Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 Nov 2004 22:07:37 +0100 (CET)
From:      Sten Spans <sten@blinkenlights.nl>
To:        John Baldwin <jhb@FreeBSD.org>
Cc:        freebsd-alpha@FreeBSD.org
Subject:   Re: alpha and em mtu
Message-ID:  <Pine.SOC.4.61.0411152205370.1075@tea.blinkenlights.nl>
In-Reply-To: <200411151510.07790.jhb@FreeBSD.org>
References:  <Pine.SOC.4.61.0411142153430.26307@tea.blinkenlights.nl> <Pine.SOC.4.61.0411152030030.29165@tea.blinkenlights.nl> <200411151510.07790.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Mon, 15 Nov 2004, John Baldwin wrote:

> On Monday 15 November 2004 02:34 pm, Sten Spans wrote:
>> On Mon, 15 Nov 2004, John Baldwin wrote:
>>>
>> 548             /*
>> 549              * Check that TCP offset makes sense,
>> 550              * pull out TCP options and adjust length.              XXX
>> 551              */
>> 552             off = th->th_off << 2;
>> 553             if (off < sizeof (struct tcphdr) || off > tlen) {
>> 554                     tcpstat.tcps_rcvbadoff++;
>> 555                     goto drop;
>> 556             }
>>
>>
>> The box that talks to the alpha has mtu 9014, this might
>> help to expose the bug.
>
> It may be that the off0 argument is less than the size of an IP header but is
> not a multiple of 4.  Can you try this to see if it prints anything out
> before crashing:
>
> Index: netinet/tcp_input.c
> ===================================================================
> RCS file: /usr/cvs/src/sys/netinet/tcp_input.c,v
> retrieving revision 1.255
> diff -u -r1.255 tcp_input.c
> --- netinet/tcp_input.c	7 Nov 2004 19:19:35 -0000	1.255
> +++ netinet/tcp_input.c	15 Nov 2004 20:09:27 -0000
> @@ -497,6 +497,8 @@
> 			ip_stripoptions(m, (struct mbuf *)0);
> 			off0 = sizeof(struct ip);
> 		}
> +		if (off0 & 0x3 != 0)
> +			printf("%s: off0 %d is misaligned\n", __func__, off0);
> 		if (m->m_len < sizeof (struct tcpiphdr)) {
> 			if ((m = m_pullup(m, sizeof (struct tcpiphdr))) == 0) {
> 				tcpstat.tcps_rcvshort++;
>

changed to ((off0 & 0x3) != 0), didn't seem to print anything.

-- 
Sten Spans

"There is a crack in everything, that's how the light gets in."
Leonard Cohen - Anthem

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOC.4.61.0411152205370.1075>