>Number:         24741
>Category:       port-powerpc
>Synopsis:       uninitialized variable can cause early crash of a DIAGNOSTIC kernel
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    port-powerpc-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Mar 11 09:32:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Aymeric Vincent
>Release:        1.6ZK
>Organization:
>Environment:
NetBSD/macppc 1.6ZK, custom kernel
>Description:
Variable sme_flags isn't initialized to zero in arch/powerpc/oea/cpu_subr.c:cpu_tau_setup().

This is wrong and can trigger a KASSERT() in the sysmon code very early at startup on G3's, depending on the state of the memory upon booting.

>How-To-Repeat:

Use your G3 powerpc machine of choice, reboot, and notice the exact same kernel you've been booting hundreds times before does not boot anymore.

>Fix:
The following patch initializes explicitly sme_flags to zero, and also zeroes out the whole structure on allocation to avoid erratic behaviours in the future. This is really a trivial fix, anyone can commit it now. (can't commit myself right now)

Index: cpu_subr.c
===================================================================
RCS file: /cvsroot/src/sys/arch/powerpc/oea/cpu_subr.c,v
retrieving revision 1.12
diff -u -r1.12 cpu_subr.c
--- cpu_subr.c	17 Feb 2004 22:03:52 -0000	1.12
+++ cpu_subr.c	11 Mar 2004 09:10:46 -0000
@@ -774,7 +774,7 @@
 	} *datap;
 	int error;
 
-	datap = malloc(sizeof(*datap), M_DEVBUF, M_WAITOK);
+	datap = malloc(sizeof(*datap), M_DEVBUF, M_WAITOK | M_ZERO);
 
 	ci->ci_sysmon_cookie = &datap->sme;
 	datap->sme.sme_nsensors = 1;
@@ -789,6 +789,7 @@
 	datap->sme.sme_cookie = ci;
 	datap->sme.sme_gtredata = cpu_tau_gtredata;
 	datap->sme.sme_streinfo = cpu_tau_streinfo;
+	datap->sme.sme_flags = 0;
 
 	if ((error = sysmon_envsys_register(&datap->sme)) != 0)
 		aprint_error("%s: unable to register with sysmon (%d)\n",

>Release-Note:
>Audit-Trail:
>Unformatted: