Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: netbsd crash



On Mon, Mar 01, 2010 at 02:57:20PM +0100, Christoph Egger wrote:
> 
> 
> Hi!
> 
> When I boot a Xen/amd64 Dom0 it crashes
> at
> 
> sys/arch/x86/pci/pci_machdep.c:348
> 
> pc_make_tag is a wild pointer.

pc must be a wild pointer, too.  It should be NULL.  I have attached
a patch for hypervisor_attach() that is careful to re-zero the attach
args before setting them up for a new call to config_found_ia().
hypervisor_attach() may not be the only place that Xen passes an
uninitialized pci_attach_args or pcibus_attach_args.

Dave

-- 
David Young             OJC Technologies
dyoung%ojctech.com@localhost      Urbana, IL * (217) 278-3933
Index: sys/arch/xen/xen/hypervisor.c
===================================================================
RCS file: /cvsroot/src/sys/arch/xen/xen/hypervisor.c,v
retrieving revision 1.50
diff -u -p -u -p -r1.50 hypervisor.c
--- sys/arch/xen/xen/hypervisor.c       23 Oct 2009 02:32:34 -0000      1.50
+++ sys/arch/xen/xen/hypervisor.c       1 Mar 2010 18:02:14 -0000
@@ -207,7 +207,7 @@ hypervisor_attach(device_t parent, devic
 
        xengnt_init();
 
-       memset(&hac.hac_vcaa, 0, sizeof(hac.hac_vcaa));
+       memset(&hac, 0, sizeof(hac));
        hac.hac_vcaa.vcaa_name = "vcpu";
        hac.hac_vcaa.vcaa_caa.cpu_number = 0;
        hac.hac_vcaa.vcaa_caa.cpu_role = CPU_ROLE_SP;
@@ -217,22 +217,27 @@ hypervisor_attach(device_t parent, devic
        events_init();
 
 #if NXENBUS > 0
+       memset(&hac, 0, sizeof(hac));
        hac.hac_xenbus.xa_device = "xenbus";
        config_found_ia(self, "xendevbus", &hac.hac_xenbus, hypervisor_print);
 #endif
 #if NXENCONS > 0
+       memset(&hac, 0, sizeof(hac));
        hac.hac_xencons.xa_device = "xencons";
        config_found_ia(self, "xendevbus", &hac.hac_xencons, hypervisor_print);
 #endif
 #if NXENNET_HYPERVISOR > 0
+       memset(&hac, 0, sizeof(hac));
        hac.hac_xennet.xa_device = "xennet";
        xennet_scan(self, &hac.hac_xennet, hypervisor_print);
 #endif
 #if NXBD_HYPERVISOR > 0
+       memset(&hac, 0, sizeof(hac));
        hac.hac_xbd.xa_device = "xbd";
        xbd_scan(self, &hac.hac_xbd, hypervisor_print);
 #endif
 #if NNPX > 0
+       memset(&hac, 0, sizeof(hac));
        hac.hac_xennpx.xa_device = "npx";
        config_found_ia(self, "xendevbus", &hac.hac_xennpx, hypervisor_print);
 #endif
@@ -240,6 +245,7 @@ hypervisor_attach(device_t parent, devic
 #if NPCI > 0
 #if NACPICA > 0
        if (acpi_present) {
+               memset(&hac, 0, sizeof(hac));
                hac.hac_acpi.aa_iot = X86_BUS_SPACE_IO;
                hac.hac_acpi.aa_memt = X86_BUS_SPACE_MEM;
                hac.hac_acpi.aa_pc = NULL;
@@ -251,6 +257,7 @@ hypervisor_attach(device_t parent, devic
                config_found_ia(self, "acpibus", &hac.hac_acpi, 0);
        }
 #endif /* NACPICA */
+       memset(&hac, 0, sizeof(hac));
        hac.hac_pba.pba_iot = X86_BUS_SPACE_IO;
        hac.hac_pba.pba_memt = X86_BUS_SPACE_MEM;
        hac.hac_pba.pba_dmat = &pci_bus_dma_tag;
@@ -279,6 +286,7 @@ hypervisor_attach(device_t parent, devic
 #endif
 #if NISA > 0
        if (isa_has_been_seen == 0) {
+               memset(&hac, 0, sizeof(hac));
                hac.hac_iba._iba_busname = "isa";
                hac.hac_iba.iba_iot = X86_BUS_SPACE_IO;
                hac.hac_iba.iba_memt = X86_BUS_SPACE_MEM;


Home | Main Index | Thread Index | Old Index