* Kernel Null Pointer Dereference on Fedora with thinkpad_acpi @ 2025-03-30 5:19 Damian Tometzki 2025-03-30 6:01 ` Kurt Borja 0 siblings, 1 reply; 6+ messages in thread From: Damian Tometzki @ 2025-03-30 5:19 UTC (permalink / raw) To: hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List Hi together, I encountered a kernel crash on a Lenovo ThinkPad (BIOS N32ET95W 1.71) running Fedora with kernel 6.15 (merge window) 7f2ff7b62617. The issue is a NULL pointer dereference during initialization of the thinkpad_acpi module. The crash occurs in kobject_get() while handling RFKill device registration (tpacpi_new_rfkill → rfkill_register → device_add). With kernel 6.14 system boot´s fine Let me know if further logs or debugging info are needed. Below the short dump Mar 29 17:43:16.173712 fedora kernel: thinkpad_acpi: Disabling thinkpad-acpi brightness events by default... Mar 29 17:43:16.175636 fedora kernel: ACPI: bus type thunderbolt registered Mar 29 17:43:16.179626 fedora kernel: BUG: kernel NULL pointer dereference, address: 000000000000004c Mar 29 17:43:16.179689 fedora kernel: #PF: supervisor read access in kernel mode Mar 29 17:43:16.180235 fedora kernel: #PF: error_code(0x0000) - not-present page Mar 29 17:43:16.180290 fedora kernel: PGD 0 P4D 0 Mar 29 17:43:16.180325 fedora kernel: Oops: Oops: 0000 [#1] SMP NOPTI Mar 29 17:43:16.180340 fedora kernel: CPU: 6 UID: 0 PID: 1015 Comm: (udev-worker) Not tainted 6.14.0 #355 PREEMPT(lazy) Mar 29 17:43:16.180449 fedora kernel: Hardware name: LENOVO 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 Mar 29 17:43:16.180469 fedora kernel: RIP: 0010:kobject_get+0xd/0x70 Mar 29 17:43:16.180491 fedora kernel: Code: 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 53 48 89 fb 48 85 ff 74 1f <f6> 47 3c 01 74 22 48 8d 7b 38 b8 01 00> Mar 29 17:43:16.180506 fedora kernel: RSP: 0018:ffffd3d200b5f750 EFLAGS: 00010202 Mar 29 17:43:16.180523 fedora kernel: RAX: ffff8ebbc10fac00 RBX: 0000000000000010 RCX: 0000000000000000 Mar 29 17:43:16.180534 fedora kernel: RDX: 0000000000000000 RSI: ffffffff9aebafa0 RDI: 0000000000000010 Mar 29 17:43:16.180547 fedora kernel: RBP: ffff8ebbd49f4b88 R08: 0000000000000100 R09: 0000000000000000 Mar 29 17:43:16.180559 fedora kernel: R10: ffffd3d200b5f760 R11: 0000000000000008 R12: 0000000000000010 Mar 29 17:43:16.180573 fedora kernel: R13: ffff8ebbc8b12388 R14: ffffffffc14a7500 R15: 0000000000000000 Mar 29 17:43:16.180587 fedora kernel: FS: 00007f1aa7c15040(0000) GS:ffff8ebf72546000(0000) knlGS:0000000000000000 Mar 29 17:43:16.180606 fedora kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Mar 29 17:43:16.180630 fedora kernel: CR2: 000000000000004c CR3: 0000000113948001 CR4: 0000000000f70ef0 Mar 29 17:43:16.180642 fedora kernel: PKRU: 55555554 Mar 29 17:43:16.180654 fedora kernel: Call Trace: Mar 29 17:43:16.180664 fedora kernel: <TASK> Mar 29 17:43:16.180676 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 Mar 29 17:43:16.180688 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 Mar 29 17:43:16.180704 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 Mar 29 17:43:16.180712 fedora kernel: ? device_add+0x8f/0x6e0 Mar 29 17:43:16.180724 fedora kernel: ? __die_body.cold+0x8/0x12 Mar 29 17:43:16.180739 fedora kernel: ? page_fault_oops+0x146/0x180 Mar 29 17:43:16.180748 fedora kernel: ? exc_page_fault+0x7e/0x1a0 Mar 29 17:43:16.180758 fedora kernel: ? asm_exc_page_fault+0x26/0x30 Mar 29 17:43:16.180769 fedora kernel: ? __pfx_klist_children_get+0x10/0x10 Mar 29 17:43:16.180781 fedora kernel: ? kobject_get+0xd/0x70 Mar 29 17:43:16.180792 fedora kernel: device_add+0x8f/0x6e0 Mar 29 17:43:16.180804 fedora kernel: rfkill_register+0xbc/0x2c0 [rfkill] Mar 29 17:43:16.180813 fedora kernel: tpacpi_new_rfkill+0x185/0x230 [thinkpad_acpi] Mar 29 17:43:16.180826 fedora kernel: ibm_init+0x66/0x2a0 [thinkpad_acpi] Mar 29 17:43:16.180840 fedora kernel: tpacpi_pdriver_probe+0x160/0x250 [thinkpad_acpi] Mar 29 17:43:16.180852 fedora kernel: platform_probe+0x41/0xa0 Mar 29 17:43:16.180887 fedora kernel: really_probe+0xdb/0x340 Mar 29 17:43:16.180900 fedora kernel: ? pm_runtime_barrier+0x55/0x90 Mar 29 17:43:16.180912 fedora kernel: ? __pfx___driver_attach+0x10/0x10 Mar 29 17:43:16.180920 fedora kernel: __driver_probe_device+0x78/0x140 Mar 29 17:43:16.180932 fedora kernel: driver_probe_device+0x1f/0xa0 Mar 29 17:43:16.180942 fedora kernel: __driver_attach+0xb8/0x1d0 Mar 29 17:43:16.180954 fedora kernel: bus_for_each_dev+0x82/0xd0 Mar 29 17:43:16.180966 fedora kernel: bus_add_driver+0x12f/0x210 Mar 29 17:43:16.180976 fedora kernel: driver_register+0x72/0xd0 Mar 29 17:43:16.180988 fedora kernel: __platform_driver_probe+0x45/0x90 Mar 29 17:43:16.180999 fedora kernel: __platform_create_bundle+0xe7/0x100 Mar 29 17:43:16.181011 fedora kernel: ? __pfx_tpacpi_pdriver_probe+0x10/0x10 [thinkpad_acpi] Mar 29 17:43:16.181025 fedora kernel: ? __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] Mar 29 17:43:16.181035 fedora kernel: thinkpad_acpi_module_init+0x37e/0x430 [thinkpad_acpi] Mar 29 17:43:16.181045 fedora kernel: do_one_initcall+0x58/0x300 Mar 29 17:43:16.181053 fedora kernel: do_init_module+0x82/0x240 Mar 29 17:43:16.181065 fedora kernel: init_module_from_file+0x8b/0xe0 Mar 29 17:43:16.181073 fedora kernel: idempotent_init_module+0x113/0x310 Mar 29 17:43:16.181083 fedora kernel: __x64_sys_finit_module+0x67/0xc0 Mar 29 17:43:16.181093 fedora kernel: do_syscall_64+0x7f/0x170 Mar 29 17:43:16.181103 fedora kernel: ? syscall_exit_to_user_mode+0x1d5/0x210 Mar 29 17:43:16.181112 fedora kernel: ? do_syscall_64+0x8c/0x170 Mar 29 17:43:16.181124 fedora kernel: ? syscall_exit_to_user_mode_prepare+0x14a/0x180 Mar 29 17:43:16.181135 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 Mar 29 17:43:16.181144 fedora kernel: ? do_syscall_64+0x8c/0x170 Mar 29 17:43:16.181152 fedora kernel: ? syscall_exit_to_user_mode_prepare+0x14a/0x180 Mar 29 17:43:16.181163 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 Mar 29 17:43:16.181173 fedora kernel: ? do_syscall_64+0x8c/0x170 Mar 29 17:43:16.181182 fedora kernel: ? seq_read_iter+0x20e/0x480 Mar 29 17:43:16.181198 fedora kernel: ? vfs_read+0x29b/0x370 Mar 29 17:43:16.181217 fedora kernel: ? __seccomp_filter+0x41/0x4e0 Mar 29 17:43:16.181233 fedora kernel: ? syscall_exit_to_user_mode_prepare+0x14a/0x180 Mar 29 17:43:16.181250 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 Mar 29 17:43:16.181264 fedora kernel: ? do_syscall_64+0x8c/0x170 Mar 29 17:43:16.181280 fedora kernel: ? do_syscall_64+0x8c/0x170 Mar 29 17:43:16.181292 fedora kernel: ? syscall_exit_to_user_mode_prepare+0x14a/0x180 Mar 29 17:43:16.181316 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 Mar 29 17:43:16.181331 fedora kernel: ? clear_bhb_loop+0x35/0x90 Mar 29 17:43:16.181341 fedora kernel: ? clear_bhb_loop+0x35/0x90 Mar 29 17:43:16.181351 fedora kernel: ? clear_bhb_loop+0x35/0x90 Mar 29 17:43:16.181360 fedora kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e Mar 29 17:43:16.181372 fedora kernel: RIP: 0033:0x7f1aa84c5a8d Mar 29 17:43:16.181381 fedora kernel: Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 4b> Mar 29 17:43:16.181392 fedora kernel: RSP: 002b:00007ffe5ca79bc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 Mar 29 17:43:16.181406 fedora kernel: RAX: ffffffffffffffda RBX: 00005610a8c7deb0 RCX: 00007f1aa84c5a8d Mar 29 17:43:16.181419 fedora kernel: RDX: 0000000000000000 RSI: 00007f1aa7b88965 RDI: 0000000000000032 Mar 29 17:43:16.181431 fedora kernel: RBP: 00007ffe5ca79c80 R08: 0000000000000000 R09: 00007ffe5ca79c30 Mar 29 17:43:16.181441 fedora kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000020000 Mar 29 17:43:16.181448 fedora kernel: R13: 00005610a8c7f880 R14: 00007f1aa7b88965 R15: 0000000000000000 Mar 29 17:43:16.181458 fedora kernel: </TASK> Mar 29 17:43:16.181472 fedora kernel: Modules linked in: cfg80211(+) thunderbolt(+) thinkpad_acpi(+) igen6_edac intel_soc_dts_iosf platform_profile snd soundcore int3403_thermal int340x_thermal_zone soc_button_> Mar 29 17:43:16.181784 fedora kernel: CR2: 000000000000004c Mar 29 17:43:16.181806 fedora kernel: ---[ end trace 0000000000000000 ]--- Best regards Damian ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Kernel Null Pointer Dereference on Fedora with thinkpad_acpi 2025-03-30 5:19 Kernel Null Pointer Dereference on Fedora with thinkpad_acpi Damian Tometzki @ 2025-03-30 6:01 ` Kurt Borja 2025-03-30 6:28 ` Damian Tometzki 0 siblings, 1 reply; 6+ messages in thread From: Kurt Borja @ 2025-03-30 6:01 UTC (permalink / raw) To: Damian Tometzki, hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List [-- Attachment #1.1: Type: text/plain, Size: 8910 bytes --] Hi Damian, On Sun Mar 30, 2025 at 2:19 AM -03, Damian Tometzki wrote: > Hi together, > > I encountered a kernel crash on a Lenovo ThinkPad (BIOS N32ET95W 1.71) > running Fedora with kernel 6.15 (merge window) 7f2ff7b62617. The issue > is a NULL pointer dereference during initialization of the > thinkpad_acpi module. The crash occurs in kobject_get() while handling > RFKill device registration (tpacpi_new_rfkill → rfkill_register → > device_add). > With kernel 6.14 system boot´s fine > > Let me know if further logs or debugging info are needed. Below the short dump > > Mar 29 17:43:16.173712 fedora kernel: thinkpad_acpi: Disabling > thinkpad-acpi brightness events by default... > Mar 29 17:43:16.175636 fedora kernel: ACPI: bus type thunderbolt registered > Mar 29 17:43:16.179626 fedora kernel: BUG: kernel NULL pointer > dereference, address: 000000000000004c > Mar 29 17:43:16.179689 fedora kernel: #PF: supervisor read access in kernel mode > Mar 29 17:43:16.180235 fedora kernel: #PF: error_code(0x0000) - not-present page > Mar 29 17:43:16.180290 fedora kernel: PGD 0 P4D 0 > Mar 29 17:43:16.180325 fedora kernel: Oops: Oops: 0000 [#1] SMP NOPTI > Mar 29 17:43:16.180340 fedora kernel: CPU: 6 UID: 0 PID: 1015 Comm: > (udev-worker) Not tainted 6.14.0 #355 PREEMPT(lazy) > Mar 29 17:43:16.180449 fedora kernel: Hardware name: LENOVO > 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 > Mar 29 17:43:16.180469 fedora kernel: RIP: 0010:kobject_get+0xd/0x70 > Mar 29 17:43:16.180491 fedora kernel: Code: 66 66 2e 0f 1f 84 00 00 00 > 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e > fa 53 48 89 fb 48 85 ff 74 1f <f6> 47 3c 01 74 22 48 8d 7b 38 b8 01 > 00> > Mar 29 17:43:16.180506 fedora kernel: RSP: 0018:ffffd3d200b5f750 > EFLAGS: 00010202 > Mar 29 17:43:16.180523 fedora kernel: RAX: ffff8ebbc10fac00 RBX: > 0000000000000010 RCX: 0000000000000000 > Mar 29 17:43:16.180534 fedora kernel: RDX: 0000000000000000 RSI: > ffffffff9aebafa0 RDI: 0000000000000010 > Mar 29 17:43:16.180547 fedora kernel: RBP: ffff8ebbd49f4b88 R08: > 0000000000000100 R09: 0000000000000000 > Mar 29 17:43:16.180559 fedora kernel: R10: ffffd3d200b5f760 R11: > 0000000000000008 R12: 0000000000000010 > Mar 29 17:43:16.180573 fedora kernel: R13: ffff8ebbc8b12388 R14: > ffffffffc14a7500 R15: 0000000000000000 > Mar 29 17:43:16.180587 fedora kernel: FS: 00007f1aa7c15040(0000) > GS:ffff8ebf72546000(0000) knlGS:0000000000000000 > Mar 29 17:43:16.180606 fedora kernel: CS: 0010 DS: 0000 ES: 0000 CR0: > 0000000080050033 > Mar 29 17:43:16.180630 fedora kernel: CR2: 000000000000004c CR3: > 0000000113948001 CR4: 0000000000f70ef0 > Mar 29 17:43:16.180642 fedora kernel: PKRU: 55555554 > Mar 29 17:43:16.180654 fedora kernel: Call Trace: > Mar 29 17:43:16.180664 fedora kernel: <TASK> > Mar 29 17:43:16.180676 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > Mar 29 17:43:16.180688 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > Mar 29 17:43:16.180704 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > Mar 29 17:43:16.180712 fedora kernel: ? device_add+0x8f/0x6e0 > Mar 29 17:43:16.180724 fedora kernel: ? __die_body.cold+0x8/0x12 > Mar 29 17:43:16.180739 fedora kernel: ? page_fault_oops+0x146/0x180 > Mar 29 17:43:16.180748 fedora kernel: ? exc_page_fault+0x7e/0x1a0 > Mar 29 17:43:16.180758 fedora kernel: ? asm_exc_page_fault+0x26/0x30 > Mar 29 17:43:16.180769 fedora kernel: ? __pfx_klist_children_get+0x10/0x10 > Mar 29 17:43:16.180781 fedora kernel: ? kobject_get+0xd/0x70 > Mar 29 17:43:16.180792 fedora kernel: device_add+0x8f/0x6e0 > Mar 29 17:43:16.180804 fedora kernel: rfkill_register+0xbc/0x2c0 [rfkill] > Mar 29 17:43:16.180813 fedora kernel: tpacpi_new_rfkill+0x185/0x230 > [thinkpad_acpi] > Mar 29 17:43:16.180826 fedora kernel: ibm_init+0x66/0x2a0 [thinkpad_acpi] > Mar 29 17:43:16.180840 fedora kernel: > tpacpi_pdriver_probe+0x160/0x250 [thinkpad_acpi] > Mar 29 17:43:16.180852 fedora kernel: platform_probe+0x41/0xa0 > Mar 29 17:43:16.180887 fedora kernel: really_probe+0xdb/0x340 > Mar 29 17:43:16.180900 fedora kernel: ? pm_runtime_barrier+0x55/0x90 > Mar 29 17:43:16.180912 fedora kernel: ? __pfx___driver_attach+0x10/0x10 > Mar 29 17:43:16.180920 fedora kernel: __driver_probe_device+0x78/0x140 > Mar 29 17:43:16.180932 fedora kernel: driver_probe_device+0x1f/0xa0 > Mar 29 17:43:16.180942 fedora kernel: __driver_attach+0xb8/0x1d0 > Mar 29 17:43:16.180954 fedora kernel: bus_for_each_dev+0x82/0xd0 > Mar 29 17:43:16.180966 fedora