Unix Technical Forum

Re: armish nd6_ns_output Alignment fault 3

This is a discussion on Re: armish nd6_ns_output Alignment fault 3 within the mailing.openbsd.tech forums, part of the OpenBSD category; --> > Date: Thu, 21 Feb 2008 10:15:50 +0000 > From: Stuart Henderson <stu@spacehopper.org> > > I also have just ...


Go Back   Unix Technical Forum > Unix Operating Systems > OpenBSD > mailing.openbsd.tech

Re: armish nd6_ns_output Alignment fault 3 Re: armish nd6_ns_output Alignment fault 3

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-21-2008, 09:19 PM
Mark Kettenis
 
Posts: n/a
Default Re: armish nd6_ns_output Alignment fault 3
> Date: Thu, 21 Feb 2008 10:15:50 +0000
> From: Stuart Henderson <stu@spacehopper.org>
>
> I also have just had one of these when trying to ping6..
> any clues?
>
> Fatal kernel mode data abort: 'Alignment Fault 3'
> trapframe: 0xd60e8c2c
> FSR=000000f3, FAR=deadbefb, spsr=a0000093
> r0 =d4dafe5c, r1 =d60e8cd8, r2 =deadbeef, r3 =00000000

That deadbeef probably means this is a use-after-free issue.

> r4 =ffffffff, r5 =d60e8cc8, r6 =d60e8cc0, r7 =d4dafe44
> r8 =d4dafe00, r9 =d069df88, r10=d0595050, r11=d60e8d24
> r12=00000000, ssp=d60e8c78, slr=d06ae480, pc =c03d8d04
>
> Stopped at nd6_ns_output+0x18c: ldr r3, [r2, #0x00c]
> ddb> [-- sthen@localhost.spacehopper.org attached -- Thu Feb 21 09:45:37 2008]
>
> ddb> tr
> nd6_ns_output+0xc
> scp=0xc03d8b84 rlv=0xc03d7ce0 (nd6_output+0x23c)
> rsp=0xd60e8d28 rfp=0xd60e8d5c
> r10=0xd06ae480 r9=0xdeadbeef
> r8=0xd069df80 r7=0xd4dbdb54 r6=0x00000000 r5=0xd0595050
> r4=0x00000000
> nd6_output+0xc
> scp=0xc03d7ab0 rlv=0xc03d9454 (nd6_na_input+0x360)
> rsp=0xd60e8d60 rfp=0xd60e8df4
> r10=0xd4c2c052 r9=0xd0595050
> r8=0x00000000 r7=0xd4daf100 r6=0xd4dbd910 r5=0xd0698dc0
> r4=0x00000000
> nd6_na_input+0xc
> scp=0xc03d9100 rlv=0xc03c7c54 (icmp6_input+0x7fc)
> rsp=0xd60e8df8 rfp=0xd60e8e44
> r10=0xd4c2c010 r9=0x00000000
> r8=0xd4daf100 r7=0x00000020 r6=0xd4c2c038 r5=0x00000028
> r4=0x00000000
> icmp6_input+0xc
> scp=0xc03c7464 rlv=0xc03cc13c (ip6_input+0x6b4)
> rsp=0xd60e8e48 rfp=0xd60e8ea4
> r10=0x00000001 r9=0x00000000
> r8=0xc0514524 r7=0xc04cfa14 r6=0xc04cf678 r5=0x0000003a
> r4=0x00000001
> ip6_input+0xc
> scp=0xc03cba94 rlv=0xc03cba74 (ip6intr+0x6c)
> rsp=0xd60e8ea8 rfp=0xd60e8ec4
> r10=0xc0518040 r9=0xc051803c
> r8=0x00000000 r7=0xc05182f4 r6=0xc05151a4 r5=0xc05151a4
> r4=0xd4d8d300
> ip6intr+0xc
> scp=0xc03cba14 rlv=0xc03fbb78 (netintr+0xbc)
> rsp=0xd60e8ec8 rfp=0xd60e8ee4
> r6=0xc0517f40 r5=0x000000c0
> r4=0x01000001
> netintr+0xc
> scp=0xc03fbac8 rlv=0xc03fb960 (softintr_dispatch+0xa8)
> rsp=0xd60e8ee8 rfp=0xd60e8f04
> r6=0xc0512a6c r5=0xc0517f24
> r4=0x000000c0
> softintr_dispatch+0xc
> scp=0xc03fb8c4 rlv=0xc0400a44 (i80321intc_do_pending+0x19c)
> rsp=0xd60e8f08 rfp=0xd60e8f34
> r6=0xc051803c r5=0x000000c0
> r4=0x00000080
> i80321intc_do_pending+0xc
> scp=0xc04008b4 rlv=0xc046e12c (irq_entry+0x70)
> rsp=0xd60e8f38 rfp=0xd60e8fb0
> r10=0xc0517318 r9=0x00000000
> r8=0xd4e172a0 r7=0xc0517318 r6=0x00000000 r5=0xc04f2e18
> r4=0x00000000
> sched_idle+0xc
> scp=0xc0295dc0 rlv=0xc046d3e8 (proc_trampoline+0x18)
> rsp=0xd60e8fb4 rfp=0x00000000
> r10=0x00000000 r8=0x00000000
> r7=0x00000000 r6=0x00000000 r5=0xc0517318 r4=0xc0295db4
> ddb> ps
> PID PPID PGRP UID S FLAGS WAIT COMMAND
> 124 4856 124 1000 3 0x44182 poll ping6
> 7187 1 7187 1000 3 0x40180 select ssh-agent
> 4856 28597 4856 1000 3 0x4082 pause ksh
> 28597 11743 11743 1000 3 0x180 select sshd
> 11743 28117 11743 0 3 0x4180 netio sshd
> 3625 1 3625 1000 3 0x40180 select ssh-agent
> 4370 14428 4370 1000 3 0x4082 ttyin ksh
> 14428 5485 5485 1000 3 0x180 select sshd
> 5485 28117 5485 0 3 0x4180 netio sshd
> 15458 1 15458 0 3 0x4082 ttyin getty
> 18607 1 18607 0 3 0x40180 select sendmail
> 15374 1 15374 0 3 0x80 select cron
> 28117 1 28117 0 3 0x80 select sshd
> 1659 1 1659 0 3 0x180 select inetd
> 27888 0 0 0 3 0x100280 nfsidl nfsio
> 28520 0 0 0 3 0x100280 nfsidl nfsio
> 3059 0 0 0 3 0x100280 nfsidl nfsio
> 14341 0 0 0 3 0x100280 nfsidl nfsio
> 8056 1 8056 0 3 0x80 poll ntpd
> 19993 1 19993 83 3 0x180 poll ntpd
> 21873 12871 12871 73 2 0x180 syslogd
> 12871 1 12871 0 3 0x88 netio syslogd
> 15 0 0 0 3 0x100200 bored crypto
> 14 0 0 0 3 0x100200 aiodoned aiodoned
> 13 0 0 0 3 0x100200 syncer update
> 12 0 0 0 3 0x100200 cleaner cleaner
> 11 0 0 0 3 0x100200 reaper reaper
> 10 0 0 0 3 0x100200 pgdaemon pagedaemon
> 9 0 0 0 3 0x100200 pftm pfpurge
> 8 0 0 0 3 0x100200 usbevt usb2
> 7 0 0 0 3 0x100200 usbevt usb1
> 6 0 0 0 3 0x100200 usbtsk usbtask
> 5 0 0 0 3 0x100200 usbevt usb0
> 4 0 0 0 3 0x100200 bored syswq
> * 3 0 0 0 7 0x100200 idle0
> 2 0 0 0 3 0x100200 kmalloc kmthread
> 1 0 1 0 3 0x4080 wait init
> 0 -1 0 0 3 0x80200 scheduler swapper
> ddb>
>
>
> rebooting...
> attempting reset
> [-- sthen@localhost.spacehopper.org attached -- Thu Feb 21 09:13:19 2008]
> +RST=No
> Transfer to factory test Mode : No
> Reset default set:Normal
> Thecus: Found PCI device Vendor ID=0x000010EC
> Vendor 0x10ec
> Device 0x8169
> Allocate cyg_pci_io_base=0x90000100
> Allocate cyg_pci_memory_base=0x40000100
> Thecus: Found PCI device Vendor ID=0x000010EC
> Vendor 0x10ec
> Device 0x8169
> Allocate cyg_pci_io_base=0x90000200
> Allocate cyg_pci_memory_base=0x40000200
> Thecus: Found PCI device Vendor ID=0x00001095
