Hi,
> panic: trap type 0x34 (mem address not aligned): pc=15864ec
> npc=15864f0 pstate=99820006<PRIV,IE>
(snip)
> o...@eigenstate.org and I put together the following diff. I haven't been able
> to check with the original reporter, and I don't have a machine to test it on,
> so comments and/or tests would be appreciated!
Do you have a test case of this?
As far as I know, switch(4) assumes it receives packets located at 64
bit aligned memory. So if the code like below
*(uint64_t *)oxm->oxm_value = htobe64(val);
cause alignment faults, the assumption may be broken. If so, the
place we should fix may not be here.
On Sun, 19 Aug 2018 14:28:06 -0700
Ayaka Koshibe <akosh...@openbsd.org> wrote:
> Hi,
>
> At BSDCan, someone reported that a sparc64 machine would panic if it was
> receiving any traffic on a member interface of a switch(4) during reboot. We
> got as far as getting this trace:
>
> panic: trap type 0x34 (mem address not aligned): pc=15864ec
> npc=15864f0 pstate=99820006<PRIV,IE>
> Stopped at db_enter+0x8: nop
> TID PID UID PRFLAGS PFLAGS CPU COMMAND
> 22221 86809 0 0x100002 0 1 ld
> 22929 608 49 0x100012 0 8 switchd
> *136438 67954 0 0x14000 0x200 3K softnet
> trap(404f9b994f0, 34, 15864ec, 99820006, 14, 0) at trap+0x2e0
> Lslowtrap_reenter(4000d9c9b88, 4c, 1, 0, 4000d9c9b70, 0) at
> Lslowtrap_reenter+0xf8
> swofp_action_output_controller(4000d135000, 4000d13d100, 4000c2db5e0, ffff,
> 0, 3b9ac800) at swofp_action_output_controller+0x1f4
> swofp_action_output(4000d135000, 4000d425400, 4000c2db5e0, 4000cd300a8,
> 4000c2db5e0, 6) at swofp_action_output+0x228
> swofp_execute_action(4000d135000, 4000d425400, 4000c2db5e0, 4000cd300a8, 0,
> 1c289c0) at swofp_execute_action+0x34
> swofp_apply_actions(4000d135000, 4000d425400, 4000c2db5e0, 4000cd300a0,
> 404f9b99ae8, 40079ac8000) at swofp_apply_actions+0x78
> swofp_forward_ofs(4000c2db5e0, 4000d0a0d40, 4000d425400, 0, 404f9b99ae8,
> 40079ac8000) at swofp_forward_ofs+0xd8
> switch_process(4000d128000, 4000d425400, 0, 2, 4000d128590, 16c8710) at
> switch_process+0x118
> switchintr(1cb5560, 3c4, 20, 0, 0, 6) at switchintr+0x94
> if_netisr(1c00, 404f9b99de0, 1c2ad38, 8000000, 40000000, 20000000) at
> if_netisr+0x1f0
> taskq_thread(4000cd3c040, 4000cd04000, 17de528, 165f968, 0, 3b9ac800) at
> taskq_thread+0x6c
> proc_trampoline(0, 0, 0, 0, 0, 0) at proc_trampoline+0x14
>
>
> o...@eigenstate.org and I put together the following diff. I haven't been able
> to check with the original reporter, and I don't have a machine to test it on,
> so comments and/or tests would be appreciated!
>
>
> Thanks,
> Ayaka
>
>
> Index: switchofp.c
> ===================================================================
> RCS file: /cvs/src/sys/net/switchofp.c,v
> retrieving revision 1.70
> diff -u -p -u -r1.70 switchofp.c
> --- switchofp.c 19 Feb 2018 08:59:52 -0000 1.70
> +++ switchofp.c 19 Jun 2018 04:14:04 -0000
> @@ -2455,12 +2455,12 @@ swofp_ox_match_put_uint32(struct ofp_mat
> int off = ntohs(om->om_length);
> struct ofp_ox_match *oxm;
>
> + val = htonl(val);
> oxm = (struct ofp_ox_match *)((caddr_t)om + off);
> oxm->oxm_class = htons(OFP_OXM_C_OPENFLOW_BASIC);
> OFP_OXM_SET_FIELD(oxm, type);
> oxm->oxm_length = sizeof(uint32_t);
> - *(uint32_t *)oxm->oxm_value = htonl(val);
> -
> + memcpy(oxm->oxm_value, &val, sizeof(val));
> om->om_length = htons(ntohs(om->om_length) +
> sizeof(*oxm) + sizeof(uint32_t));
>
> @@ -2473,12 +2473,12 @@ swofp_ox_match_put_uint64(struct ofp_mat
> struct ofp_ox_match *oxm;
> int off = ntohs(om->om_length);
>
> + val = htobe64(val);
> oxm = (struct ofp_ox_match *)((caddr_t)om + off);
> oxm->oxm_class = htons(OFP_OXM_C_OPENFLOW_BASIC);
> OFP_OXM_SET_FIELD(oxm, type);
> oxm->oxm_length = sizeof(uint64_t);
> - *(uint64_t *)oxm->oxm_value = htobe64(val);
> -
> + memcpy(oxm->oxm_value, &val, sizeof(val));
> om->om_length = htons(ntohs(om->om_length) +
> sizeof(*oxm) + sizeof(uint64_t));
>
>
