From owner-freebsd-i386@FreeBSD.ORG Wed May 5 18:20:23 2004 Return-Path: Delivered-To: freebsd-i386@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7E72316A4D1 for ; Wed, 5 May 2004 18:20:23 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20C0C43D49 for ; Wed, 5 May 2004 18:20:23 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i461KNwx032722 for ; Wed, 5 May 2004 18:20:23 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i461KMt7032721; Wed, 5 May 2004 18:20:22 -0700 (PDT) (envelope-from gnats) Resent-Date: Wed, 5 May 2004 18:20:22 -0700 (PDT) Resent-Message-Id: <200405060120.i461KMt7032721@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-i386@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Brian Eng Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 298A016A4CE for ; Wed, 5 May 2004 18:12:30 -0700 (PDT) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id D009743D66 for ; Wed, 5 May 2004 18:12:28 -0700 (PDT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.12.11/8.12.11) with ESMTP id i461CSLu042801 for ; Wed, 5 May 2004 18:12:28 -0700 (PDT) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.11/8.12.11/Submit) id i461CSbU042800; Wed, 5 May 2004 18:12:28 -0700 (PDT) (envelope-from nobody) Message-Id: <200405060112.i461CSbU042800@www.freebsd.org> Date: Wed, 5 May 2004 18:12:28 -0700 (PDT) From: Brian Eng To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Subject: i386/66306: pnpbios_identify() queries for more devices than the system has X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 May 2004 01:20:23 -0000 >Number: 66306 >Category: i386 >Synopsis: pnpbios_identify() queries for more devices than the system has >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed May 05 18:20:22 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Brian Eng >Release: 5.1-RELEASE >Organization: MidStream Technologies >Environment: >Description: On some CPU cards, the kernel crashes while processing PNP devices during bootup. Booting verbose and stepping through pnpbios_identify() reveals that it continues to iterate after processing the last device, and consequently crashes on the BIOS call. >How-To-Repeat: I've seen it most recently on a Trenton CP16 CPCI CPU card, but there have been other boards in which PNP has given me trouble. >Fix: pnpbios_identify() in sys/i386/i386/bios.c basically asks the BIOS how many PNP devices there are and does a simple 'for' loop to query the BIOS the right number of times. The counter is int left, but searching on 'left' reveals that it is changed inside the loop (!). I don't understand the use inside the code, but it looks to me like the original author (msmith in rev 1.16) reused the variable when he should have created a different one. >Release-Note: >Audit-Trail: >Unformatted: