The following reply was made to PR kern/34751; it has been noted by GNATS.

From: Christian Biere <christianbiere@gmx.de>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: kern/34751: regular panics in tcp_sack_option on NetBSD/alpha 3.0_STABLE
Date: Sun, 8 Oct 2006 06:50:46 +0200

 Christian Biere wrote:
 > What about replacing memcpy() + ntohl() with endian-independent code? Does
 > this generate proper assembler code?
 
 Sorry, there were typos (u8 vs. p). Here's a proper patch.
 
 Index: sys/netinet/tcp_sack.c
 ===================================================================
 RCS file: /cvsroot/src/sys/netinet/tcp_sack.c,v
 retrieving revision 1.15
 diff -u -r1.15 tcp_sack.c
 --- sys/netinet/tcp_sack.c	5 Oct 2006 17:35:19 -0000	1.15
 +++ sys/netinet/tcp_sack.c	8 Oct 2006 04:47:16 -0000
 @@ -171,6 +171,16 @@
  /* SACK block pool. */
  POOL_INIT(sackhole_pool, sizeof(struct sackhole), 0, 0, 0, "sackholepl", NULL);
  
 +static inline u_int32_t
 +peek_be32(const void *p)
 +{
 +	const u_int8_t *u8 = p;
 +	return	((u_int32_t) u8[0] << 24) |
 +		((u_int32_t) u8[1] << 16) |
 +		((u_int32_t) u8[2] << 8) |
 +		((u_int32_t) u8[3]);
 +}
 +
  void
  tcp_new_dsack(struct tcpcb *tp, tcp_seq seq, u_int32_t len)
  {
 @@ -223,10 +233,8 @@
  	num_sack_blks = optlen / 8;
  	acked = (SEQ_GT(th->th_ack, tp->snd_una)) ? th->th_ack : tp->snd_una;
  	for (i = 0; i < num_sack_blks; i++, lp += 2) {
 -		memcpy(&left, lp, sizeof(*lp));
 -		memcpy(&right, lp + 1, sizeof(*lp));
 -		left = ntohl(left);
 -		right = ntohl(right);
 +		left = peek_be32(lp);
 +		right = peek_be32(lp + 1);
  
  		if (SEQ_LEQ(right, acked) || SEQ_GT(right, tp->snd_max) ||
  		    SEQ_GEQ(left, right)) {