kernel: bus_add_driver+0x12f/0x210 > Mar 29 17:43:16.180976 fedora kernel: driver_register+0x72/0xd0 > Mar 29 17:43:16.180988 fedora kernel: __platform_driver_probe+0x45/0x90 > Mar 29 17:43:16.180999 fedora kernel: __platform_create_bundle+0xe7/0x100 > Mar 29 17:43:16.181011 fedora kernel: ? > __pfx_tpacpi_pdriver_probe+0x10/0x10 [thinkpad_acpi] > Mar 29 17:43:16.181025 fedora kernel: ? > __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] > Mar 29 17:43:16.181035 fedora kernel: > thinkpad_acpi_module_init+0x37e/0x430 [thinkpad_acpi] > Mar 29 17:43:16.181045 fedora kernel: do_one_initcall+0x58/0x300 > Mar 29 17:43:16.181053 fedora kernel: do_init_module+0x82/0x240 > Mar 29 17:43:16.181065 fedora kernel: init_module_from_file+0x8b/0xe0 > Mar 29 17:43:16.181073 fedora kernel: idempotent_init_module+0x113/0x310 > Mar 29 17:43:16.181083 fedora kernel: __x64_sys_finit_module+0x67/0xc0 > Mar 29 17:43:16.181093 fedora kernel: do_syscall_64+0x7f/0x170 > Mar 29 17:43:16.181103 fedora kernel: ? syscall_exit_to_user_mode+0x1d5/0x210 > Mar 29 17:43:16.181112 fedora kernel: ? do_syscall_64+0x8c/0x170 > Mar 29 17:43:16.181124 fedora kernel: ? > syscall_exit_to_user_mode_prepare+0x14a/0x180 > Mar 29 17:43:16.181135 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > Mar 29 17:43:16.181144 fedora kernel: ? do_syscall_64+0x8c/0x170 > Mar 29 17:43:16.181152 fedora kernel: ? > syscall_exit_to_user_mode_prepare+0x14a/0x180 > Mar 29 17:43:16.181163 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > Mar 29 17:43:16.181173 fedora kernel: ? do_syscall_64+0x8c/0x170 > Mar 29 17:43:16.181182 fedora kernel: ? seq_read_iter+0x20e/0x480 > Mar 29 17:43:16.181198 fedora kernel: ? vfs_read+0x29b/0x370 > Mar 29 17:43:16.181217 fedora kernel: ? __seccomp_filter+0x41/0x4e0 > Mar 29 17:43:16.181233 fedora kernel: ? > syscall_exit_to_user_mode_prepare+0x14a/0x180 > Mar 29 17:43:16.181250 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > Mar 29 17:43:16.181264 fedora kernel: ? do_syscall_64+0x8c/0x170 > Mar 29 17:43:16.181280 fedora kernel: ? do_syscall_64+0x8c/0x170 > Mar 29 17:43:16.181292 fedora kernel: ? > syscall_exit_to_user_mode_prepare+0x14a/0x180 > Mar 29 17:43:16.181316 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > Mar 29 17:43:16.181331 fedora kernel: ? clear_bhb_loop+0x35/0x90 > Mar 29 17:43:16.181341 fedora kernel: ? clear_bhb_loop+0x35/0x90 > Mar 29 17:43:16.181351 fedora kernel: ? clear_bhb_loop+0x35/0x90 > Mar 29 17:43:16.181360 fedora kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e > Mar 29 17:43:16.181372 fedora kernel: RIP: 0033:0x7f1aa84c5a8d > Mar 29 17:43:16.181381 fedora kernel: Code: ff c3 66 2e 0f 1f 84 00 00 > 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 > 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d > 4b> > Mar 29 17:43:16.181392 fedora kernel: RSP: 002b:00007ffe5ca79bc8 > EFLAGS: 00000246 ORIG_RAX: 0000000000000139 > Mar 29 17:43:16.181406 fedora kernel: RAX: ffffffffffffffda RBX: > 00005610a8c7deb0 RCX: 00007f1aa84c5a8d > Mar 29 17:43:16.181419 fedora kernel: RDX: 0000000000000000 RSI: > 00007f1aa7b88965 RDI: 0000000000000032 > Mar 29 17:43:16.181431 fedora kernel: RBP: 00007ffe5ca79c80 R08: > 0000000000000000 R09: 00007ffe5ca79c30 > Mar 29 17:43:16.181441 fedora kernel: R10: 0000000000000000 R11: > 0000000000000246 R12: 0000000000020000 > Mar 29 17:43:16.181448 fedora kernel: R13: 00005610a8c7f880 R14: > 00007f1aa7b88965 R15: 0000000000000000 > Mar 29 17:43:16.181458 fedora kernel: </TASK> > Mar 29 17:43:16.181472 fedora kernel: Modules linked in: cfg80211(+) > thunderbolt(+) thinkpad_acpi(+) igen6_edac intel_soc_dts_iosf > platform_profile snd soundcore int3403_thermal int340x_thermal_zone > soc_button_> > Mar 29 17:43:16.181784 fedora kernel: CR2: 000000000000004c > Mar 29 17:43:16.181806 fedora kernel: ---[ end trace 0000000000000000 ]--- > > Best regards > Damian Hmmm - I have a feeling about this one. Can you apply and test the attached proposed patch? If you do please verify if the problem persist and if the driver has all the features present before the regression. If everything goes nicely, feel free to add a Tested-by: tag for when I submit this. -- ~ Kurt [-- Attachment #2: 0001-platform-x86-thinkpad_acpi-Fix-rfkill-null-pointer-d.patch --] [-- Type: text/x-patch, Size: 2223 bytes --] From 671b687742abf66bfa755a253ee33dd061b2e35f Mon Sep 17 00:00:00 2001 From: Kurt Borja <kuurtb@gmail.com> Date: Sun, 30 Mar 2025 02:53:26 -0300 Subject: [PATCH] platform/x86: thinkpad_acpi: Fix rfkill null pointer deref Signed-off-by: Kurt Borja <kuurtb@gmail.com> --- drivers/platform/x86/thinkpad_acpi.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c index 0384cf311878..1d4e9fa21808 100644 --- a/drivers/platform/x86/thinkpad_acpi.c +++ b/drivers/platform/x86/thinkpad_acpi.c @@ -367,6 +367,7 @@ static struct { u32 beep_needs_two_args:1; u32 mixer_no_level_control:1; u32 battery_force_primary:1; + u32 platform_drv_registered:1; u32 hotkey_poll_active:1; u32 has_adaptive_kbd:1; u32 kbd_lang:1; @@ -11820,10 +11821,10 @@ static void thinkpad_acpi_module_exit(void) platform_device_unregister(tpacpi_sensors_pdev); } - if (tpacpi_pdev) { + if (tp_features.platform_drv_registered) platform_driver_unregister(&tpacpi_pdriver); + if (tpacpi_pdev) platform_device_unregister(tpacpi_pdev); - } if (proc_dir) remove_proc_entry(TPACPI_PROC_DIR, acpi_root_dir); @@ -11965,16 +11966,24 @@ static int __init thinkpad_acpi_module_init(void) tp_features.quirks = dmi_id->driver_data; /* Device initialization */ - tpacpi_pdev = platform_create_bundle(&tpacpi_pdriver, tpacpi_pdriver_probe, - NULL, 0, NULL, 0); + tpacpi_pdev = platform_device_register_simple(TPACPI_DRVR_NAME, PLATFORM_DEVID_NONE, + NULL, 0); if (IS_ERR(tpacpi_pdev)) { ret = PTR_ERR(tpacpi_pdev); tpacpi_pdev = NULL; - pr_err("unable to register platform device/driver bundle\n"); + pr_err("unable to register platform device\n"); thinkpad_acpi_module_exit(); return ret; } + ret = platform_driver_probe(&tpacpi_pdriver, tpacpi_pdriver_probe); + if (ret) { + pr_err("unable to register main platform driver\n"); + thinkpad_acpi_module_exit(); + return ret; + } + tp_features.platform_drv_registered = 1; + tpacpi_sensors_pdev = platform_create_bundle(&tpacpi_hwmon_pdriver, tpacpi_hwmon_pdriver_probe, NULL, 0, NULL, 0); -- 2.49.