On 13 Feb 2017, at 21:24, Eric McCorkle <[email protected]> wrote: > > Hello everyone, > > I ran into an apparent bug while trying to test a patch related to some > GELI boot work. This particular patch involves *BIOS* GELI-on-root (not > EFI). > > I created an image for qemu with a single gpt disk having a freebsd-boot > and freebsd-ufs partition, with the freebsd-ufs partition actually > having a GELI volume. > > The gptboot phase crashes with an illegal instruction. I tracked this > down to eli_metadata_softc (defined in sys/geom/eli/g_eli.h), > specifically to the mod operation near the end. Code here: > >> if (!(sc->sc_flags & G_ELI_FLAG_AUTH)) >> sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize); >> else { > > This crash also occurs on a build from master. > > The crash dump shows eip pointing to the following code: > > 66 0f 38 f6 f0 31 c6 8b - 4d 14 89 cf c1 ff 1f 8b > > The the first 5 bytes of this looks like it's supposed to be an extended > DIV instruction, which is what I would expect, except the opcode is > wrong (it's adc instead), which doesn't end up corresponding to any > valid form of an extended instruction (the 66 prefix). Examination of > the disassembly confirms this, and the surrounding instructions match > what you would expect from the C code.
This disassembles to: 0: 66 0f 38 f6 f0 adcx %eax,%esi 5: 31 c6 xor %eax,%esi 7: 8b 4d 14 mov 0x14(%ebp),%ecx a: 89 cf mov %ecx,%edi c: c1 ff 1f sar $0x1f,%edi f: 8b .byte 0x8b My first guess would be that the code simply jumped into garbage. But can you post the complete .o file somewhere for inspection? -Dimitry
signature.asc
Description: Message signed with OpenPGP
