From: Danny Feng <dfeng@redhat.com>
To: "Rafael J. Wysocki" <rjw@sisk.pl>
Cc: Alex Chiang <achiang@hp.com>,
lenb@kernel.org, bjorn.helgaas@hp.com, andrew.patterson@hp.com,
jbarnes@virtuousgeek.org, linux-acpi@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] acpi: pci_root: fix NULL pointer deref after resume from suspend
Date: Fri, 09 Oct 2009 09:17:29 +0800 [thread overview]
Message-ID: <4ACE8F29.3000804@redhat.com> (raw)
In-Reply-To: <200910040056.00247.rjw@sisk.pl>
On 10/04/2009 06:56 AM, Rafael J. Wysocki wrote:
> On Thursday 01 October 2009, Alex Chiang wrote:
>
>> Hi Danny,
>>
>> * Danny Feng<dfeng@redhat.com>:
>>
>>> Call Trace:
>>> [<ffffffff81254193>] acpi_get_pci_dev+0x106/0x167
>>> [<ffffffff8125545a>] acpi_pci_bind+0x1c/0x86
>>> [<ffffffff8116230a>] ? sysfs_create_file+0x2a/0x2c
>>> [<ffffffff8125141f>] acpi_add_single_object+0x964/0xa0c
>>> [<ffffffff812515a7>] acpi_bus_check_add+0xe0/0x138
>>> [<ffffffff81251667>] acpi_bus_scan+0x68/0xa0
>>> [<ffffffff812516f4>] acpi_bus_add+0x2a/0x2e
>>> [<ffffffff81252c59>] hotplug_dock_devices+0x114/0x13e
>>> [<ffffffff8125301a>] acpi_dock_deferred_cb+0xbf/0x192
>>> [<ffffffff8124d6ca>] acpi_os_execute_deferred+0x29/0x36
>>> [<ffffffff8106a244>] worker_thread+0x251/0x347
>>> [<ffffffff8106a1ef>] ? worker_thread+0x1fc/0x347
>>> [<ffffffff8124d6a1>] ? acpi_os_execute_deferred+0x0/0x36
>>> [<ffffffff8106e426>] ? autoremove_wake_function+0x0/0x39
>>> [<ffffffff81069ff3>] ? worker_thread+0x0/0x347
>>> [<ffffffff8106e0e0>] kthread+0x7f/0x87
>>> [<ffffffff81012cea>] child_rip+0xa/0x20
>>> [<ffffffff81012650>] ? restore_args+0x0/0x30
>>> [<ffffffff8106e061>] ? kthread+0x0/0x87
>>> [<ffffffff81012ce0>] ? child_rip+0x0/0x20
>>> Code: ff 49 89 fc 41 89 f5 a9 00 ff ff 07 74 11 be 87 00 00 00 48 c7 c7
>>> 45 6d 5a 81 e8 f6 2b e3 ff 48 c7 c7 30 ab 68 81 e8 29 77 20 00<49> 8b
>>> 5c 24 28 49 83 c4 28 eb 09 44 39 6b 38 74 10 48 89 c3 48
>>> RIP [<ffffffff812217e7>] pci_get_slot+0x4c/0x8c
>>> RSP<ffff88022ee69aa0>
>>> CR2: 0000000000000028
>>> ---[ end trace b5a7793bd9db2a4d ]---
>>>
>> Can you please reproduce with this debug patch? I'm guessing that
>> we're dying because we have a NULL parent device, but I'm curious
>> as to what causes this situation to occur.
>>
> If we had a NULL parent, acpi_get_parent() would return an error. Also, if we
> one of the devices is NULL at the PCI level, pci_get_slot() will return NULL.
> The only possibility left is that one of the buses we find in the ACPI tables
> doesn't have a secondary PCI bus.
>
> I think what happens is that on resume we get a dock notification
> (via dock_acpi_notifier registered in dock_init()) for a dock station device
> that is present in the ACPI tables, but not physically accessible at the moment
> (I guess that falls into the "BIOS bug" category, but we can fix this easily in
> the kernel).
>
> So, IMO, the appended patch is the right fix.
>
> Danny, please test it and report back (in particular, please tell us if you see
> the "Secondary bus not present" message in dmesg).
>
> Thanks,
> Rafael
>
>
> ---
> drivers/acpi/pci_root.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> Index: linux-2.6/drivers/acpi/pci_root.c
> ===================================================================
> --- linux-2.6.orig/drivers/acpi/pci_root.c
> +++ linux-2.6/drivers/acpi/pci_root.c
> @@ -389,6 +389,18 @@ struct pci_dev *acpi_get_pci_dev(acpi_ha
>
> pbus = pdev->subordinate;
> pci_dev_put(pdev);
> +
> + /*
> + * During resume from a sleep state we can get a dock
> + * notification for a device that is present in ACPI tables,
> + * but not physically accessible at the moment, so tell the
> + * caller it's not present.
> + */
> + if (!pbus) {
> + dev_info(&pdev->dev, "Secondary bus not present\n");
> + pdev = NULL;
> + break;
> + }
> }
> out:
> list_for_each_entry_safe(node, tmp,&device_list, node)
>
>
Sorry for the late response, just back from holidays. Will test it soon,
thanks.
next prev parent reply other threads:[~2009-10-09 1:19 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-28 6:31 [PATCH] acpi: pci_root: fix NULL pointer deref after resume from suspend Xiaotian Feng
2009-09-28 17:38 ` Alex Chiang
2009-09-28 20:43 ` Rafael J. Wysocki
2009-09-28 21:05 ` Rafael J. Wysocki
2009-09-28 22:20 ` Alex Chiang
2009-09-28 22:50 ` Rafael J. Wysocki
2009-09-29 10:11 ` Danny Feng
2009-09-29 20:08 ` Rafael J. Wysocki
2009-09-29 20:49 ` Alex Chiang
2009-09-29 23:31 ` Rafael J. Wysocki
2009-09-29 1:44 ` Danny Feng
2009-09-29 20:12 ` Rafael J. Wysocki
2009-09-30 2:46 ` Danny Feng
2009-09-30 21:26 ` Rafael J. Wysocki
2009-10-01 20:05 ` Alex Chiang
2009-10-03 22:56 ` Rafael J. Wysocki
2009-10-09 1:17 ` Danny Feng [this message]
2009-10-09 2:26 ` Danny Feng
2009-10-09 21:46 ` Rafael J. Wysocki
2009-10-12 3:05 ` Danny Feng
2009-10-09 1:16 ` Danny Feng
2009-10-09 2:28 ` Danny Feng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4ACE8F29.3000804@redhat.com \
--to=dfeng@redhat.com \
--cc=achiang@hp.com \
--cc=andrew.patterson@hp.com \
--cc=bjorn.helgaas@hp.com \
--cc=jbarnes@virtuousgeek.org \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rjw@sisk.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox