Bug 112004 - pppd receives error "Couldn't get channel number: bad address"
Summary: pppd receives error "Couldn't get channel number: bad address"
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel   
(Show other bugs)
Version: 3.0
Hardware: ia64
OS: Linux
Target Milestone: ---
Assignee: Neil Horman
QA Contact: Brian Brock
Depends On:
Blocks: 168424
TreeView+ depends on / blocked
Reported: 2003-12-12 19:12 UTC by Brian Vandecoevering
Modified: 2007-11-30 22:06 UTC (History)
7 users (show)

Fixed In Version: RHSA-2006-0144
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-15 15:33:33 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch to correct use of put_user in ppp.o module (1014 bytes, patch)
2005-08-12 15:25 UTC, Neil Horman
no flags Details | Diff
patch with correct fix for put_user on ia64 (943 bytes, patch)
2005-08-24 13:22 UTC, Neil Horman
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0144 qe-ready SHIPPED_LIVE Moderate: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 7 2006-03-15 05:00:00 UTC

Description Brian Vandecoevering 2003-12-12 19:12:11 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
When executing pppd to connect to a remote server we get the 
following error:

Couldn't get channel number: Bad address

Afer further investigation and research on the internet I found there 
is a problem with the ppp_async module and that it could be fixed by 
replacing put_user with copy_to_user in a few of the ioctl calls.

I have made the modifications to the code thanks to a patch sent to 
me by an unknown source and it fixes the problem.  Unfortunately, 
asking our customers to rebuild the modules in the kernel is not an 
acceptable solution.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Make a modem connection to a remote server
2.run: pppd /dev/ttyS1 115200 -detach .......

Actual Results:  Couldn't get channel number: bad address

Expected Results:  pppd to return without error and a new ppp0 entry 
to show up when typing ifconfig

Additional info:

Comment 1 Thomas Woerner 2004-06-07 15:56:04 UTC
Do you had to modify kernel modules?

Comment 2 Jason Baron 2004-10-21 17:24:19 UTC
Brian, could you please attach the patch that you reference. thanks.

Comment 4 Jason Baron 2005-02-16 18:42:02 UTC
Brian, can we get a pointer to that patch? thanks.

Comment 10 Neil Horman 2005-08-12 15:25:05 UTC
Created attachment 117674 [details]
patch to correct use of put_user in ppp.o module

Think I've found the problem.  Its described pretty accurately here:

The problem appears to be that registers get inappropriately clobbered when
functions are inlined as arguments to put_user (specifically to
__put_user_check).  The solution seems to be to make local copies of the passed
in arguments so as to avoid the register clobbering.  The fix, as proposed
works well in my test case.  Given the relative maturity of RHEL3 however, I'd
be nervous about proposing a modification to such a widely used macro w/o a lot
more testing.  Given that, I think the easier solution for the problem at hand
would be to simply move the inlined functions out of the put_user/get_user
macros in the ppp module, as this patch does.  It also passes my test case, and
I'm waiting for confirmation from the reporter now.

Comment 12 Neil Horman 2005-08-24 13:22:02 UTC
Created attachment 118056 [details]
patch with correct fix for put_user on ia64

Consensus on review was that this should probably be fixed the right way. 
Fixing __put_user_check so that passing in functions as the value to copy
worked, outweighed the potential risk of modifiying such a pervasive function. 
This patch corrects __put_user_check so that passed in functions are evaluated
prior to being passed to __put_user_size.

Comment 13 Ernie Petrides 2005-09-15 04:07:51 UTC
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.2.EL).

Comment 22 Red Hat Bugzilla 2006-03-15 15:33:33 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.