From nobody@FreeBSD.ORG Wed May 19 21:42:41 1999
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 6688014D1A; Wed, 19 May 1999 21:42:41 -0700 (PDT)
Message-Id: <19990520044241.6688014D1A@hub.freebsd.org>
Date: Wed, 19 May 1999 21:42:41 -0700 (PDT)
From: aheffner@lakefield.net
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@freebsd.org
Subject: unload in boot loader can panic when using splash_bmp
X-Send-Pr-Version: www-1.0

>Number:         11795
>Category:       kern
>Synopsis:       unload in boot loader can panic when using splash_bmp
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 19 21:50:00 PDT 1999
>Closed-Date:    Thu May 20 09:56:07 PDT 1999
>Last-Modified:  Thu May 20 09:56:46 PDT 1999
>Originator:     Mike Heffner
>Release:        3.2-STABLE
>Organization:
>Environment:
FreeBSD enterprise.muriel.penguinpowered.com 3.2-BETA FreeBSD 3.2-BETA #0: Tue May 18 17:34:49 CDT 1999     spock@enterprise.muriel.penguinpowered.com:/usr/src/sys/compile/COOLWHIP  i386
>Description:
When using splash screens, loading the raw module object code splash_image_data with the file name of the splash screen image, should set the module name (m_name) to that of the image file name. It does within the scope of command_load(), but when leaving this function, the value is lost. When you attempt to unload modules, it will panic while trying to free() the name (mp->m_name) of the splash_image_data module. This panic occurs in mod_discard(). The system will immediately reboot.
>How-To-Repeat:
Use splash_image_data along with splash_bmp modules, and drop to 
the command prompt. Enter 'unload' to unload the modules. You should get:
panic: free: guard1 fail @ 0x----- < some memory address
you can also tell if it will fail when you check dmesg:
Preloaded splash_image_data " " at 0xc032709c.
should be:
Preloaded splash_image_data "/path/to/splash.bmp" at 0xc032709c.
>Fix:
This might not be the _best_ fix, but it works:
You need to change /usr/src/sys/boot/common/module.c
with this diff:
$ diff module.c.fixed module.c
267c267
<     mp->m_name = strdup(name);
---
>     mp->m_name = name;

and then recompile the /usr/src/boot sources.

>Release-Note:
>Audit-Trail:

From: "Daniel C. Sobral" <dcs@newsguy.com>
To: aheffner@lakefield.net
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: kern/11795: unload in boot loader can panic when using splash_bmp
Date: Fri, 21 May 1999 01:36:53 +0900

 aheffner@lakefield.net wrote:
 > 
 > This might not be the _best_ fix, but it works:
 > You need to change /usr/src/sys/boot/common/module.c
 > with this diff:
 > $ diff module.c.fixed module.c
 > 267c267
 > <     mp->m_name = strdup(name);
 > ---
 > >     mp->m_name = name;
 
 Actually this is not as trivial. My fault, anyway. I forgot to merge
 version 1.9. :-(
 
 I'll fix it asap.
 
 --
 Daniel C. Sobral			(8-DCS)
 dcs@newsguy.com
 dcs@freebsd.org
 
 	"If at first you don't succeed, skydiving is not for you."
 
State-Changed-From-To: open->closed 
State-Changed-By: dcs 
State-Changed-When: Thu May 20 09:56:07 PDT 1999 
State-Changed-Why:  
Unfortunate oversight. Fixes merged from current. Thanks. 
>Unformatted:
