Date: Fri, 9 May 2003 15:29:39 -0400 (EDT) From: Andrew Gallatin <gallatin@cs.duke.edu> To: Kris Kennaway <kris@obsecurity.org> Cc: current@freebsd.org Subject: Re: Unaligned access fault in fxp on alpha Message-ID: <16060.419.751589.275820@grasshopper.cs.duke.edu> In-Reply-To: <20030509163718.GA22231@rot13.obsecurity.org> References: <20030509163718.GA22231@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway writes:
> I reported this to mux 3 days ago, but haven't heard any
> acknowledgement from him of the issue. Could someone else
> investigate? This is a reproducible panic.
>
Can you try this patch please?
It causes gcc to emit slightly different code, which deals with
storing to aligned 16-bit values.
What's happening is that because the u_int32_t link_addr (and rbd_addr)
fields preceded the "size" field, gcc was assuming that the rfa struct
would be aligned and was cheating. It was using operations which only
work on aligned-32 bit values on 16-bit values. Removing the
u_int32_t's disabuses gcc of this assumption, therby causing safe
code to be emitted.
I don't understand why mux changed these fields in rev 1.31, with, so
I'm not sure that I want to commit this until mux reviews it. For all
I know, it breaks sparc64 or something..
Drew
Index: dev/fxp/if_fxpreg.h
===================================================================
RCS file: /home/ncvs/src/sys/dev/fxp/if_fxpreg.h,v
retrieving revision 1.33
diff -u -r1.33 if_fxpreg.h
--- dev/fxp/if_fxpreg.h 6 Apr 2003 21:35:45 -0000 1.33
+++ dev/fxp/if_fxpreg.h 9 May 2003 18:55:10 -0000
@@ -346,8 +346,8 @@
struct fxp_rfa {
u_int16_t rfa_status;
u_int16_t rfa_control;
- u_int32_t link_addr;
- u_int32_t rbd_addr;
+ u_int8_t link_addr[4];
+ u_int8_t rbd_addr[4];
u_int16_t actual_size;
u_int16_t size;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16060.419.751589.275820>