Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 05 Sep 1998 14:10:30 -0700
From:      Mike Haertel <mike@ducky.net>
To:        current@FreeBSD.ORG
Cc:        dfr@nlsystems.com, wollman@khavrinen.lcs.mit.edu
Subject:   DANGER: new IP fragment code breaks SLIP
Message-ID:  <199809052110.OAA00369@ducky.net>
next in thread | raw e-mail | index | archive | help 
I've been experiencing crashes with recent 3.0 kernels using SLIP
based dialin networking.  Haven't had time yet to set up kernel
debugging, however I spent a half an hour doing binary search via
kernel builds on recent CVS commits.  The bug is either contained
in, or perhaps exposed by, the following commit:

>dfr         1998/08/24 00:47:39 PDT
>
>  Modified files:
>    sys/sys              mbuf.h 
>    sys/netinet          ip_input.c ip_var.h tcp_input.c 
>                         tcp_subr.c tcp_var.h udp_usrreq.c 
>  Log:
>  Re-implement tcp and ip fragment reassembly to not store pointers in the
>  ip header which can't work on alpha since pointers are too big.
>  
>  Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
>  
>  Revision  Changes    Path
>  1.29      +5 -1      src/sys/sys/mbuf.h
>  1.100     +80 -90    src/sys/netinet/ip_input.c
>  1.45      +3 -32     src/sys/netinet/ip_var.h
>  1.80      +49 -38    src/sys/netinet/tcp_input.c
>  1.46      +12 -15    src/sys/netinet/tcp_subr.c
>  1.48      +2 -13     src/sys/netinet/tcp_var.h
>  1.48      +3 -6      src/sys/netinet/udp_usrreq.c

Here's how I can reliably reproduce the crash:

1.  reboot my system normally.  as part of my boot process,
my system automatically dials up and slattaches (on sl0) my
permanent network link.

2.  dial in to my employer's dialin (behind a firewall),
and slattach via sl1.  the slattach works ok.

3.  attempt an ssh login to a machine in my employer's network,
via the sl1 interface.  this reliably either hangs or crashes
the machine.

Some further comments:

3a.  usually after establishing the sl1 connection, I can
telnet a few times before crashing the machine.  however attempting
an ssh login to the remote site always crashes the machine
instantly.  i hypothesize that the cause is large packets
containing public key challenges sent by ssh.

3b.  i haven't tried to reproduce the bug using just one
SLIP connection.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809052110.OAA00369>