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: Kernel Null Pointer Dereference on Fedora with thinkpad_acpi 2025-03-30 6:01 ` Kurt Borja @ 2025-03-30 6:28 ` Damian Tometzki 2025-03-30 6:47 ` Kurt Borja 0 siblings, 1 reply; 6+ messages in thread From: Damian Tometzki @ 2025-03-30 6:28 UTC (permalink / raw) To: Kurt Borja Cc: hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List On Sun, Mar 30, 2025 at 8:01 AM Kurt Borja <kuurtb@gmail.com> wrote: > > Hi Damian, > > On Sun Mar 30, 2025 at 2:19 AM -03, Damian Tometzki wrote: > > Hi together, > > > > I encountered a kernel crash on a Lenovo ThinkPad (BIOS N32ET95W 1.71) > > running Fedora with kernel 6.15 (merge window) 7f2ff7b62617. The issue > > is a NULL pointer dereference during initialization of the > > thinkpad_acpi module. The crash occurs in kobject_get() while handling > > RFKill device registration (tpacpi_new_rfkill → rfkill_register → > > device_add). > > With kernel 6.14 system boot´s fine > > > > Let me know if further logs or debugging info are needed. Below the short dump > > > > Mar 29 17:43:16.173712 fedora kernel: thinkpad_acpi: Disabling > > thinkpad-acpi brightness events by default... > > Mar 29 17:43:16.175636 fedora kernel: ACPI: bus type thunderbolt registered > > Mar 29 17:43:16.179626 fedora kernel: BUG: kernel NULL pointer > > dereference, address: 000000000000004c > > Mar 29 17:43:16.179689 fedora kernel: #PF: supervisor read access in kernel mode > > Mar 29 17:43:16.180235 fedora kernel: #PF: error_code(0x0000) - not-present page > > Mar 29 17:43:16.180290 fedora kernel: PGD 0 P4D 0 > > Mar 29 17:43:16.180325 fedora kernel: Oops: Oops: 0000 [#1] SMP NOPTI > > Mar 29 17:43:16.180340 fedora kernel: CPU: 6 UID: 0 PID: 1015 Comm: > > (udev-worker) Not tainted 6.14.0 #355 PREEMPT(lazy) > > Mar 29 17:43:16.180449 fedora kernel: Hardware name: LENOVO > > 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 > > Mar 29 17:43:16.180469 fedora kernel: RIP: 0010:kobject_get+0xd/0x70 > > Mar 29 17:43:16.180491 fedora kernel: Code: 66 66 2e 0f 1f 84 00 00 00 > > 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e > > fa 53 48 89 fb 48 85 ff 74 1f <f6> 47 3c 01 74 22 48 8d 7b 38 b8 01 > > 00> > > Mar 29 17:43:16.180506 fedora kernel: RSP: 0018:ffffd3d200b5f750 > > EFLAGS: 00010202 > > Mar 29 17:43:16.180523 fedora kernel: RAX: ffff8ebbc10fac00 RBX: > > 0000000000000010 RCX: 0000000000000000 > > Mar 29 17:43:16.180534 fedora kernel: RDX: 0000000000000000 RSI: > > ffffffff9aebafa0 RDI: 0000000000000010 > > Mar 29 17:43:16.180547 fedora kernel: RBP: ffff8ebbd49f4b88 R08: > > 0000000000000100 R09: 0000000000000000 > > Mar 29 17:43:16.180559 fedora kernel: R10: ffffd3d200b5f760 R11: > > 0000000000000008 R12: 0000000000000010 > > Mar 29 17:43:16.180573 fedora kernel: R13: ffff8ebbc8b12388 R14: > > ffffffffc14a7500 R15: 0000000000000000 > > Mar 29 17:43:16.180587 fedora kernel: FS: 00007f1aa7c15040(0000) > > GS:ffff8ebf72546000(0000) knlGS:0000000000000000 > > Mar 29 17:43:16.180606 fedora kernel: CS: 0010 DS: 0000 ES: 0000 CR0: > > 0000000080050033 > > Mar 29 17:43:16.180630 fedora kernel: CR2: 000000000000004c CR3: > > 0000000113948001 CR4: 0000000000f70ef0 > > Mar 29 17:43:16.180642 fedora kernel: PKRU: 55555554 > > Mar 29 17:43:16.180654 fedora kernel: Call Trace: > > Mar 29 17:43:16.180664 fedora kernel: <TASK> > > Mar 29 17:43:16.180676 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > > Mar 29 17:43:16.180688 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > > Mar 29 17:43:16.180704 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > > Mar 29 17:43:16.180712 fedora kernel: ? device_add+0x8f/0x6e0 > > Mar 29 17:43:16.180724 fedora kernel: ? __die_body.cold+0x8/0x12 > > Mar 29 17:43:16.180739 fedora kernel: ? page_fault_oops+0x146/0x180 > > Mar 29 17:43:16.180748 fedora kernel: ? exc_page_fault+0x7e/0x1a0 > > Mar 29 17:43:16.180758 fedora kernel: ? asm_exc_page_fault+0x26/0x30 > > Mar 29 17:43:16.180769 fedora kernel: ? __pfx_klist_children_get+0x10/0x10 > > Mar 29 17:43:16.180781 fedora kernel: ? kobject_get+0xd/0x70 > > Mar 29 17:43:16.180792 fedora kernel: device_add+0x8f/0x6e0 > > Mar 29 17:43:16.180804 fedora kernel: rfkill_register+0xbc/0x2c0 [rfkill] > > Mar 29 17:43:16.180813 fedora kernel: tpacpi_new_rfkill+0x185/0x230 > > [thinkpad_acpi] > > Mar 29 17:43:16.180826 fedora kernel: ibm_init+0x66/0x2a0 [thinkpad_acpi] > > Mar 29 17:43:16.180840 fedora kernel: > > tpacpi_pdriver_probe+0x160/0x250 [thinkpad_acpi] > > Mar 29 17:43:16.180852 fedora kernel: platform_probe+0x41/0xa0 > > Mar 29 17:43:16.180887 fedora kernel: really_probe+0xdb/0x340 > > Mar 29 17:43:16.180900 fedora kernel: ? pm_runtime_barrier+0x55/0x90 > > Mar 29 17:43:16.180912 fedora kernel: ? __pfx___driver_attach+0x10/0x10 > > Mar 29 17:43:16.180920 fedora kernel: __driver_probe_device+0x78/0x140 > > Mar 29 17:43:16.180932 fedora kernel: driver_probe_device+0x1f/0xa0 > > Mar 29 17:43:16.180942 fedora kernel: __driver_attach+0xb8/0x1d0 > > Mar 29 17:43:16.180954 fedora kernel: bus_for_each_dev+0x82/0xd0 > > Mar 29 17:43:16.180966 fedora kernel: bus_add_driver+0x12f/0x210 > > Mar 29 17:43:16.180976 fedora kernel: driver_register+0x72/0xd0 > > Mar 29 17:43:16.180988 fedora kernel: __platform_driver_probe+0x45/0x90 > > Mar 29 17:43:16.180999 fedora kernel: __platform_create_bundle+0xe7/0x100 > > Mar 29 17:43:16.181011 fedora kernel: ? > > __pfx_tpacpi_pdriver_probe+0x10/0x10 [thinkpad_acpi] > > Mar 29 17:43:16.181025 fedora kernel: ? > > __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] > > Mar 29 17:43:16.181035 fedora kernel: > > thinkpad_acpi_module_init+0x37e/0x430 [thinkpad_acpi] > > Mar 29 17:43:16.181045 fedora kernel: do_one_initcall+0x58/0x300 > > Mar 29 17:43:16.181053 fedora kernel: do_init_module+0x82/0x240 > > Mar 29 17:43:16.181065 fedora kernel: init_module_from_file+0x8b/0xe0 > > Mar 29 17:43:16.181073 fedora kernel: idempotent_init_module+0x113/0x310 > > Mar 29 17:43:16.181083 fedora kernel: __x64_sys_finit_module+0x67/0xc0 > > Mar 29 17:43:16.181093 fedora kernel: do_syscall_64+0x7f/0x170 > > Mar 29 17:43:16.181103 fedora kernel: ? syscall_exit_to_user_mode+0x1d5/0x210 > > Mar 29 17:43:16.181112 fedora kernel: ? do_syscall_64+0x8c/0x170 > > Mar 29 17:43:16.181124 fedora kernel: ? > > syscall_exit_to_user_mode_prepare+0x14a/0x180 > > Mar 29 17:43:16.181135 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > > Mar 29 17:43:16.181144 fedora kernel: ? do_syscall_64+0x8c/0x170 > > Mar 29 17:43:16.181152 fedora kernel: ? > > syscall_exit_to_user_mode_prepare+0x14a/0x180 > > Mar 29 17:43:16.181163 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > > Mar 29 17:43:16.181173 fedora kernel: ? do_syscall_64+0x8c/0x170 > > Mar 29 17:43:16.181182 fedora kernel: ? seq_read_iter+0x20e/0x480 > > Mar 29 17:43:16.181198 fedora