From owner-freebsd-current@FreeBSD.ORG  Sun Nov 20 01:11:55 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: current@freebsd.org
Delivered-To: freebsd-current@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3B8E916A41F;
	Sun, 20 Nov 2005 01:11:55 +0000 (GMT)
	(envelope-from marcel@xcllnt.net)
Received: from ns1.xcllnt.net (209-128-86-226.BAYAREA.NET [209.128.86.226])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D175F43D45;
	Sun, 20 Nov 2005 01:11:54 +0000 (GMT)
	(envelope-from marcel@xcllnt.net)
Received: from [192.168.4.250] (dhcp50.pn.xcllnt.net [192.168.4.250])
	by ns1.xcllnt.net (8.13.4/8.13.4) with ESMTP id jAK1BsJM025126;
	Sat, 19 Nov 2005 17:11:54 -0800 (PST)
	(envelope-from marcel@xcllnt.net)
Mime-Version: 1.0 (Apple Message framework v746.2)
To: current@freebsd.org
Message-Id: <5D4CE421-AC74-40D6-AB53-836630BB8F19@xcllnt.net>
Content-Type: multipart/mixed; boundary=Apple-Mail-3--476909085
From: Marcel Moolenaar <marcel@xcllnt.net>
Date: Sat, 19 Nov 2005 17:11:53 -0800
X-Mailer: Apple Mail (2.746.2)
Cc: alpha@freebsd.org, sparc64@freebsd.org
Subject: dc(4) related misalignment trap
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Nov 2005 01:11:55 -0000


--Apple-Mail-3--476909085
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

All,

On alpha this time:

	:
swapon: adding /dev/da0b as swap device
Starting file system checks:
/dev/da0a: 38800 files, 486252 used, 3308480 free (41816 frags,  
408333 blocks, 1.1% fragmentation)
Setting hostname: ds10.pn.xcllnt.net.

fatal kernel trap:

     trap entry     = 0x4 (unaligned access fault)
     faulting va    = 0xfffffc000096b73b
     opcode         = 0xc
     register       = 0x1
     pc             = 0xfffffc0000389cd8
     ra             = 0xfffffc0000389c98
     sp             = 0xfffffe001a581800
     usp            = 0x11ffe4f8
     curthread      = 0xfffffc003eb1d340
         pid = 165, comm = ifconfig

[thread pid 165 tid 100034 ]
Stopped at      dc_setfilt_21143+0x368: stl     t0,0x9c(s3)  
<0xfffffc000095879c>         
<t0=0xfffffc000096b733,s3=0xfffffc0000958700>
db> bt
Tracing pid 165 tid 100034 td 0xfffffc003eb1d340
dc_setfilt_21143() at dc_setfilt_21143+0x368
dc_setfilt() at dc_setfilt+0x58
dc_init_locked() at dc_init_locked+0x9c8
dc_init() at dc_init+0x78
ether_ioctl() at ether_ioctl+0xd8
dc_ioctl() at dc_ioctl+0x370
in6_ifinit() at in6_ifinit+0x11c
in6_update_ifa() at in6_update_ifa+0x604
in6_ifattach_linklocal() at in6_ifattach_linklocal+0x198
in6_ifattach() at in6_ifattach+0x110
in6_if_up() at in6_if_up+0xa8
if_route() at if_route+0xa4
if_up() at if_up+0x1c
ifhwioctl() at ifhwioctl+0x3a8
ifioctl() at ifioctl+0x178
soo_ioctl() at soo_ioctl+0x6e4
ioctl() at ioctl+0x6e8
syscall() at syscall+0x458
XentSys() at XentSys+0x64
--- syscall (54, FreeBSD ELF64, ioctl) ---


Note that the faulting instruction is really the instruction before
the one shown. In kgdb:

0xfffffc0000389cd4 <dc_setfilt_21143+868>:      ldwu    t0,8(t0)
0xfffffc0000389cd8 <dc_setfilt_21143+872>:      stl     t0,156(s3)

ldwu = load word unsigned.


