Date: Sun, 4 Mar 2001 16:41:25 -0800 (PST) From: raymond@one.com.au To: freebsd-gnats-submit@freebsd.org Subject: alpha/25535: unaligned access crash on stq Message-ID: <200103050041.f250fP281920@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 25535
>Category: alpha
>Synopsis: unaligned access crash on stq
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-alpha
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Mar 04 16:50:03 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Ray Newman
>Release: FreeBSD 4.2-RELEASE alpha
>Organization:
One Management Australia
>Environment:
FreeBSD alpha.local 4.2-RELEASE FreeBSD 4.2-RELEASE #0: Tue Nov 21 09:42:09 GMT 2000 jkh@rawhide.osd.bsdi.com:/usr/src/sys/compile/GENERIC alpha
>Description:
unaligned access crash on stq occurs where address MOD 8 equals 4.
>How-To-Repeat:
// crash.c
//
// Reproduce crash - do the following:
//
// cc -g -o crash crash.c
// ./crash
// lockstart = 0x12001404c
// pid 1804 (crash): unaligned access: va=0x12001404c pc=0x12000096c
// ra=0x120000934 op=stq
//
#include <stdio.h> // always include
#include <stdlib.h> // these two
#include <sys/types.h> // for u_char def
typedef unsigned long long u_int64; // unix unsigned quadword
typedef u_int64 chr_q; // our quadword special
typedef union VAR_U // get at this two ways
{ chr_q var_qu; // variable name (quadword)
u_char var_cu[8]; // variable name (as char[])
} var_u; // variable name union
typedef struct LOCKTAB // internal lock tables
{ struct LOCKTAB *fwd_link; // point at next one
int size; // how many bytes
short job; // int job (-1 = free)
short lock_count; // how many times locked by job
short byte_count; // size of following reference
u_char vol; // vol number
u_char uci; // uci number (255 = local)
var_u name; // var name
u_char key[256]; // and the key
} locktab; // define locktab
typedef struct SYSTAB // system tables
{ void *jobtab; // address of jobtab
int maxjob; // maximum jobs permitted
int sem_id; // GBD semaphore id
int historic; // Enn, tag+off, $NEXT etc
int max_tt; // max TRANTAB used
int start_user; // he's priv too
void *lockstart; // head of lock table
int locksize; // how many bytes
locktab *lockhead; // head of used locks
locktab *lockfree; // head of lock free space
void *vol[1]; // array of vol ptrs
u_int last_blk_used[1]; // actually setup for real jobs
} systab_struct; // end of systab
int main(int argc,char **argv) // main entry point
{ int c = 8192; // for case
struct SYSTAB *systab; // for test
systab = malloc(sizeof(struct SYSTAB) + c);
bzero(systab, sizeof(struct SYSTAB) + c);
systab->lockstart = ((char *) systab->last_blk_used + 4);
printf("lockstart = %p\n", systab->lockstart);
systab->locksize = c; // the size
systab->lockhead = NULL; // no locks currently
systab->lockfree = (locktab *) systab->lockstart; // free space
systab->lockfree->fwd_link = NULL; // only one
systab->lockfree->size = c;
c = 0;
exit (0);
}
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-alpha" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103050041.f250fP281920>