kernel: ? vfs_read+0x29b/0x370 > > Mar 29 17:43:16.181217 fedora kernel: ? __seccomp_filter+0x41/0x4e0 > > Mar 29 17:43:16.181233 fedora kernel: ? > > syscall_exit_to_user_mode_prepare+0x14a/0x180 > > Mar 29 17:43:16.181250 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > > Mar 29 17:43:16.181264 fedora kernel: ? do_syscall_64+0x8c/0x170 > > Mar 29 17:43:16.181280 fedora kernel: ? do_syscall_64+0x8c/0x170 > > Mar 29 17:43:16.181292 fedora kernel: ? > > syscall_exit_to_user_mode_prepare+0x14a/0x180 > > Mar 29 17:43:16.181316 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > > Mar 29 17:43:16.181331 fedora kernel: ? clear_bhb_loop+0x35/0x90 > > Mar 29 17:43:16.181341 fedora kernel: ? clear_bhb_loop+0x35/0x90 > > Mar 29 17:43:16.181351 fedora kernel: ? clear_bhb_loop+0x35/0x90 > > Mar 29 17:43:16.181360 fedora kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e > > Mar 29 17:43:16.181372 fedora kernel: RIP: 0033:0x7f1aa84c5a8d > > Mar 29 17:43:16.181381 fedora kernel: Code: ff c3 66 2e 0f 1f 84 00 00 > > 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 > > 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d > > 4b> > > Mar 29 17:43:16.181392 fedora kernel: RSP: 002b:00007ffe5ca79bc8 > > EFLAGS: 00000246 ORIG_RAX: 0000000000000139 > > Mar 29 17:43:16.181406 fedora kernel: RAX: ffffffffffffffda RBX: > > 00005610a8c7deb0 RCX: 00007f1aa84c5a8d > > Mar 29 17:43:16.181419 fedora kernel: RDX: 0000000000000000 RSI: > > 00007f1aa7b88965 RDI: 0000000000000032 > > Mar 29 17:43:16.181431 fedora kernel: RBP: 00007ffe5ca79c80 R08: > > 0000000000000000 R09: 00007ffe5ca79c30 > > Mar 29 17:43:16.181441 fedora kernel: R10: 0000000000000000 R11: > > 0000000000000246 R12: 0000000000020000 > > Mar 29 17:43:16.181448 fedora kernel: R13: 00005610a8c7f880 R14: > > 00007f1aa7b88965 R15: 0000000000000000 > > Mar 29 17:43:16.181458 fedora kernel: </TASK> > > Mar 29 17:43:16.181472 fedora kernel: Modules linked in: cfg80211(+) > > thunderbolt(+) thinkpad_acpi(+) igen6_edac intel_soc_dts_iosf > > platform_profile snd soundcore int3403_thermal int340x_thermal_zone > > soc_button_> > > Mar 29 17:43:16.181784 fedora kernel: CR2: 000000000000004c > > Mar 29 17:43:16.181806 fedora kernel: ---[ end trace 0000000000000000 ]--- > > > > Best regards > > Damian > > Hmmm - I have a feeling about this one. > > Can you apply and test the attached proposed patch? If you do please > verify if the problem persist and if the driver has all the features > present before the regression. > > If everything goes nicely, feel free to add a Tested-by: tag for when I > submit this. > > -- > ~ Kurt Hi Kurt, many thnaks for the fast response. With this patch my system boot again but i have other dump in dmesg 3.719602] input: ThinkPad Extra Buttons as /devices/platform/thinkpad_acpi/input/input14 [ 3.720189] idma64 idma64.0: Found Intel integrated DMA 64-bit [ 3.737008] BUG: kernel NULL pointer dereference, address: 00000000000002a0 [ 3.737014] #PF: supervisor read access in kernel mode [ 3.737016] #PF: error_code(0x0000) - not-present page [ 3.737018] PGD 0 P4D 0 [ 3.737022] Oops: Oops: 0000 [#1] SMP NOPTI [ 3.737026] CPU: 3 UID: 0 PID: 772 Comm: (udev-worker) Not tainted 6.14.0 #357 PREEMPT(lazy) [ 3.737029] Hardware name: LENOVO 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 [ 3.737031] RIP: 0010:device_property_present+0x9/0x20 [ 3.737039] Code: cc cc 31 c0 c3 cc cc cc cc 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 <48> 8b bf 90 02 00 00 e9 5b ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 [ 3.737042] RSP: 0018:ffffcfedc0deb7e8 EFLAGS: 00010202 [ 3.737045] RAX: ffff8d37d5c05810 RBX: 0000000000000010 RCX: 0000000000000000 [ 3.737047] RDX: 0000000000000000 RSI: ffffffff8feded5f RDI: 0000000000000010 [ 3.737049] RBP: ffff8d37d5c05800 R08: 0000000000000400 R09: 0000000000000000 [ 3.737050] R10: ffffcfedc0deb7f0 R11: 0000000000000000 R12: 0000000000000000 [ 3.737052] R13: ffffffffc14c66c0 R14: ffffffffc14d9b8a R15: ffff8d37ccb0de68 [ 3.737054] FS: 00007ff510cec040(0000) GS:ffff8d3b7e3c4000(0000) knlGS:0000000000000000 [ 3.737056] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.737058] CR2: 00000000000002a0 CR3: 0000000115b28001 CR4: 0000000000f70ef0 [ 3.737060] PKRU: 55555554 [ 3.737061] Call Trace: [ 3.737064] <TASK> [ 3.737068] ? show_trace_log_lvl+0x1d2/0x2f0 [ 3.737073] ? show_trace_log_lvl+0x1d2/0x2f0 [ 3.737075] ? show_trace_log_lvl+0x1d2/0x2f0 [ 3.737079] ? __hwmon_device_register+0x2cd/0x550 [ 3.737084] ? __die_body.cold+0x8/0x12 [ 3.737087] ? page_fault_oops+0x146/0x180 [ 3.737093] ? exc_page_fault+0x7e/0x1a0 [ 3.737098] ? asm_exc_page_fault+0x26/0x30 [ 3.737104] ? device_property_present+0x9/0x20 [ 3.737106] __hwmon_device_register+0x2cd/0x550 [ 3.737111] devm_hwmon_device_register_with_groups+0x6d/0xc0 [ 3.737116] tpacpi_hwmon_pdriver_probe+0x29/0x60 [thinkpad_acpi] [ 3.737132] platform_probe+0x41/0xa0 [ 3.737136] really_probe+0xdb/0x340 [ 3.737140] ? pm_runtime_barrier+0x55/0x90 [ 3.737144] ? __pfx___driver_attach+0x10/0x10 [ 3.737147] __driver_probe_device+0x78/0x140 [ 3.737149] driver_probe_device+0x1f/0xa0 [ 3.737153] __driver_attach+0xb8/0x1d0 [ 3.737156] bus_for_each_dev+0x82/0xd0 [ 3.737159] bus_add_driver+0x12f/0x210 [ 3.737162] driver_register+0x72/0xd0 [ 3.737165] __platform_driver_probe+0x45/0x90 [ 3.737167] __platform_create_bundle+0xe7/0x100 [ 3.737170] ? __pfx_tpacpi_hwmon_pdriver_probe+0x10/0x10 [thinkpad_acpi] [ 3.737180] ? __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] [ 3.737190] thinkpad_acpi_module_init+0x417/0x470 [thinkpad_acpi] [ 3.737201] do_one_initcall+0x58/0x300 [ 3.737207] do_init_module+0x82/0x240 [ 3.737211] init_module_from_file+0x8b/0xe0 [ 3.737215] idempotent_init_module+0x113/0x310 [ 3.737218] __x64_sys_finit_module+0x67/0xc0 [ 3.737221] do_syscall_64+0x7f/0x170 [ 3.737225] ? syscall_exit_to_user_mode+0x1d5/0x210 [ 3.737229] ? do_syscall_64+0x8c/0x170 [ 3.737231] ? rseq_get_rseq_cs+0x1d/0x220 [ 3.737236] ? rseq_ip_fixup+0x8c/0x1d0 [ 3.737239] ? __seccomp_filter+0x41/0x4e0 [ 3.737243] ? syscall_exit_to_user_mode_prepare+0x14a/0x180 [ 3.737246] ? syscall_exit_to_user_mode+0x10/0x210 [ 3.737249] ? do_syscall_64+0x8c/0x170 [ 3.737252] ? __x64_sys_close+0x3d/0x80 [ 3.737256] ? kmem_cache_free+0x399/0x440 [ 3.737261] ? syscall_exit_to_user_mode_prepare+0x14a/0x180 [ 3.737264] ? syscall_exit_to_user_mode+0x10/0x210 [ 3.737267] ? do_syscall_64+0x8c/0x170 [ 3.737270] ? do_syscall_64+0x8c/0x170 [ 3.737272] ? clear_bhb_loop+0x35/0x90 [ 3.737275] ? clear_bhb_loop+0x35/0x90 [ 3.737277] ? clear_bhb_loop+0x35/0x90 [ 3.737280] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 3.737283] RIP: 0033:0x7ff5114ffa8d [ 3.737287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 4b 63 0f 00 f7 d8 64 89 01 48 [ 3.737289] RSP: 002b:00007ffe378c0848 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 3.737291] RAX: ffffffffffffffda RBX: 0000564e7ff98630 RCX: 00007ff5114ffa8d [ 3.737293] RDX: 0000000000000000 RSI: 00007ff510c5f965 RDI: 000000000000002d [ 3.737295] RBP: 00007ffe378c0900 R08: 0000000000000000 R09: 00007ffe378c08b0 [ 3.737297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000020000 [ 3.737298] R13: 0000564e802a2620 R14: 00007ff510c5f965 R15: 0000000000000000 [ 3.737301] </TASK> [ 3.737303] Modules linked in: snd_pcm pcspkr(+) think_lmi(+) snd_ctl_led spi_intel_pci intel_rapl_common i2c_i801 processor_thermal_wt_req processor_thermal_power_floor wmi_bmof firmware_attributes_class cfg80211 idma64 snd_timer spi_intel mei i2c_smbus processor_thermal_mbox thunderbolt(+) igen6_edac intel_soc_dts_iosf thinkpad_acpi(+) platform_profile snd soc_button_array soundcore int3403_thermal int340x_thermal_zone intel_pmc_core intel_hid sparse_keymap int3400_thermal acpi_thermal_rel pmt_telemetry acpi_pad pmt_class acpi_tad joydev loop nfnetlink zram lz4hc_compress lz4_compress bnep xe drm_ttm_helper drm_suballoc_helper gpu_sched drm_gpuvm drm_exec drm_gpusvm btusb btrtl btintel btbcm btmtk bluetooth rfkill i915 hid_multitouch polyval_clmulni nvme polyval_generic i2c_algo_bit nvme_core ghash_clmulni_intel drm_buddy sha512_ssse3 video ttm sha256_ssse3 nvme_keyring sha1_ssse3 ucsi_acpi drm_display_helper nvme_auth typec_ucsi i2c_hid_acpi intel_vsec cec typec i2c_hid wmi pinctrl_tigerlake serio_raw fuse [ 3.737373] CR2: 00000000000002a0 [ 3.737376] ---[ end trace 0000000000000000 ]--- [ 3.737377] RIP: 0010:device_property_present+0x9/0x20 [ 3.737381] Code: cc cc 31 c0 c3 cc cc cc cc 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 <48> 8b bf 90 02 00 00 e9 5b ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 [ 3.737383] RSP: 0018:ffffcfedc0deb7e8 EFLAGS: 00010202 [ 3.737386] RAX: ffff8d37d5c05810 RBX: 0000000000000010 RCX: 0000000000000000 [ 3.737388] RDX: 0000000000000000 RSI: ffffffff8feded5f RDI: 0000000000000010 [ 3.737389] RBP: ffff8d37d5c05800 R08: 0000000000000400 R09: 0000000000000000 [ 3.737391] R10: ffffcfedc0deb7f0 R11: 0000000000000000 R12: 0000000000000000 [ 3.737393] R13: ffffffffc14c66c0 R14: ffffffffc14d9b8a R15: ffff8d37ccb0de68 [ 3.737394] FS: 00007ff510cec040(0000) GS:ffff8d3b7e3c4000(0000) knlGS:0000000000000000 [ 3.737397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.737398] CR2: 00000000000002a0 CR3: 0000000115b28001 CR4: 0000000000f70ef0 [ 3.737400] PKRU: 55555554 [ 3.737402] note: (udev-worker)[772] exited with irqs disabled [ 3.746619] mc: Linux media interface: v0.10 [ 3.750063] input: PC Speaker as /devices/platform/pcspkr/input/input15 [ 3.755922] resource: resource sanity check: requesting [mem 0x00000000fedc0000-0x00000000fedcdfff], which spans more than pnp 00:05 [mem 0xfedc0000-0xfedc7fff] [ 3.755929] caller uncore_get_box_mmio_addr+0xe6/0x150 [intel_uncore] mapping multiple BARs [ 3.796862] intel_rapl_msr: PL4 support detected. [ 3.796919] intel_rapl_common: Found RAPL domain package [ 3.796924] intel_rapl_common: Found RAPL domain core [ 3.796926] intel_rapl_common: Found RAPL domain uncore [ 3.796929] intel_rapl_common: Found RAPL domain psys [ 3.926269] i801_smbus 0000:00:1f.4: SMBus is busy, can't use it! Best regards Damian ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Kernel Null Pointer Dereference on Fedora with thinkpad_acpi 2025-03-30 6:28 ` Damian Tometzki @ 2025-03-30 6:47 ` Kurt Borja 2025-03-30 10:16 ` Damian Tometzki 0 siblings, 1 reply; 6+ messages in thread From: Kurt Borja @ 2025-03-30 6:47 UTC (permalink / raw) To: Damian Tometzki Cc: hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List [-- Attachment #1.1: Type: text/plain, Size: 9789 bytes --] On Sun Mar 30, 2025 at 3:28 AM -03, Damian Tometzki wrote: > On Sun, Mar 30, 2025 at 8:01 AM Kurt Borja <kuurtb@gmail.com> wrote: >> >> Hi Damian, >> >> On Sun Mar 30, 2025 at 2:19 AM -03, Damian Tometzki wrote: >> > Hi together, >> > >> > I encountered a kernel crash on a Lenovo ThinkPad (BIOS N32ET95W 1.71) >> > running Fedora with kernel 6.15 (merge window) 7f2ff7b62617. The issue >> > is a NULL pointer dereference during initialization of the >> > thinkpad_acpi module. The crash occurs in kobject_get() while handling >> > RFKill device registration (tpacpi_new_rfkill → rfkill_register → >> > device_add). >> > With kernel 6.14 system boot´s fine >> > >> > Let me know if further logs or debugging info are needed. Below the short dump >> > >> > Mar 29 17:43:16.173712 fedora kernel: thinkpad_acpi: Disabling >> > thinkpad-acpi brightness events by default... >> > Mar 29 17:43:16.175636 fedora kernel: ACPI: bus type thunderbolt registered >> > Mar 29 17:43:16.179626 fedora kernel: BUG: kernel NULL pointer >> > dereference, address: 000000000000004c >> > Mar 29 17:43:16.179689 fedora kernel: #PF: supervisor read access in kernel mode >> > Mar 29 17:43:16.180235 fedora kernel: #PF: error_code(0x0000) - not-present page >> > Mar 29 17:43:16.180290 fedora kernel: PGD 0 P4D 0 >> > Mar 29 17:43:16.180325 fedora kernel: Oops: Oops: 0000 [#1] SMP NOPTI >> > Mar 29 17:43:16.180340 fedora kernel: CPU: 6 UID: 0 PID: 1015 Comm: >> > (udev-worker) Not tainted 6.14.0 #355 PREEMPT(lazy) >> > Mar 29 17:43:16.180449 fedora kernel: Hardware name: LENOVO >> > 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 >> > Mar 29 17:43:16.180469 fedora kernel: RIP: 0010:kobject_get+0xd/0x70 >> > Mar 29 17:43:16.180491 fedora kernel: Code: 66 66 2e 0f 1f 84 00 00 00 >> > 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e >> > fa 53 48 89 fb 48 85 ff 74 1f <f6> 47 3c 01 74 22 48 8d 7b 38 b8 01 >> > 00> >> > Mar 29 17:43:16.180506 fedora kernel: RSP: 0018:ffffd3d200b5f750 >> > EFLAGS: 00010202 >> > Mar 29 17:43:16.180523 fedora kernel: RAX: ffff8ebbc10fac00 RBX: >> > 0000000000000010 RCX: 0000000000000000 >> > Mar 29 17:43:16.180534 fedora kernel: RDX: 0000000000000000 RSI: >> > ffffffff9aebafa0 RDI: 0000000000000010 >> > Mar 29 17:43:16.180547 fedora kernel: RBP: ffff8ebbd49f4b88 R08: >> > 0000000000000100 R09: 0000000000000000 >> > Mar 29 17:43:16.180559 fedora kernel: R10: ffffd3d200b5f760 R11: >> > 0000000000000008 R12: 0000000000000010 >> > Mar 29 17:43:16.180573 fedora kernel: R13: ffff8ebbc8b12388 R14: >> > ffffffffc14a7500 R15: 0000000000000000 >> > Mar 29 17:43:16.180587 fedora kernel: FS: 00007f1aa7c15040(0000) >> > GS:ffff8ebf72546000(0000) knlGS:0000000000000000 >> > Mar 29 17:43:16.180606 fedora kernel: CS: 0010 DS: 0000 ES: 0000 CR0: >> > 0000000080050033 >> > Mar 29 17:43:16.180630 fedora kernel: CR2: 000000000000004c CR3: >> > 0000000113948001 CR4: 0000000000f70ef0 >> > Mar 29 17:43:16.180642 fedora kernel: PKRU: 55555554 >> > Mar 29 17:43:16.180654 fedora kernel: Call Trace: >> > Mar 29 17:43:16.180664 fedora kernel: <TASK> >> > Mar 29 17:43:16.180676 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 >> > Mar 29 17:43:16.180688 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 >> > Mar 29 17:43:16.180704 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 >> > Mar 29 17:43:16.180712 fedora kernel: ? device_add+0x8f/0x6e0 >> > Mar 29 17:43:16.180724 fedora kernel: ? __die_body.cold+0x8/0x12 >> > Mar 29 17:43:16.180739 fedora kernel: ? page_fault_oops+0x146/0x180 >> > Mar 29 17:43:16.180748 fedora kernel: ? exc_page_fault+0x7e/0x1a0 >> > Mar 29 17:43:16.180758 fedora kernel: ? asm_exc_page_fault+0x26/0x30 >> > Mar 29 17:43:16.180769 fedora kernel: ? __pfx_klist_children_get+0x10/0x10 >> > Mar 29 17:43:16.180781 fedora kernel: ? kobject_get+0xd/0x70 >> > Mar 29 17:43:16.180792 fedora kernel: device_add+0x8f/0x6e0 >> > Mar 29 17:43:16.180804 fedora kernel: rfkill_register+0xbc/0x2c0 [rfkill] >> > Mar 29 17:43:16.180813 fedora kernel: tpacpi_new_rfkill+0x185/0x230 >> > [thinkpad_acpi] >> > Mar 29 17:43:16.180826 fedora kernel: ibm_init+0x66/0x2a0 [thinkpad_acpi] >> > Mar 29 17:43:16.180840 fedora kernel: >> > tpacpi_pdriver_probe+0x160/0x250 [thinkpad_acpi] >> > Mar 29 17:43:16.180852 fedora kernel: platform_probe+0x41/0xa0 >> > Mar 29 17:43:16.180887 fedora kernel: really_probe+0xdb/0x340 >> > Mar 29 17:43:16.180900 fedora kernel: ? pm_runtime_barrier+0x55/0x90 >> > Mar 29 17:43:16.180912 fedora kernel: ? __pfx___driver_attach+0x10/0x10 >> > Mar 29 17:43:16.180920 fedora kernel: __driver_probe_device+0x78/0x140 >> > Mar 29 17:43:16.180932 fedora kernel: driver_probe_device+0x1f/0xa0 >> > Mar 29 17:43:16.180942 fedora kernel: __driver_attach+0xb8/0x1d0 >> > Mar 29 17:43:16.180954 fedora kernel: bus_for_each_dev+0x82/0xd0 >> > Mar 29 17:43:16.180966 fedora kernel: bus_add_driver+0x12f/0x210 >> > Mar 29 17:43:16.180976 fedora kernel: driver_register+0x72/0xd0 >> > Mar 29 17:43:16.180988 fedora kernel: __platform_driver_probe+0x45/0x90 >> > Mar 29 17:43:16.180999 fedora kernel: __platform_create_bundle+0xe7/0x100 >> > Mar 29 17:43:16.181011 fedora kernel: ? >> > __pfx_tpacpi_pdriver_probe+0x10/0x10 [thinkpad_acpi] >> > Mar 29 17:43:16.181025 fedora kernel: ? >> > __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] >> > Mar 29 17:43:16.181035 fedora kernel: >> > thinkpad_acpi_module_init+0x37e/0x430 [thinkpad_acpi] >> > Mar 29 17:43:16.181045 fedora kernel: do_one_initcall+0x58/0x300 >> > Mar 29 17:43:16.181053 fedora kernel: do_init_module+0x82/0x240 >> > Mar 29 17:43:16.181065 fedora kernel: init_module_from_file+0x8b/0xe0 >> > Mar 29 17:43:16.181073 fedora kernel: idempotent_init_module+0x113/0x310 >> > Mar 29 17:43:16.181083 fedora kernel: __x64_sys_finit_module+0x67/0xc0 >> > Mar 29 17:43:16.181093 fedora kernel: do_syscall_64+0x7f/0x170 >> > Mar 29 17:43:16.181103 fedora kernel: ? syscall_exit_to_user_mode+0x1d5/0x210 >> > Mar 29 17:43:16.181112 fedora kernel: ? do_syscall_64+0x8c/0x170 >> > Mar 29 17:43:16.181124 fedora kernel: ? >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 >> > Mar 29 17:43:16.181135 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 >> > Mar 29 17:43:16.181144 fedora kernel: ? do_syscall_64+0x8c/0x170 >> > Mar 29 17:43:16.181152 fedora kernel: ? >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 >> > Mar 29 17:43:16.181163 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 >> > Mar 29 17:43:16.181173 fedora kernel: ? do_syscall_64+0x8c/0x170 >> > Mar 29 17:43:16.181182 fedora kernel: ? seq_read_iter+0x20e/0x480 >> > Mar 29 17:43:16.181198 fedora kernel: ? vfs_read+0x29b/0x370 >> > Mar 29 17:43:16.181217 fedora kernel: ? __seccomp_filter+0x41/0x4e0 >> > Mar 29 17:43:16.181233 fedora kernel: ? >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 >> > Mar 29 17:43:16.181250 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 >> > Mar 29 17:43:16.181264 fedora kernel: ? do_syscall_64+0x8c/0x170 >> > Mar 29 17:43:16.181280 fedora kernel: ? do_syscall_64+0x8c/0x170 >> > Mar 29 17:43:16.181292 fedora kernel: ? >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 >> > Mar 29 17:43:16.181316 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 >> > Mar 29 17:43:16.181331 fedora kernel: ? clear_bhb_loop+0x35/0x90 >> > Mar 29 17:43:16.181341 fedora kernel: ? clear_bhb_loop+0x35/0x90 >> > Mar 29 17:43:16.181351 fedora kernel: ? clear_bhb_loop+0x35/0x90 >> > Mar 29 17:43:16.181360 fedora kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e >> > Mar 29 17:43:16.181372 fedora kernel: RIP: 0033:0x7f1aa84c5a8d >> > Mar 29 17:43:16.181381 fedora kernel: Code: ff c3 66 2e 0f 1f 84 00 00 >> > 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 >> > 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d >> > 4b> >> > Mar 29 17:43:16.181392 fedora kernel: RSP: 002b:00007ffe5ca79bc8 >> > EFLAGS: 00000246 ORIG_RAX: 0000000000000139 >> > Mar 29 17:43:16.181406 fedora kernel: RAX: ffffffffffffffda RBX: >> > 00005610a8c7deb0 RCX: 00007f1aa84c5a8d >> > Mar 29 17:43:16.181419 fedora kernel: RDX: 0000000000000000 RSI: >> > 00007f1aa7b88965 RDI: 0000000000000032 >> > Mar 29 17:43:16.181431 fedora kernel: RBP: 00007ffe5ca79c80 R08: >> > 0000000000000000 R09: 00007ffe5ca79c30 >> > Mar 29 17:43:16.181441 fedora kernel: R10: 0000000000000000 R11: >> > 0000000000000246 R12: 0000000000020000 >> > Mar 29 17:43:16.181448 fedora kernel: R13: 00005610a8c7f880 R14: >> > 00007f1aa7b88965 R15: 0000000000000000 >> > Mar 29 17:43:16.181458 fedora kernel: </TASK> >> > Mar 29 17:43:16.181472 fedora kernel: Modules linked in: cfg80211(+) >> > thunderbolt(+) thinkpad_acpi(+) igen6_edac intel_soc_dts_iosf >> > platform_profile snd soundcore int3403_thermal int340x_thermal_zone >> > soc_button_> >> > Mar 29 17:43:16.181784 fedora kernel: CR2: 000000000000004c >> > Mar 29 17:43:16.181806 fedora kernel: ---[ end trace 0000000000000000 ]--- >> > >> > Best regards >> > Damian >> >> Hmmm - I have a feeling about this one. >> >> Can you apply and test the attached proposed patch? If you do please >> verify if the problem persist and if the driver has all the features >> present before the regression. >> >> If everything goes nicely, feel free to add a Tested-by: tag for when I >> submit this. >> >> -- >> ~ Kurt > > Hi Kurt, > > many thnaks for the fast response. > With this patch my system boot again but i have other dump in dmesg Oh, makes sense. It's the same problem but it was hidden because of the previous one. The attached patch should fix it. -- ~ Kurt [-- Attachment #2: 0001-platform-x86-thinkpad_acpi-Fix-rfkill-null-pointer-d.patch --] [-- Type: text/x-patch, Size: 2733 bytes --] From 4cd53867580d85128ef81bd076e423faf4069076 Mon Sep 17 00:00:00 2001 From: Kurt Borja <kuurtb@gmail.com> Date: Sun, 30 Mar 2025 02:53:26 -0300 Subject: [PATCH] platform/x86: thinkpad_acpi: Fix rfkill null pointer deref Signed-off-by: Kurt Borja <kuurtb@gmail.com> --- drivers/platform/x86/thinkpad_acpi.