QL TK2 Network bug...
Posted: Thu Sep 23, 2021 11:41 pm
Hi everyone!
During my on-going development of the QLUB Adapter project, I have come across a rather nasty bug in the TK2 network driver and thought to share it here as I hadn't read about it anywhere else.
The bug won't adversely affect a QL running the native QDOS network driver, only where both the sending and receiving stations are running the enhanced TK2 driver. The issue only upsets the receiving station, arises only in a very specific scenario and, even then, you may get lucky. Read on if you rely on the QL Network with TK2.
The Sinclair Network Standard defines a byte-sized count (NBYT) within the 8-byte packet header defining the size of the packet to follow. Valid ranges are 1-255 as zero shouldn't happen in normal use. The one time a zero-sized packet can and will occur is when a simple output NET channel is opened, and then closed immediately without sending any bytes. TT comments in his notes in the TK2 network description on what happens - namely that a 256-byte packet is actually transmitted (with 'dummy' data).
Whilst untidy, this isn't a real problem as the NET input channel always has at least (255 + a bit) bytes available in the receive buffer within it's Channel Definition Block, so nothing important get's smashed when this slightly over-sized dummy data-packet is received. Furthermore, the actual SERIO QDOS routine around which the NET driver is built will still recognise zero new bytes available, so no real harm done.
Introduce the brilliant TK2 NET driver and, in order to accommodate the large FSERVE packets (4-1020 bytes), the byte-sized count within the header is extended to word-size and tested as such (subq.w #1,d2, bne.s <nextByte>) to determine when all bytes have been sent (or received.)
So, returning to our prematurely closed NET output channel, now we see an uber-large 64kB packet transmitted - and dutifully received at the other-end. Bam! Anything interesting within the Channel Definition area beyond the NET CDB or within 64kB higher in memory will get smashed.
Mind-you, you do get a whopping 6.3 KBps out of the network at this size of packet, albeit, short-lived...
Anyhow, forewarned is fore-armed, as they say.
Meanwhile, back to debugging my next QLUB Net driver release...
During my on-going development of the QLUB Adapter project, I have come across a rather nasty bug in the TK2 network driver and thought to share it here as I hadn't read about it anywhere else.
The bug won't adversely affect a QL running the native QDOS network driver, only where both the sending and receiving stations are running the enhanced TK2 driver. The issue only upsets the receiving station, arises only in a very specific scenario and, even then, you may get lucky. Read on if you rely on the QL Network with TK2.
The Sinclair Network Standard defines a byte-sized count (NBYT) within the 8-byte packet header defining the size of the packet to follow. Valid ranges are 1-255 as zero shouldn't happen in normal use. The one time a zero-sized packet can and will occur is when a simple output NET channel is opened, and then closed immediately without sending any bytes. TT comments in his notes in the TK2 network description on what happens - namely that a 256-byte packet is actually transmitted (with 'dummy' data).
Whilst untidy, this isn't a real problem as the NET input channel always has at least (255 + a bit) bytes available in the receive buffer within it's Channel Definition Block, so nothing important get's smashed when this slightly over-sized dummy data-packet is received. Furthermore, the actual SERIO QDOS routine around which the NET driver is built will still recognise zero new bytes available, so no real harm done.
Introduce the brilliant TK2 NET driver and, in order to accommodate the large FSERVE packets (4-1020 bytes), the byte-sized count within the header is extended to word-size and tested as such (subq.w #1,d2, bne.s <nextByte>) to determine when all bytes have been sent (or received.)
So, returning to our prematurely closed NET output channel, now we see an uber-large 64kB packet transmitted - and dutifully received at the other-end. Bam! Anything interesting within the Channel Definition area beyond the NET CDB or within 64kB higher in memory will get smashed.
Mind-you, you do get a whopping 6.3 KBps out of the network at this size of packet, albeit, short-lived...
Anyhow, forewarned is fore-armed, as they say.
Meanwhile, back to debugging my next QLUB Net driver release...