Subject: kern/3408: spp_output causes vm_fault anytime
To: None <gnats-bugs@gnats.netbsd.org>
From: None <koji@math.human.nagoya-u.ac.jp>
List: netbsd-bugs
Date: 03/29/1997 20:25:29
>Number: 3408
>Category: kern
>Synopsis: spp_output causes vm_fault anytime
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people (Kernel Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Mar 29 04:20:04 1997
>Last-Modified:
>Originator: Koji Imada - je4owb/2
>Organization:
Mathematics Group of Graduate School of Human
Infomatics, Nagoya University, Japan.
>Release: 1.2_BETA
>Environment:
System: NetBSD bimota 1.2 NetBSD 1.2 (BIMOTA) #0: Fri Mar 28 07:10:55 JST 1997 koji@bimota:/mnt2/NetBSD/usr/NetBSD/src/sys/arch/i386/compile/BIMOTA i386
>Description:
When initiating spp connection, spp_output which try to send
first packet causes vm_fault any time. Also host listening to
spp connection(AF_NS, SOCK_STREAM/SOCK_SEQPACKET) would
panic(vm_fault) when responding spp connection. This problem
remains in current of Mar. 23, 1997 too.
>How-To-Repeat:
Set xns address to network interface using ifconfg. Then, Just
make spp(AF_NS, SOCK_STREAM/SOCK_SEQPACKET) connection to any
host. It's enough to cause vm_fault.
>Fix:
Apply following diffs
*** sys/netns/spp_usrreq.c.orig Fri Mar 28 05:52:10 1997
--- sys/netns/spp_usrreq.c Fri Mar 28 05:53:15 1997
***************
*** 742,751 ****
#endif
{
register struct sppcb *cb = NULL;
! struct socket *so = cb->s_nspcb->nsp_socket;
register struct mbuf *m;
register struct spidp *si = (struct spidp *) 0;
! register struct sockbuf *sb = &so->so_snd;
int len = 0, win, rcv_win;
short span, off, recordp = 0;
u_short alo;
--- 742,751 ----
#endif
{
register struct sppcb *cb = NULL;
! struct socket *so;
register struct mbuf *m;
register struct spidp *si = (struct spidp *) 0;
! register struct sockbuf *sb;
int len = 0, win, rcv_win;
short span, off, recordp = 0;
u_short alo;
***************
*** 761,766 ****
--- 761,768 ----
cb = va_arg(ap, struct sppcb *);
va_end(ap);
+ so = cb->s_nspcb->nsp_socket;
+ sb = &so->so_snd;
if (m0) {
int mtu = cb->s_mtu;
>Audit-Trail:
>Unformatted: