Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 4 Mar 2001 16:41:25 -0800 (PST)
From:      raymond@one.com.au
To:        freebsd-gnats-submit@freebsd.org
Subject:   alpha/25535: unaligned access crash on stq
Message-ID:  <200103050041.f250fP281920@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         25535
>Category:       alpha
>Synopsis:       unaligned access crash on stq
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-alpha
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 04 16:50:03 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Ray Newman
>Release:        FreeBSD 4.2-RELEASE alpha
>Organization:
One Management Australia
>Environment:
FreeBSD alpha.local 4.2-RELEASE FreeBSD 4.2-RELEASE #0: Tue Nov 21 09:42:09 GMT 2000     jkh@rawhide.osd.bsdi.com:/usr/src/sys/compile/GENERIC  alpha

>Description:
unaligned access crash on stq occurs where address MOD 8 equals 4.
>How-To-Repeat:
// crash.c
//
// Reproduce crash - do the following:
//
// cc -g -o crash crash.c
// ./crash
// lockstart = 0x12001404c
// pid 1804 (crash): unaligned access: va=0x12001404c pc=0x12000096c
// ra=0x120000934 op=stq
//

#include <stdio.h>                              // always include
#include <stdlib.h>                             // these two
#include <sys/types.h>                          // for u_char def

typedef unsigned long long      u_int64;        // unix unsigned quadword
typedef u_int64 chr_q;                          // our quadword special

typedef union VAR_U                             // get at this two ways
{ chr_q var_qu;                                 // variable name (quadword)
  u_char var_cu[8];                             // variable name (as char[])
} var_u;                                        // variable name union

typedef struct LOCKTAB                          // internal lock tables
{ struct LOCKTAB *fwd_link;                     // point at next one
  int size;                                     // how many bytes
  short job;                                    // int job (-1 = free)
  short lock_count;                             // how many times locked by job
  short byte_count;                             // size of following reference
  u_char vol;                                   // vol number
  u_char uci;                                   // uci number (255 = local)
  var_u name;                                   // var name
  u_char key[256];                              // and the key
} locktab;                                      // define locktab

typedef struct SYSTAB                           // system tables
{ void *jobtab;                                 // address of jobtab
  int maxjob;                                   // maximum jobs permitted
  int sem_id;                                   // GBD semaphore id
  int historic;                                 // Enn, tag+off, $NEXT etc
  int max_tt;                                   // max TRANTAB used
  int start_user;                               // he's priv too
  void *lockstart;                              // head of lock table
  int locksize;                                 // how many bytes
  locktab *lockhead;                            // head of used locks
  locktab *lockfree;                            // head of lock free space
  void *vol[1];                        		// array of vol ptrs
  u_int last_blk_used[1];                       // actually setup for real jobs
} systab_struct;                                // end of systab


int main(int argc,char **argv)                  // main entry point
{ int c = 8192;                                 // for case 
  struct SYSTAB *systab;			// for test

  systab = malloc(sizeof(struct SYSTAB) + c);
  bzero(systab, sizeof(struct SYSTAB) + c);

  systab->lockstart = ((char *) systab->last_blk_used + 4);

  printf("lockstart = %p\n", systab->lockstart);

  systab->locksize = c;                  	// the size
  systab->lockhead = NULL;                      // no locks currently

  systab->lockfree = (locktab *) systab->lockstart; // free space
  systab->lockfree->fwd_link = NULL;            // only one

  systab->lockfree->size = c;
  c = 0;
  exit (0);
}

>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-alpha" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103050041.f250fP281920>