Re: bin/44235: lint1 fails when compiling mesa for sparc

["Valeriy E. Ushakov" <uwe%stderr.spb.ru@localhost>]

The following reply was made to PR bin/44235; it has been noted by GNATS.

From: "Valeriy E. Ushakov" <uwe%stderr.spb.ru@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: bin/44235: lint1 fails when compiling mesa for sparc
Date: Mon, 17 Jan 2011 04:44:59 +0300

 dmalloc shows memory corruption.  Watchpoint for the overwritten
 dmalloc 'fence-bottom' is triggered at 
 
 0x08057773 in getsnode (strg=0xbb6cf868)
     at /usr/src/tools/lint1/../../usr.bin/xlint/lint1/tree.c:380
 380                     (void)memcpy(n->tn_strg->st_cp, strg->st_cp, len + 1);
 (gdb) bt
 #0  0x08057773 in getsnode (strg=0xbb6cf868)
     at /usr/src/tools/lint1/../../usr.bin/xlint/lint1/tree.c:380
 #1  0x0804bd05 in yyparse ()
     at /usr/src/tools/lint1/../../usr.bin/xlint/lint1/cgram.y:1642
 #2  0x08051f2c in main (argc=2, argv=0xbfbfe82c)
     at /usr/src/tools/lint1/../../usr.bin/xlint/lint1/main1.c:222
 
 
 memcpy args are:
 
 (gdb) p *n->tn_u._tn_strg
 $12 = {st_tspec = CHAR, st_len = 41103, st_u = {_st_cp = 0xbb6d0000 "GL_2D",
     _st_wcp = 0xbb6d0000}}
 (gdb) p *strg
 $25 = {st_tspec = CHAR, st_len = 41103, st_u = {_st_cp = 0xb8e40008 "GL_2D",
     _st_wcp = 0xb8e40008}}
 
 
 (gdb) x/i $eip
 0x8057773 <getsnode+204>:       rep movsb %ds:(%esi),%es:(%edi)
 (gdb) p len
 $47 = 41103
 (gdb) p $ecx
 $48 = 24719
 (gdb) p/x $esi
 $49 = 0xb8e44009
 (gdb) p/x $edi
 $50 = 0xbb6d4001
 
 Note that strg->st_cp comes from dmalloc (+8 bytes offset for the
 fence), but n->tn_strg->st_cp comes comes from xmaplloc (mmaped,
 starts at page boundary).
 
 -uwe