Hi,
I have encountered your same problem.
I made a little change at the function pbuf_alloc() (pbuf.c file):
Original (1.2.0 version), line 254:
/* make the payload pointer point 'offset' bytes into pbuf data memory */
p->payload = MEM_ALIGN((void *)((u8_t *)p + (sizeof(struct pbuf) +
offset)));
LWIP_ASSERT("pbuf_alloc: pbuf p->payload properly aligned",
((mem_ptr_t)p->payload % MEM_ALIGNMENT) == 0);
/* the total length of the pbuf chain is the requested size */
p->tot_len = length;
/* set the length of the first pbuf in the chain */
p->len = length > PBUF_POOL_BUFSIZE - offset? PBUF_POOL_BUFSIZE - offset:
length;
/* set reference count (needed here in case we fail) */
p->ref = 1;
After the change (modified or added lines maked with ‘=>’):
/* make the payload pointer point 'offset' bytes into pbuf data memory
*/
=> p->payload = MEM_ALIGN((void *)((u8_t *)p + sizeof(struct pbuf)));
=> p->payload = MEM_ALIGN((void *)((u8_t *)p->payload + offset));
=> offset = (u8_t *) p->payload - (u8_t *)MEM_ALIGN((void *)((u8_t *)p +
sizeof(struct pbuf)));
LWIP_ASSERT("pbuf_alloc: pbuf p->payload properly aligned",
((mem_ptr_t)p->payload % MEM_ALIGNMENT) == 0);
/* the total length of the pbuf chain is the requested size */
p->tot_len = length;
/* set the length of the first pbuf in the chain */
p->len = length > PBUF_POOL_BUFSIZE - offset? PBUF_POOL_BUFSIZE - offset:
length;
/* set reference count (needed here in case we fail) */
p->ref = 1;
In my opinion in the original version the value assigned to p->len can be too
large (p->payload + p->len > p->next) and can cause writing, and corruption, of
data located at address beyond the top border of the allocated pbuf.
Now it work.
I am not a lwIP expert so I cannot guarantee if this modify work on cases
different from mine.
Regards,
Danilo
________________________________
Da: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Per conto di [EMAIL PROTECTED]
Inviato: venerdì 23 novembre 2007 4.27
A: Mailing list for lwIP users
Oggetto: Re:RE : [lwip-users] Ping target ip address with a packet data bigthan
1500
Thanks for your reply,
my target board just set up a netif with ip adress 192.168.2.13, then,PC ping
target board with command:
ping 192.168.2.13 -l 1400
lwip debug imformation is:
pbuf_alloc(length=1442)
pbuf_alloc: allocated pbuf 00209568
pbuf_alloc(length=1442) == 00209568
tcpip_thread: PACKET 00208400
etharp_ip_input: updating ETHARP table.
update_arp_entry()
update_arp_entry: 192.168.2.164 - 00:19:db:56:f1:83
update_arp_entry: updating stable entry 1
pbuf_header: old 00209578 new 00209586 (-14)
ip_input: iphdr->dest 0xd02a8c0 netif->ip_addr 0xd02a8c0 (0x2a8c0,
0x2a8c0, 0xd000000)
ip_input: packet accepted on interface en
ip_input:
IP header:
+-------------------------------+
| 4 | 5 | 0x00 | 1428 | (v, hl, tos, len)
+-------------------------------+
| 55086 |000| 0 | (id, flags, offset)
+-------------------------------+
| 64 | 1 | 0x1839 | (ttl, proto, chksum)
+-------------------------------+
| 192 | 168 | 2 | 164 | (src)
+-------------------------------+
| 192 | 168 | 2 | 13 | (dest)
+-------------------------------+
ip_input: p->len 114 p->tot_len 1428
pbuf_header: old 00209586 new 0020959a (-20)
icmp_input: ping
pbuf_header: old 0020959a new 00209578 (34)
pbuf_header: old 00209578 new 0020959a (-34)
pbuf_header: old 0020959a new 00209586 (20)
ip_output_if: en0
IP header:
+-------------------------------+
| 4 | 5 | 0x00 | 1428 | (v, hl, tos, len)
+-------------------------------+
| 55086 |000| 0 | (id, flags, offset)
+-------------------------------+
| 255 | 1 | 0x5938 | (ttl, proto, chksum)
+-------------------------------+
