netbsd-bugs: bin/13559: mopd segfaults

Subject: bin/13559: mopd segfaults
To: None <gnats-bugs@gnats.netbsd.org>
From: None <dmcmahill@netbsd.org>
List: netbsd-bugs
Date: 07/26/2001 07:36:39
>Number:         13559
>Category:       bin
>Synopsis:       mopd segfaults
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 26 04:34:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Dan McMahill
>Release:        1.4.3
>Organization:
NetBSD
>Environment:
	
System: NetBSD dinah-moe 1.4.3A NetBSD 1.4.3A (DINAH-MOE) #0: Tue Jun 26 01:26:33 EDT 2001 dan@dinah-moe:/export/src/syssrc-1-4/sys/arch/mac68k/compile/DINAH-MOE mac68k


>Description:

the changes to basesrc/usr.sbin/mopd/mopd/process.c between netbsd-1-4-PATCH002
and netbsd-1-4-PATCH003 cause mopd to segfault when booting a DECserver 300.

i've not verified the problem with a 1.5 system yet.
	
>How-To-Repeat:

% /usr/sbin/mopd -d -f le0
MOP DL 802.3 8:0:2b:26:70:c6   > ab:0:0:1:0:0      len   32 code 08 RPR 
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len    9 code 03 ASV 
MOP DL 802.3 8:0:2b:26:70:c6   > 8:0:20:1a:21:6f   len   32 code 08 RPR 
RSX Image
Header Block Count: 1
Image Size:         0008d680
Load Address:       00005200
Transfer Address:   00007a00
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len 1498 code 02 MLD 
MOP DL 802.3 8:0:2b:26:70:c6   > 8:0:20:1a:21:6f   len   11 code 0a RML 
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len   40 code 14 PLT 
Segmentation fault (core dumped)

so recompile with -g:

(gdb) run -d -f le0
Starting program: /usr/cvs/basesrc/usr.sbin/mopd/./mopd/mopd -d -f le0
MOP DL 802.3 8:0:2b:26:70:c6   > ab:0:0:1:0:0      len   32 code 08 RPR 
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len    9 code 03 ASV 
MOP DL 802.3 8:0:2b:26:70:c6   > 8:0:20:1a:21:6f   len   32 code 08 RPR 
RSX Image
Header Block Count: 1
Image Size:         0008d680
Load Address:       00005200
Transfer Address:   00007a00
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len 1498 code 02 MLD 
MOP DL 802.3 8:0:2b:26:70:c6   > 8:0:20:1a:21:6f   len   11 code 0a RML 
MOP DL 802.3 8:0:20:1a:21:6f   > 8:0:2b:26:70:c6   len   40 code 14 PLT 

Program received signal SIGSEGV, Segmentation fault.
0x44f8 in mopNextLoad (dst=0x17018 "\b", src=0x16088 "\b", new_count=1
'\001', trans=2) at process.c:442
442             if (pfWrite(dle->ii->fd, pkt, index, trans) != index) {
(gdb) bt
#0  0x44f8 in mopNextLoad (dst=0x17018 "\b", src=0x16088 "\b", new_count=1
'\001', trans=2) at process.c:442
#1  0x4db8 in mopProcessDL (fd=0x13450, ii=0x16080, pkt=0x17012 "\b",
index=0xeffff2f0, dst=0x17012 "\b", 
    src=0x17018 "\b", trans=2, len=11) at process.c:574
    #2  0x30a8 in mopProcess (ii=0x16080, pkt=0x17012 "\b") at mopd.c:201
    #3  0xf6dc in Loop () at loop-bsd.c:178
    #4  0x2e98 in main (argc=4, argv=0xeffff4ac) at mopd.c:153

so then i noted process.c had been modified between netbsd-1.4.2 and 1.4.3
so I reverted those changes in my local tree and mopd worked again (for me at least).
	
>Fix:

workaround:  revert to rev 1.5 of basesrc/usr.sbin/mopd/mopd/process.c

fix: not sure
	
>Release-Note:
>Audit-Trail:
>Unformatted: