Date: Sun, 16 Dec 2007 14:34:54 -0500 From: Alexander Kabaev <kabaev@gmail.com> To: Maxim Konovalov <maxim@macomnet.ru> Cc: current@freebsd.org Subject: Re: route(8) core dump, possible gcc(1) related Message-ID: <20071216143454.7239c97b@kan.dnsalias.net> In-Reply-To: <20071216211832.X83419@mp2.macomnet.net> References: <20071216211832.X83419@mp2.macomnet.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
On Sun, 16 Dec 2007 21:27:17 +0300 (MSK)
Maxim Konovalov <maxim@macomnet.ru> wrote:
> Hello,
>
> gcc w/ default flags:
>
> # route add 172.19.16.0.0/16 10.10.10.2
> zsh: segmentation fault (core dumped)
>
> gcc -O0:
>
> # route add 172.19.16.0.0/16 10.10.10.2
> route: bad address: 172.19.16.0.0/16
>
> I failed to find any bugs in this code snippet where route(8)
> dumps a core (line 1041):
>
> 1033 q = strchr(s,'/');
> 1034 if (q && which == RTA_DST) {
> 1035 *q = '\0';
> 1036 if ((val = inet_network(s)) != INADDR_NONE) {
> 1037 inet_makenetandmask(
> 1038 val, &su->sin, strtoul(q+1,
> 0, 0)); 1039 return (0);
> 1040 }
> 1041 *q = '/';
> 1042 }
>
> Any comments?
>
Preliminary results show that inet_network from libc is somehow
thrashing $ebx even if it is not supposed to. -O0 disables value
caching in register and always allocates stack slot for the 'q'
pointer, so the problem is not visible.
Thanks for the test case, I'll look some more.
--
Alexander Kabaev
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFHZX3eQ6z1jMm+XZYRAvKQAJ9LZTxPEdLmU1qPrSekZotVU4nHnQCfUeCC
qHrxw3OT2DiEE4BSHCgArTk=
=9xgT
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071216143454.7239c97b>