Date: Tue, 18 Sep 2012 15:53:09 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: attilio@FreeBSD.org Cc: arch@FreeBSD.org Subject: Re: Aliasing issue with TAILQ on ppc64 ? Message-ID: <22286.1347983589@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 18 Sep 2012 16:44:08 %2B0100." <CAJ-FndCsf2Xsn=1ioHyr_tn3-yAFOE7E9-wrjp4rcQJajhZvpg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <CAJ-FndCsf2Xsn=1ioHyr_tn3-yAFOE7E9-wrjp4rcQJajhZvpg@mail.gmail.com>
, Attilio Rao writes:
>The only way I can see this
>code is safe is, infact, to lock it with proper locks around the
>operations.
This is not about locking: at the time where this croaks there is
only one thread.
The problem is that:
// Empty, freshly initialized ban_head
b = valid_ban_object();
TAILQ_INSERT_HEAD(&ban_head, b, list);
be = TAILQ_LAST(&ban_head, banhead_s);
Causes a sig#11 in TAILQ_LAST().
I belive it is a NULL dereference, and I belive it happens
because the compiler overoptimizes TAILQ_{LAST|PREV}()
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22286.1347983589>