This is the mail archive of the
ecos-devel@sourceware.org
mailing list for the eCos project.
RE: RFC: bsd_tcp patch on in.c
- From: Bernd Edlinger <bernd dot edlinger at hotmail dot de>
- To: Lambrecht Jürgen <j dot lambrecht at televic dot com>, "ecos-devel at ecos dot sourceware dot org" <ecos-devel at ecos dot sourceware dot org>
- Date: Thu, 27 Jun 2013 15:43:31 +0200
- Subject: RE: RFC: bsd_tcp patch on in.c
- References: <51CC20E1 dot 3090502 at televic dot com>
Hi Jürgen,
> The patch below we already use since 2006.
> We had problems with the TCP/IP stack directly after booting because it
> already received packets before being initialized completely.
> Here our CVS log:
>
> move
> splx(s);
> from line 682 to line 739
> so that tcp/ip stack has started up before the ethernet driver is released
> (else the not-ready stack will already receive packets)
>
> Do you agree this is a valid patch?
that is hard to tell - probably it is not necessary to lock anything here,
especially because the in_control() does many things
with the in_ifaddrhead list, without any lock. It just locks when it
adds/removes entries from that list, which is really the bare minimum.
I had similar problems however: an ICMP packet arriving while there
was zero interface addresses registered. => NULL pointer access in sys/netinet/ip_icmp.c
see the hunk at ip_icmp.c, lines 651-656. This means that the packet may
arrive well before in_ifinit is called. Even before line 293 of in.c enters the address to the list:
this place is locked with splnet however.
That null pointer access became only apparent after I changed the MMU to exclude page zero,
because usually the arm processor would silently allow read accesses to the ISR table.
See my patch at http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001649 for details
on "MMU: added Access Protection against NULL-Pointer accesses".
Before I had invented that patch it was really hard to find such hideous bugs.
Regards
Bernd Edlinger