| 192 | 168 | 2 | 13 | (src)
+-------------------------------+
| 192 | 168 | 2 | 164 | (dest)
+-------------------------------+
netif->output()pbuf_header: old 00209586 new 00209578 (14)
etharp_query: sending packet 00209568
pbuf_free(00209568)
pbuf_free: deallocating 00209568
pbuf_free: deallocating 00209644
pbuf_free: deallocating 00209720
pbuf_free: deallocating 002097fc
pbuf_free: deallocating 002098d8
pbuf_free: deallocating 002099b4
pbuf_free: deallocating 00209a90
pbuf_free: deallocating 00209b6c
pbuf_free: deallocating 00209c48
pbuf_free: deallocating 00209d24
pbuf_free: deallocating 00209e00
pbuf_free: deallocating 00209edc
when command is:
ping 192.168.2.13 -l 1500
debug information is:
pbuf_alloc(length=1514)
pbuf_alloc: allocated pbuf 00209e00
pbuf_alloc(length=1514) == 00209e00
pbuf_alloc(length=62)
pbuf_alloc: allocated pbuf 0020948c
pbuf_alloc(length=62) == 0020948c
tcpip_thread: PACKET 002083c0
etharp_ip_input: updating ETHARP table.
update_arp_entry()
update_arp_entry: 192.168.2.164 - 00:19:db:56:f1:83
update_arp_entry: updating stable entry 1
pbuf_header: old 00209e10 new 00209e1e (-14)
then, it doesn't works!
在2007-11-22,"Frédéric BERNON" <[EMAIL PROTECTED]> 写道:
Hi,
Thank you to report these little problems. I just fix 1), 2) and 3).
About 4), when you said a "1500 data packet", do you talk about the ICMP
payload, or the whole frame ? (perhaps post a capture file to be sure).
I remember there was a change on ICMP processing for such case. I will take a
look this evening...
<http://g1a51.mail.126.com/a/s?func=mbox:getMessageData&sid=IBnlCrEEfAKcOIlmZrEEIfJReWHjrPBE&mid=102:1tbiZhZFRERFEVXsHAAAsE&part=3>
<http://g1a51.mail.126.com/a/s?func=mbox:getMessageData&sid=IBnlCrEEfAKcOIlmZrEEIfJReWHjrPBE&mid=102:1tbiZhZFRERFEVXsHAAAsE&part=4>
====================================
Frédéric BERNON
HYMATOM SA
Chef de projet informatique
Microsoft Certified Professional
Tél. : +33 (0)4-67-87-61-10
Fax. : +33 (0)4-67-70-85-44
Email : [EMAIL PROTECTED]
Web Site : http://www.hymatom.fr <http://www.hymatom.fr/>
====================================
P Avant d'imprimer, penser à l'environnement
-----Message d'origine-----
De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de embed9527
Envoyé : jeudi 22 novembre 2007 03:39
À : [email protected]
Objet : [lwip-users] Ping target ip address with a packet data big than
1500
Hello everybody,
First of all, I am sorry to tell you my poor English skills.
Therefore, if the expression unclear where to pay more attention to
understanding.
I'm using lwip with cvs head updated daily, and I have some some issues
of concern:
1)、File init.c line 100-105, it lost two ", but it hasn't any error or
warning when
compiler.
2)、File init.c line 124, it uses DHCP_AUTOIP_COOP, maybe it is a error,
I change it
with LWIP_DHCP_AUTOIP_COOP.
3)、File init.c line 143, it uses LWIP_PPP, but not define anywhere. I
change it with
PPP_SUPPORT.
4)、When I ping target with a 1500-data packet, lwip then dies and
doesn't work anymore.
Thanks.
--------------------------------------------------------------------
CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons above and
may contain confidential information. If you have received the message in
error, be informed that any use of the content hereof is prohibited. Please
return it immediately to the sender and delete the message. Should you have any
questions, please contact us by replying to [EMAIL PROTECTED]
Thank you
www.telecomitalia.it
--------------------------------------------------------------------
_______________________________________________
lwip-users mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/lwip-users
