From nobody@FreeBSD.ORG Sun Mar  7 07:51:47 1999
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 822D814CDE; Sun,  7 Mar 1999 07:51:44 -0800 (PST)
Message-Id: <19990307155144.822D814CDE@hub.freebsd.org>
Date: Sun,  7 Mar 1999 07:51:44 -0800 (PST)
From: sanewo@ba2.so-net.ne.jp
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@freebsd.org
Subject: boot loader panics with "unload"
X-Send-Pr-Version: www-1.0

>Number:         10462
>Category:       bin
>Synopsis:       boot loader panics with "unload"
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    dcs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar  7 08:00:01 PST 1999
>Closed-Date:    Tue Mar 9 03:31:39 PST 1999
>Last-Modified:  Tue Mar  9 03:32:10 PST 1999
>Originator:     Takanori Saneto
>Release:        4.0-CURRENT as of 1999-March-06
>Organization:
An individual
>Environment:
FreeBSD muse 4.0-CURRENT FreeBSD 4.0-CURRENT #43: Sat Mar  6 10:26:23 JST 1999     sanewo@muse:/usr/src/sys/compile/MUSE  i386
>Description:
On boot loader prompt, "unload" command causes panic and system restarts immediately.

>How-To-Repeat:
/boot/loader.rc contains:

load kernel
load -t userconfig_script pnp.conf
load -t splash_image_data onsenL8.BMP
load splash_bmp
autoboot

while "autoboot" countdown is in progress, type anything and enter loader prompt mode.
On loader prompt, type "unload" and you may see "panic" message.

>Fix:
I looked into the loader code and found that there is problem with the return value (string) of mod_searchfile().
The string, which is allocated by mod_searchfile(), will be free()ed when mod_searchfile() called next time.
"unload" command tries to free() that string (module name) again, and panics.

Quick fix will be to stop free()ing in mod_searchfile().


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dcs 
Responsible-Changed-By: dcs 
Responsible-Changed-When: Sun Mar 7 22:46:50 PST 1999 
Responsible-Changed-Why:  
I'm taking it (my previous "fix" might have changed semantics here). 
State-Changed-From-To: open->feedback 
State-Changed-By: dcs 
State-Changed-When: Mon Mar 8 02:30:57 PST 1999 
State-Changed-Why:  
Fix to a number of memory-related problems committed. As this 
particular PR was not reproducible here, feedback is required before 
closing. 

From: dcs@newsguy.com
To: freebsd-gnats-submit@freebsd.org, sanewo@ba2.so-net.ne.jp
Cc:  
Subject: Re:bin/10462:bootloaderpanicswith"unload"
Date: Mon, 8 Mar 1999 02:38:55 -0800 (PST)

 There was indeed problems with module.c, resulting from my previous
 commit there. Fix for these and other problems were just committed.
 As I was not able to reproduce the bug here, please test the fixes,
 to see if the problem seems to be corrected.
 
 

From: SANETO Takanori <sanewo@ba2.so-net.ne.jp>
To: dcs@newsguy.com
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: bin/10462:bootloaderpanicswith"unload" 
Date: Tue, 09 Mar 1999 08:06:37 +0900

 With same loader.rc, "unload" makes no panic anymore.
 
 The problem seems went away. Thanks!
 
 In article <199903081038.CAA56816@freefall.freebsd.org> 
 	dcs@newsguy.com  said:
 >There was indeed problems with module.c, resulting from my previous
 >commit there. Fix for these and other problems were just committed.
 >As I was not able to reproduce the bug here, please test the fixes,
 >to see if the problem seems to be corrected.
 -- 
 sanewo
 
State-Changed-From-To: feedback->closed 
State-Changed-By: dcs 
State-Changed-When: Tue Mar 9 03:31:39 PST 1999 
State-Changed-Why:  
Fixed. Thanks. 
>Unformatted:
