From pda@prism.uvsq.fr  Mon Jan 20 11:34:34 1997
Received: from soleil.uvsq.fr (soleil.uvsq.fr [193.51.24.1])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id LAA20640
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Jan 1997 11:34:32 -0800 (PST)
Received: from vagabond.prism.uvsq.fr (rtc103.reseau.uvsq.fr [193.51.24.19])
          by soleil.uvsq.fr (8.8.4/jtpda-5.2) with ESMTP id UAA03800
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Jan 1997 20:34:28 +0100 (MET)
Received: from (pda@localhost)
          by vagabond.prism.uvsq.fr (8.8.4/jtpda-5.2) id UAA00410
          ; Mon, 20 Jan 1997 20:30:25 +0100 (MET)
Message-Id: <199701201930.UAA00410@vagabond.prism.uvsq.fr>
Date: Mon, 20 Jan 1997 20:30:25 +0100 (MET)
From: pda@prism.uvsq.fr
Reply-To: pda@prism.uvsq.fr
To: FreeBSD-gnats-submit@freebsd.org
Subject: Fatal trap 12 with a GENERIC kernel and disabled PS/2 mouse
X-Send-Pr-Version: 3.2

>Number:         2540
>Category:       kern
>Synopsis:       Fatal trap 12 with a GENERIC kernel and disabled PS/2 mouse
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 20 11:40:06 PST 1997
>Closed-Date:    Mon Jan 20 13:45:44 PST 1997
>Last-Modified:  Mon Jan 20 13:46:53 PST 1997
>Originator:     Pierre David
>Release:        FreeBSD 2.2-BETA_A i386
>Organization:
Laboratoire PRiSM, Universite de Versailles - St Quentin, FRANCE
>Environment:

	Dell Latitude XPi 120 ST
	GENERIC kernel "out of the box" (=> with PS/2 mouse disabled)

>Description:

	Opening /dev/psm0 with a disabled PS/2 mouse (as supplied in
	the GENERIC kernel, for example) causes the system to crash.

	For example (with a kernel based on GENERIC, with DDB support
	added), and in single user mode (to save time between reboots ;-)

	Fatal trap 12: page fault while in kernel mode
	fault virtual address	= 0x8
	fault code		= supervisor read, page not present
	instruction pointer	= 0x8:0xf01c365b
	stack pointer		= 0x10:0xefbffdb4
	frame pointer		= 0x10:0xefbffdcc
	code segment		= base 0x0, limit 0xfffff, type 0x1b
				= DPL 0, pres 1, def32 1, gran 1
	processor eflags	= interrupt enabled, resume, IOPL = 0
	current process		= 15 (sh)
	interrupt mask		= 
	kernel: type 12 trap, code = 0
	Stopped at	_psmopen+0x1f:	cmpb $0,0x8(%ebx)
	db>

	db>x psm_softc
	_psm_sofc	0

	psm_softc [0] array is not initialized, if not probed.

>How-To-Repeat:

	cat < /dev/psm0

	or

	start the X server

>Fix:
	
	Here is a proposed fix:

	*** /usr/src/sys/i386/isa/psm.c.org	Thu Jan 16 23:25:51 1997
	--- /usr/src/sys/i386/isa/psm.c	Fri Jan 17 21:52:52 1997
	***************
	*** 781,787 ****
	      int stat[3];
	  
	      /* Validate unit number */
	!     if (unit >= NPSM)
		  return (ENXIO);
	  
	      /* Get device data */
	--- 781,787 ----
	      int stat[3];
	  
	      /* Validate unit number */
	!     if (unit >= NPSM || psm_softc [unit] == NULL)
		  return (ENXIO);
	  
	      /* Get device data */

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: nate 
State-Changed-When: Mon Jan 20 13:45:44 PST 1997 
State-Changed-Why:  
Thanks for the bug report.  This bug was fixed in both the 2.2 branch 
and in current recently, so the fix will be in the next '2.2' release, 
be it the actual release of 2.2-GAMMA. 
>Unformatted:
