[Bug 292032] armv7 on aarch64 (tested chroot, lib32) gets SIGSEGV for the likes of: gpart show [native armv7 kernel use contexts do not get any SIGSEGV's]

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 292032] armv7 (chroot, at least) gets SIGSEGV for: gpart show [after inappropriate %ld format use was fixed]"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 31 Dec 2025 04:07:14 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292032

--- Comment #6 from Mark Millard <marklmi26-fbsd@yahoo.com> ---
Example low level failure information (chroot context):

. . .
493     static void 
494     delete_config(struct gconf *gp)
495     {
496             struct gconfig *cf;
497     
498             for (;;) {
499                     cf = LIST_FIRST(gp);
500                     if (cf == NULL)
501                             return;
502                     LIST_REMOVE(cf, lg_config);
503                     free(cf->lg_name);
504                     free(cf->lg_val);
505                     free(cf);
506             }
507     }
508     
509     void
510     geom_deletetree(struct gmesh *gmp)
511     {
512             struct gclass *cl;
513             struct ggeom *ge;
514             struct gprovider *pr;
515             struct gconsumer *co;
516     
517             free(gmp->lg_ident);
518             gmp->lg_ident = NULL;
519             for (;;) {
520                     cl = LIST_FIRST(&gmp->lg_class);
521                     if (cl == NULL) 
522                             break;
523                     LIST_REMOVE(cl, lg_class);
524                     delete_config(&cl->lg_config);
. . .

Context is line 524 and its use of delete_config .

(gdb) info reg r6
r6             0x200891b8          537432504
(gdb) nexti

Breakpoint 3.1, delete_config (gp=0x2053c1dc) at
/usr/src/lib/libgeom/geom_xml2tree.c:502
502                     LIST_REMOVE(cf, lg_config);
=> 0x200c5ee8 <geom_deletetree+84>:     e1c600d0        ldrd    r0, [r6]
   0x200c5eec <geom_deletetree+88>:     e3500000        cmp     r0, #0
   0x200c5ef0 <geom_deletetree+92>:     15801004        strne   r1, [r0, #4]
   0x200c5ef4 <geom_deletetree+96>:     e5810000        str     r0, [r1]
(gdb) info reg r0
r0             0x2053c198          542359960
(gdb) nexti
0x200c5eec      502                     LIST_REMOVE(cf, lg_config);
=> 0x200c5eec <geom_deletetree+88>:     e3500000        cmp     r0, #0
   0x200c5ef0 <geom_deletetree+92>:     15801004        strne   r1, [r0, #4]
   0x200c5ef4 <geom_deletetree+96>:     e5810000        str     r0, [r1]
(gdb) info reg r0
r0             0xffffffff          4294967295

The later execution of "strne r1, [r0, #4]" rejects using
the 0xffffffff from r0:

(gdb) nexti
0x200c5ef0      502                     LIST_REMOVE(cf, lg_config);
=> 0x200c5ef0 <geom_deletetree+92>:     15801004        strne   r1, [r0, #4]
   0x200c5ef4 <geom_deletetree+96>:     e5810000        str     r0, [r1]
(gdb) nexti

Program received signal SIGSEGV, Segmentation fault.
Address not mapped to object.
0x200c5ef0 in delete_config (gp=0x2053c1dc) at
/usr/src/lib/libgeom/geom_xml2tree.c:502
502                     LIST_REMOVE(cf, lg_config);
=> 0x200c5ef0 <geom_deletetree+92>:     15801004        strne   r1, [r0, #4]
   0x200c5ef4 <geom_deletetree+96>:     e5810000        str     r0, [r1]

-- 
You are receiving this mail because:
You are the assignee for the bug.