kern/38623: piixpcib(4) hangup during booting process.

[tnozaki%NetBSD.org@localhost]

>Number:         38623
>Category:       kern
>Synopsis:       piixpcib(4) hangup during booting process.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat May 10 14:10:00 +0000 2008
>Originator:     Takehiko NOZAKI
>Release:        4.99.62
>Organization:
>Environment:
NetBSD spooky.example.com 4.99.62 NetBSD 4.99.62 (SPOOKY) #0: Sat May 10 
21:29:55 JST 2008  
root%spooky.example.com@localhost:/usr/obj.i386/sys/arch/i386/compile/SPOOKY 
i386

>Description:
piixpcib(4) hangup during booting process.

the bug is introduced src/sys/arch/i386/pci/piixpcib.c r1.15.
using device_t and `sc_dev' field is added to struct piixpcib_softc.

but it's super class, struct pcib_softc in src/sys/arch/x86/pci/pcib.c
doesn't have such field.
so that calling pcibattach() in piixpcibattach()
(this meams casting struct piixpcib_softc -> device_t -> struct pcib_softc)
causes memory corruption and null pointer exception in aprint.

>How-To-Repeat:
add piixpcib(4) to kernel config, and compile, install, reboot.

>Fix:
apply following patch:

Index: sys/arch/x86/pci/pcib.c
===================================================================
RCS file: /cvsroot/src/sys/arch/x86/pci/pcib.c,v
retrieving revision 1.4
diff -u -r1.4 pcib.c
--- sys/arch/x86/pci/pcib.c     28 Apr 2008 20:23:40 -0000      1.4
+++ sys/arch/x86/pci/pcib.c     10 May 2008 11:49:53 -0000
@@ -49,6 +49,8 @@
 #include "isa.h"
 
 struct pcib_softc {
+       device_t                sc_dev;
+
        pci_chipset_tag_t       sc_pc;
        pcitag_t                sc_tag;
 };
@@ -202,6 +204,7 @@
        aprint_normal_dev(self, "%s (rev. 0x%02x)\n", devinfo,
            PCI_REVISION(pa->pa_class));
 
+       sc->sc_dev = self;
        sc->sc_pc = pa->pa_pc;
        sc->sc_tag = pa->pa_tag;