From sab@vegamuse.org Fri Feb 26 00:36:28 1999
Return-Path: <sab@vegamuse.org>
Received: from yang.vegamuse.org (unknown [206.239.71.148])
	by hub.freebsd.org (Postfix) with ESMTP id 3ED2414F11
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 26 Feb 1999 00:36:25 -0800 (PST)
	(envelope-from sab@vegamuse.org)
Received: (from sab@localhost)
	by yang.vegamuse.org (8.9.3/8.9.1) id DAA17158;
	Fri, 26 Feb 1999 03:30:17 -0500 (EST)
	(envelope-from sab)
Message-Id: <199902260830.DAA17158@yang.vegamuse.org>
Date: Fri, 26 Feb 1999 03:30:17 -0500 (EST)
From: sab@yin.vegamuse.org
Sender: sab@vegamuse.org
Reply-To: sab@yin.vegamuse.org
To: FreeBSD-gnats-submit@freebsd.org
Subject: Kernel crash with multiport serial enabled and misconfigured master port
X-Send-Pr-Version: 3.2

>Number:         10273
>Category:       i386
>Synopsis:       Kernel crash with multiport serial enabled and misconfigured master port
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 26 10:10:03 PST 1999
>Closed-Date:    Mon Mar 8 10:14:46 PST 1999
>Last-Modified:  Mon Mar  8 10:17:55 PST 1999
>Originator:     Stephen Kiernan
>Release:        FreeBSD 4.0-CURRENT i386
>Organization:
>Environment:

	BOCA 6-port multiport serial card

>Description:

	When multiport serial card is enabled in the kernel
	(options COM_MULTIPORT) and the master port is setup incorrectly
	(read: not configured), the kernel will panic on boot when it
	tries setting up one of the multiport card serial ports.
	There is a section of the sioattach code in i386/isa/sio.c which
	assumes that find_isadev will return a non-NULL pointer to a
	struct isa_device.  What will happen if the master port is not
	configured is find_isadev will return NULL and then the aforementioned
	section of code will access the id_irq structure member.  This causes
	the kernel to panic due to a NULL pointer reference.

>How-To-Repeat:

	Enabled multiport serial with multiport card installed.

	options COM_MULTIPORT

	Do not configure the master port with an irq

	Build the kernel and reboot.

	Watch the kernel try to set up the first multiport serial port and
	panic.

>Fix:
	
--- sio.c.orig	Fri Feb 26 02:48:27 1999
+++ sio.c	Fri Feb 26 02:58:09 1999
@@ -1027,13 +1027,15 @@
 
 #ifdef COM_MULTIPORT
 	if (COM_ISMULTIPORT(isdp)) {
+		struct isa_device	*idev;
 		com->multiport = TRUE;
 		printf(" (multiport");
 		if (unit == COM_MPMASTER(isdp))
 			printf(" master");
 		printf(")");
-		com->no_irq = find_isadev(isa_devtab_tty, &siodriver,
-					  COM_MPMASTER(isdp))->id_irq == 0;
+		idev = find_isadev(isa_devtab_tty, &siodriver,
+				   COM_MPMASTER(isdp));  
+		com->no_irq = (idev == NULL) || (idev->id_irq == 0);
 	 }
 #endif /* COM_MULTIPORT */
 	if (unit == comconsole)


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: bde 
State-Changed-When: Mon Mar 8 10:14:46 PST 1999 
State-Changed-Why:  
Patch applied with minor style changes. 
Fixed in rev.1.229 of sio.c in -current. 
Fixed in rev.1.224.2.2 of sio.c in RELENG_3. 
>Unformatted:
 
