullup of the mbuf makes it necessary to have at least > 128 bytes available in cspace. My bad :( I'll back out my changes. > > Try this patch, which basically reverts my modification: > > --- /usr/src/usr.sbin/ppp/slcompress.h.orig Tue Apr 4 10:48:59 2000 > +++ /u8/tmp/src/usr.sbin/ppp/slcompress.h Sat Aug 28 03:18:44 1999 > @@ -16,7 +16,7 @@ > * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED > * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. > * > - * $FreeBSD: src/usr.sbin/ppp/slcompress.h,v 1.14 2000/04/03 19:54:33 gj Exp $ > + * $FreeBSD: src/usr.sbin/ppp/slcompress.h,v 1.13 1999/08/28 01:18:44 peter Exp $ > * > * Van Jacobson (van@helios.ee.lbl.gov), Dec 31, 1989: > * - Initial distribution. > @@ -102,8 +102,14 @@ > u_short cs_hlen; /* size of hdr (receive only) */ > u_char cs_id; /* connection # associated with this state */ > u_char cs_filler; > - struct ip cs_ip; /* ip/tcp hdr from most recent packet */ > + union { > + char csu_hdr[MAX_HDR]; > + struct ip csu_ip; /* ip/tcp hdr from most recent packet */ > + } slcs_u; > }; > + > +#define cs_ip slcs_u.csu_ip > +#define cs_hdr slcs_u.csu_hdr > > /* > * all the state data for one serial line (we need one of these > > --- > Gary Jennejohn / garyj@muc.de gj@freebsd.org -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message