> The system has a trap 2, which I looked up as: > > #define T_TLB_LD_MISS 2 /* TLB miss on load or ifetch */ > > what happens before this patch, I think, is that there is a varargs size_t > (which is size 8 in mips64), that gets promoted (I think) in varargs to int > (which would likely be size 4). Then what happens is the char * that is > va_arg'ed after that is somehow corrupted on length 1, bcopy would trap #2 > on this.
Try changing all the final 0 in sppp_auth_send() to 0UL and this ought to work. This function needs __attribute__((__sentinel__)) as well to prevent such mistakes from occurring again.
