Return to BSD News archive
Path: sserve!manuel!munnari.oz.au!samsung!uakari.primate.wisc.edu!ames!agate!linus!linus.mitre.org!heckle!wheeler
From: wheeler@heckle.mitre.org (Brien L. Wheeler)
Newsgroups: comp.unix.bsd
Subject: 386BSD Bug in wd.c
Keywords: wd.c malloc bzero
Message-ID: <1992Jul30.024553.2340@linus.mitre.org>
Date: 30 Jul 92 02:45:53 GMT
Sender: wheeler@heckle (Brien L. Wheeler)
Organization: The MITRE Corporation, Bedford, MA
Lines: 76
Nntp-Posting-Host: heckle.mitre.org
I sent this bug report off to Lynne Jolitz tonight. Some non-initialized
memory in wd.c prevents my machine from warm-rebooting. Trivial context
diff attached.
The system really looks great -- thanks Bill and Lynne!
-----
BUG FINDER INFORMATION
NAME: Brien L. Wheeler
TITLE: Technical Staff
FIRM: The MITRE Corporation
ADDRESS: Mail Stop K331
202 Burlington Road
Bedford, MA 01730
COUNTRY: USA
PHONE: 617-271-2567
FAX: 617-271-2352
EMAIL: blw@mitre.org
PC INFORMATION
1. What is your PC system configuration? Please be
specific, as success can vary with a difference in
manufacture date or variation.
386/486/387: Zenith Z-386 (386 + 387) (16 MHz?)
ISA/EISA/SCSI: ISA
RAM size: 5 MB
drive(s) type and size: Winchester 80 MB (Seagate?)
Winchester 40 MB (Seagate?)
tape(s) type and size: None
ethernet type: WD 8013 Elite
graphics type: VGA
serial type:
parallel type:
other: None
Bugs
1. What bugs have you found in this system? Please attach
any pertinent printouts and system messages. Please
also attach any bug fixes for others to use.
In usr/src/sys.386bsd/i386/isa/wd.c, the memory malloc'd for a
new struct disk in wdprobe() is not bzero'd before its use. On
my machine, this prevents a warm reboot -- malloc grabs the same
memory as the previous boot sequence, and sees the disk as
already open (du->dk_state == 3). This causes wdsize() to return
a -1 to swapconf() (since dk_state is not zero the wdopen() is not
called, leaving val uninitialized, resulting in a return code of -1).
This screws everything up royally. The fix is easy -- bzero the
memory malloc'd in wdprobe(). Context diff follows.
-----
*** wd.c.orig Tue Jul 14 20:55:21 1992
--- wd.c Wed Jul 29 22:33:58 1992
***************
*** 149,154 ****
--- 149,155 ----
if ((du = wddrives[unit]) == 0) {
du = wddrives[unit] = (struct disk *)
malloc (sizeof(struct disk), M_TEMP, M_NOWAIT);
+ bzero(du, sizeof(*du));
du->dk_unit = unit;
}
--
Brien L. Wheeler | I don't speak for MITRE, and they
blw@mitre.org | don't speak for me.
"When I think back on all the crap I learned in high school..."