(kgdb) l *dc_setfilt_21143+0x368
0xfffffc0000389cd8 is in dc_setfilt_21143 (../../../dev/dc/if_dc.c: 
1129).
1124                    h = dc_mchash_le(sc, ifp->if_broadcastaddr);
1125                    sp[h >> 4] |= htole32(1 << (h & 0xF));
1126            }
1127
1128            /* Set our MAC address */
1129            sp[39] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc- 
 >dc_ifp))[0]);
1130            sp[40] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc- 
 >dc_ifp))[1]);
1131            sp[41] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc- 
 >dc_ifp))[2]);
1132
1133            sframe->dc_status = htole32(DC_TXSTAT_OWN);

(kgdb) f 12
#12 0xfffffc0000389cd8 in dc_setfilt_21143 (sc=0xfffffc0000842000)  
at ../../../dev/dc/if_dc.c:1129
1129            sp[39] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc- 
 >dc_ifp))[0]);
(kgdb) p sp
$2 = (u_int32_t *) 0xfffffc0000958700
(kgdb) p sc->dc_ifp->if_addr->ifa_addr
$5 = (struct sockaddr *) 0xfffffc000096b730
(kgdb) p *(struct sockaddr_dl *)$5
$6 = {sdl_len = 56 '8', sdl_family = 18 '\022', sdl_index = 1,  
sdl_type = 6 '\006', sdl_nlen = 3 '\003', sdl_alen = 6 '\006',  
sdl_slen = 0 '\0', sdl_data = "dc0\b\000+\206\"J", '\0' <repeats 36  
times>}
(kgdb) p $6.sdl_data + $6.sdl_nlen
$7 = 0xfffffc000096b73b "\b"

Register s3 holds the sp variable ($2 in kgdb)
Register t0 holds the result the left-hand side of the statement, which
is not properly aligned for a 16-bit load ($7 = register t0 + 8).

Rough patch to fix the problem attached:

--Apple-Mail-3--476909085
Content-Transfer-Encoding: 7bit
Content-Type: application/octet-stream;
	x-unix-mode=0664;
	name="if_dc.diff"
Content-Disposition: attachment;
	filename=if_dc.diff

Index: if_dc.c
===================================================================
RCS file: /home/ncvs/src/sys/dev/dc/if_dc.c,v
retrieving revision 1.172
diff -u -r1.172 if_dc.c
--- if_dc.c	11 Nov 2005 16:04:50 -0000	1.172
+++ if_dc.c	20 Nov 2005 01:08:09 -0000
@@ -1126,9 +1126,9 @@
 	}
 
 	/* Set our MAC address */
-	sp[39] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[0]);
-	sp[40] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[1]);
-	sp[41] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[2]);
+	sp[39] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 0);
+	sp[40] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 1);
+	sp[41] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 2);
 
 	sframe->dc_status = htole32(DC_TXSTAT_OWN);
 	CSR_WRITE_4(sc, DC_TXSTART, 0xFFFFFFFF);
@@ -1324,9 +1324,9 @@
 	}
 
 	/* Set our MAC address */
-	sp[0] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[0]);
-	sp[1] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[1]);
-	sp[2] = DC_SP_MAC(((u_int16_t *)IF_LLADDR(sc->dc_ifp))[2]);
+	sp[0] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 0);
+	sp[1] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 1);
+	sp[2] = DC_SP_MAC((u_int16_t *)IF_LLADDR(sc->dc_ifp) + 2);
 
 	DC_SETBIT(sc, DC_NETCFG, DC_NETCFG_TX_ON);
 	DC_SETBIT(sc, DC_NETCFG, DC_NETCFG_RX_ON);
Index: if_dcreg.h
===================================================================
RCS file: /home/ncvs/src/sys/dev/dc/if_dcreg.h,v
retrieving revision 1.45
diff -u -r1.45 if_dcreg.h
--- if_dcreg.h	10 Aug 2005 20:33:46 -0000	1.45
+++ if_dcreg.h	20 Nov 2005 01:07:24 -0000
@@ -473,9 +473,9 @@
     (uintptr_t)(sc->dc_ldata->dc_tx_list + i) - (uintptr_t)sc->dc_ldata)
 
 #if BYTE_ORDER == BIG_ENDIAN
-#define DC_SP_MAC(x)		((x) << 16)
+#define DC_SP_MAC(ptr)		(be16dec(ptr) << 16)
 #else
-#define DC_SP_MAC(x)		(x)
+#define DC_SP_MAC(ptr)		(le16dec(ptr))
 #endif
 
 struct dc_list_data {

--Apple-Mail-3--476909085
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed


FYI,

-- 
  Marcel Moolenaar         USPA: A-39004          marcel@xcllnt.net


--Apple-Mail-3--476909085--