kern/83999: [patch] panic in fw_bus_explore due to NULL reference
Markus Wild
fbsd-lists at dudes.ch
Sun Jul 24 13:40:24 GMT 2005
>Number: 83999
>Category: kern
>Synopsis: [patch] panic in fw_bus_explore due to NULL reference
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Jul 24 13:40:23 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Markus Wild
>Release: current amd64
>Organization:
>Environment:
FreeBSD amd64.dudes.ch 7.0-CURRENT FreeBSD 7.0-CURRENT #29: Sat Jul 16 18:30:24 CEST 2005 mw at amd64.dudes.ch:/usr/obj/usr/src/sys/AMD64 amd64
>Description:
Machine panics at
fw_bus_explore+0x3f: testb $0x40,0x(%rax)
with %rax being NULL.
The problem is the line (1339):
if (!fw_find_self_id(fc, fc->ongonode)->p0.link_active) {
fw_find_self_id() can return 0 if it doesn't find the node. This is
not taken into account with the above test.
>How-To-Repeat:
On this machine it was sufficient to load the firewire module to
trigger the panic. A canopus ADV module was plugged into the
firewire port.
>Fix:
diff -u -r1.80 firewire.c
--- firewire.c 6 Jan 2005 01:42:41 -0000 1.80
+++ firewire.c 24 Jul 2005 13:37:09 -0000
@@ -1324,6 +1324,7 @@
uint32_t addr;
struct fw_xfer *xfer;
struct fw_pkt *fp;
+ union fw_self_id *fwsid;
if(fc->status != FWBUSEXPLORE)
return;
@@ -1336,7 +1337,8 @@
/* check link */
/* XXX we need to check phy_id first */
- if (!fw_find_self_id(fc, fc->ongonode)->p0.link_active) {
+ fwsid = fw_find_self_id(fc, fc->ongonode);
+ if (!fwsid || !fwsid->p0.link_active) {
if (firewire_debug)
printf("node%d: link down\n", fc->ongonode);
fc->ongonode++;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list