Subject: Further news on gated 3.5b4 vs. NetBSD-1.2
To: None <, tech-net@NetBSD.ORG>
From: Curt Sampson <>
List: tech-net
Date: 03/07/1997 16:31:36
A while back posted about some problems I was having running gated
3.4b4 under NetBSD 1.2/i386. That problem, or a similar one, appears
to have become more severe, and I've managed to isolate and reproduce
at least one part of it. This happens using gated 3.5beta4 under
NetBSD-1.2/i386 and NetBSD-current/i386.

If I run gated, and then quickly add 250 or so alias addresses to
the loopback interface (with statements like `ifconfig lo0
alias netmask'), gated will fail. Generally it's
with an abort due to an assertion failing, or perhaps a segmentation
violation due to dereferencing a bad pointer. Most frequently
there's a bogus destination address. For example, the call to
rt_locate() at line 1481 will pass an rtparms.rtp_dest->a that is
set to:
    {ga_len =3D 255 '=FF', ga_family =3D 255 '=FF', ga_data =3D "=FF"}

After some work with gdb, it appears that the source of the problem
lies in the call to krt_ifread(task_state) in krt_recv_route.
Commenting that call out fixes the problem.

I found this because I noticed that something very strange is
happening with the adip parameter passed to krt_recv_route. In this
function before the call to krt_ifread the adip parameter is
`normal,' similar to:
{rti_addrs =3D 3, rti_info =3D {0x124dd0, 0x124dd8, 0x0, 0x0, 0x0, 0x0, 0x0=
, 0x0}}

After the call, the addresses are different, similar to:
{rti_addrs =3D 16, rti_info =3D {0x0, 0x0, 0x0, 0x0, 0x1248b0, 0x0, 0x0, 0x=

At this point I can't figure out what's changing it, or why.

I'm going to keep hacking on this on Monday, but if anyone has any
clues (or pointers to internal documentation for gated) I'd be very