NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
re: kern/50186: sparc memfault panic after 7.99.21 ARP changes
The following reply was made to PR kern/50186; it has been noted by GNATS.
From: "John D. Baker" <jdbaker%mylinuxisp.com@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc:
Subject: re: kern/50186: sparc memfault panic after 7.99.21 ARP changes
Date: Tue, 1 Sep 2015 10:52:15 -0500 (CDT)
Actually, looking back earlier in the disassembly:
1424 /*
1425 * Free an arp entry.
1426 */
1427 static void arptfree(struct llentry *la)
---Type <return> to continue, or q <return> to quit---
1428 {
1429 struct rtentry *rt = la->la_rt;
0xf00a624c <+116>: ld [ %i0 + 0xb0 ], %i3
1430
1431 KASSERT(rt != NULL);
1432
1433 if (la->la_rt != NULL) {
0xf00a6250 <+120>: cmp %i3, 0
0xf00a6254 <+124>: be 0xf00a626c <arptimer+148>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
0xf00a6258 <+128>: clr %o2
1434 rtfree(la->la_rt);
0xf00a625c <+132>: call 0xf025a784 <rtfree>
0xf00a6260 <+136>: mov %i3, %o0
1435 la->la_rt = NULL;
0xf00a6264 <+140>: clr [ %i0 + 0xb0 ]
1436 }
The fault appears to be a KASSERT in disguise? Register "i3" is compared
with zero and if equal (i.e., zero) branch to the address reported in
the fault message. This would indicate that the arp entry requested to
be freed is NULL (or a wild pointer)?
--
|/"\ John D. Baker, KN5UKS NetBSD Darwin/MacOS X
|\ / jdbaker[snail]mylinuxisp[flyspeck]com OpenBSD FreeBSD
| X No HTML/proprietary data in email. BSD just sits there and works!
|/ \ GPGkeyID: D703 4A7E 479F 63F8 D3F4 BD99 9572 8F23 E4AD 1645
Home |
Main Index |
Thread Index |
Old Index