> Vendor 0x1095
> Device 0x3512
> Allocate cyg_pci_io_base=0x90000208
> Allocate cyg_pci_io_base=0x9000020c
> Allocate cyg_pci_io_base=0x90000218
> Allocate cyg_pci_io_base=0x9000021c
> Allocate cyg_pci_io_base=0x90000230
> Allocate cyg_pci_memory_base=0x40000400
> Thecus: Found PCI device Vendor ID=0x00001106
> Thecus: Found PCI device Vendor ID=0x00001106
> Thecus: Found PCI device Vendor ID=0x00001106
> Vendor 0x1106
> Device 0x3104
> Allocate cyg_pci_memory_base=0x40000500
> PCI: device already configured
> rtl-eth0: RTL8169s/8110s Gigabit Ethernet driver 2.2 at 0xb0000000, 00:14:fd:10:3e:3c
> rtl-eth0: Auto-negotiation Enabled.
> Ethernet rtl-eth0: MAC address 00:14:fd:10:3e:3c
> IP: 85.158.44.154/255.255.255.240, Gateway: 85.158.44.145
> Default server: 85.158.44.150, DNS server IP: 85.158.44.150
>
> RedBoot(tm) bootstrap and debug environment [ROM]
> Red Hat certified release, version 1.93 - built 10:56:04, Nov 29 2005
>
> Platform: IQ31244 (XScale)
> Copyright (C) 2000, 2001, 2002, Red Hat, Inc.
>
> RAM: 0x00000000-0x10000000, 0x00051fd8-0x0ffd1000 available
> FLASH: 0xf0000000 - 0xf1000000, 128 blocks of 0x00020000 bytes each.
> == Executing boot script in 2.000 seconds - enter ^C to abort
>
> RedBoot> fis load boot
> RedBoot> go
> >> OpenBSD/armish BOOT 1.0
> boot>
> booting wd0a:/bsd: 196+2883698+51456+0+277080 [75+152240+138661]=0x35f5e8
>
> OpenBSD/armish booting ...
> initarm: Configuring system ...
> physmemory: 65536 pages at 0xa0000000 -> 0xafffffff
> [ using 291472 bytes of bsd ELF symbol table ]
> Copyright (c) 1982, 1986, 1989, 1991, 1993
> The Regents of the University of California. All rights reserved.
> Copyright (c) 1995-2008 OpenBSD. All rights reserved. http://www.OpenBSD.org
>
> OpenBSD 4.2-current (GENERIC) #247: Wed Jan 9 23:16:04 MST 2008
> deraadt@armish.openbsd.org:/usr/src/sys/arch/armish/compile/GENERIC
> real mem = 268435456 (256MB)
> avail mem = 252022784 (240MB)
> mainbus0 at root
> cpu0 at mainbus0: i80219 600MHz step A-0 (XScale core)
> cpu0: DC enabled IC enabled WB enabled LABT branch prediction enabled
> cpu0: 32KB(32b/l,32way) I-cache, 32KB(32b/l,32way) wr-back-lock D-cache
> iopxs0 at mainbus0: Thecus Nx100: i80321 I/O Processor
> iopiic0 at iopxs0: I2C controller
> iic0 at iopiic0
> ricohrtc0 at iic0 addr 0x32: RICOH RS5C372[AB] Real-time Clock
> pcaled0 at iic0 addr 0x60: PCA9532 LED controller
> gpio0 at pcaled0: 16 pins
> fintek0 at iic0 addr 0x2e: F75375 rev 1.5
> spdmem0 at iic0 addr 0x52: 256MB DDR SDRAM non-parity PC3200CL2.5
> pci0 at iopxs0
> re0 at pci0 dev 1 function 0 "Realtek 8169" rev 0x10: RTL8169/8110SB (0x1000), irq 27, address 00:14:fd:10:3e:3c
> rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 3
> re1 at pci0 dev 2 function 0 "Realtek 8169" rev 0x10: RTL8169/8110SB (0x1000), irq 30, address 00:14:fd:10:3e:3d
> rgephy1 at re1 phy 7: RTL8169S/8110S PHY, rev. 3
> pciide0 at pci0 dev 3 function 0 "CMD Technology SiI3512 SATA" rev 0x01: DMA
> pciide0: using irq 29 for native-PCI interrupt
> pciide0: port 1: device present, speed: 1.5Gb/s
> wd0 at pciide0 channel 1 drive 0: <HITACHI HDS7280SASUN80G 0701MMPA8M>
> wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
> wd0(pciide0:1:0): using BIOS timings, Ultra-DMA mode 6
> uhci0 at pci0 dev 4 function 0 "VIA VT83C572 USB" rev 0x61: irq 27
> uhci1 at pci0 dev 4 function 1 "VIA VT83C572 USB" rev 0x61: irq 27
> ehci0 at pci0 dev 4 function 2 "VIA VT6202 USB" rev 0x63: irq 29
> usb0 at ehci0: USB revision 2.0
> uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1
> usb1 at uhci0: USB revision 1.0
> uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1
> usb2 at uhci1: USB revision 1.0
> uhub2 at usb2 "VIA UHCI root hub" rev 1.00/1.00 addr 1
> gpio at iopxs0 not configured
> obio0 at mainbus0
> com0 at obio0 addr 0xfe800000 intr 28: ns16550a, 16 byte fifo
> com0: console
> softraid0 at root
> boot device: wd0
> root on wd0a swap on wd0b dump on wd0b

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Photo Secrets | Re: pkill.c warn when "no such process" »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


All times are GMT. The time now is 08:59 AM.

Contact Us - Unix Technical Forums - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
www.UnixAdminTalk.com