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c index 0384cf311878..a17efb68664c 100644 --- a/drivers/platform/x86/thinkpad_acpi.c +++ b/drivers/platform/x86/thinkpad_acpi.c @@ -367,6 +367,7 @@ static struct { u32 beep_needs_two_args:1; u32 mixer_no_level_control:1; u32 battery_force_primary:1; + u32 platform_drv_registered:1; u32 hotkey_poll_active:1; u32 has_adaptive_kbd:1; u32 kbd_lang:1; @@ -11820,10 +11821,10 @@ static void thinkpad_acpi_module_exit(void) platform_device_unregister(tpacpi_sensors_pdev); } - if (tpacpi_pdev) { + if (tp_features.platform_drv_registered) platform_driver_unregister(&tpacpi_pdriver); + if (tpacpi_pdev) platform_device_unregister(tpacpi_pdev); - } if (proc_dir) remove_proc_entry(TPACPI_PROC_DIR, acpi_root_dir); @@ -11893,9 +11894,8 @@ static int __init tpacpi_pdriver_probe(struct platform_device *pdev) static int __init tpacpi_hwmon_pdriver_probe(struct platform_device *pdev) { - tpacpi_hwmon = devm_hwmon_device_register_with_groups( - &tpacpi_sensors_pdev->dev, TPACPI_NAME, NULL, tpacpi_hwmon_groups); - + tpacpi_hwmon = devm_hwmon_device_register_with_groups(&pdev->dev, TPACPI_NAME, + NULL, tpacpi_hwmon_groups); if (IS_ERR(tpacpi_hwmon)) pr_err("unable to register hwmon device\n"); @@ -11965,16 +11965,24 @@ static int __init thinkpad_acpi_module_init(void) tp_features.quirks = dmi_id->driver_data; /* Device initialization */ - tpacpi_pdev = platform_create_bundle(&tpacpi_pdriver, tpacpi_pdriver_probe, - NULL, 0, NULL, 0); + tpacpi_pdev = platform_device_register_simple(TPACPI_DRVR_NAME, PLATFORM_DEVID_NONE, + NULL, 0); if (IS_ERR(tpacpi_pdev)) { ret = PTR_ERR(tpacpi_pdev); tpacpi_pdev = NULL; - pr_err("unable to register platform device/driver bundle\n"); + pr_err("unable to register platform device\n"); thinkpad_acpi_module_exit(); return ret; } + ret = platform_driver_probe(&tpacpi_pdriver, tpacpi_pdriver_probe); + if (ret) { + pr_err("unable to register main platform driver\n"); + thinkpad_acpi_module_exit(); + return ret; + } + tp_features.platform_drv_registered = 1; + tpacpi_sensors_pdev = platform_create_bundle(&tpacpi_hwmon_pdriver, tpacpi_hwmon_pdriver_probe, NULL, 0, NULL, 0); -- 2.49.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: Kernel Null Pointer Dereference on Fedora with thinkpad_acpi 2025-03-30 6:47 ` Kurt Borja @ 2025-03-30 10:16 ` Damian Tometzki 2025-03-30 15:41 ` Kurt Borja 0 siblings, 1 reply; 6+ messages in thread From: Damian Tometzki @ 2025-03-30 10:16 UTC (permalink / raw) To: Kurt Borja Cc: hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List Hello Kurt, hello together, I successfully tested the patch on my ThinkPad X1. System boots normally without errors. Tested-by: Damian Tometzki <damian@riscv-rocks.de> Best regards Damian On Sun, Mar 30, 2025 at 8:47 AM Kurt Borja <kuurtb@gmail.com> wrote: > > On Sun Mar 30, 2025 at 3:28 AM -03, Damian Tometzki wrote: > > On Sun, Mar 30, 2025 at 8:01 AM Kurt Borja <kuurtb@gmail.com> wrote: > >> > >> Hi Damian, > >> > >> On Sun Mar 30, 2025 at 2:19 AM -03, Damian Tometzki wrote: > >> > Hi together, > >> > > >> > I encountered a kernel crash on a Lenovo ThinkPad (BIOS N32ET95W 1.71) > >> > running Fedora with kernel 6.15 (merge window) 7f2ff7b62617. The issue > >> > is a NULL pointer dereference during initialization of the > >> > thinkpad_acpi module. The crash occurs in kobject_get() while handling > >> > RFKill device registration (tpacpi_new_rfkill → rfkill_register → > >> > device_add). > >> > With kernel 6.14 system boot´s fine > >> > > >> > Let me know if further logs or debugging info are needed. Below the short dump > >> > > >> > Mar 29 17:43:16.173712 fedora kernel: thinkpad_acpi: Disabling > >> > thinkpad-acpi brightness events by default... > >> > Mar 29 17:43:16.175636 fedora kernel: ACPI: bus type thunderbolt registered > >> > Mar 29 17:43:16.179626 fedora kernel: BUG: kernel NULL pointer > >> > dereference, address: 000000000000004c > >> > Mar 29 17:43:16.179689 fedora kernel: #PF: supervisor read access in kernel mode > >> > Mar 29 17:43:16.180235 fedora kernel: #PF: error_code(0x0000) - not-present page > >> > Mar 29 17:43:16.180290 fedora kernel: PGD 0 P4D 0 > >> > Mar 29 17:43:16.180325 fedora kernel: Oops: Oops: 0000 [#1] SMP NOPTI > >> > Mar 29 17:43:16.180340 fedora kernel: CPU: 6 UID: 0 PID: 1015 Comm: > >> > (udev-worker) Not tainted 6.14.0 #355 PREEMPT(lazy) > >> > Mar 29 17:43:16.180449 fedora kernel: Hardware name: LENOVO > >> > 20XWCTO1WW/20XWCTO1WW, BIOS N32ET95W (1.71 ) 10/24/2024 > >> > Mar 29 17:43:16.180469 fedora kernel: RIP: 0010:kobject_get+0xd/0x70 > >> > Mar 29 17:43:16.180491 fedora kernel: Code: 66 66 2e 0f 1f 84 00 00 00 > >> > 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e > >> > fa 53 48 89 fb 48 85 ff 74 1f <f6> 47 3c 01 74 22 48 8d 7b 38 b8 01 > >> > 00> > >> > Mar 29 17:43:16.180506 fedora kernel: RSP: 0018:ffffd3d200b5f750 > >> > EFLAGS: 00010202 > >> > Mar 29 17:43:16.180523 fedora kernel: RAX: ffff8ebbc10fac00 RBX: > >> > 0000000000000010 RCX: 0000000000000000 > >> > Mar 29 17:43:16.180534 fedora kernel: RDX: 0000000000000000 RSI: > >> > ffffffff9aebafa0 RDI: 0000000000000010 > >> > Mar 29 17:43:16.180547 fedora kernel: RBP: ffff8ebbd49f4b88 R08: > >> > 0000000000000100 R09: 0000000000000000 > >> > Mar 29 17:43:16.180559 fedora kernel: R10: ffffd3d200b5f760 R11: > >> > 0000000000000008 R12: 0000000000000010 > >> > Mar 29 17:43:16.180573 fedora kernel: R13: ffff8ebbc8b12388 R14: > >> > ffffffffc14a7500 R15: 0000000000000000 > >> > Mar 29 17:43:16.180587 fedora kernel: FS: 00007f1aa7c15040(0000) > >> > GS:ffff8ebf72546000(0000) knlGS:0000000000000000 > >> > Mar 29 17:43:16.180606 fedora kernel: CS: 0010 DS: 0000 ES: 0000 CR0: > >> > 0000000080050033 > >> > Mar 29 17:43:16.180630 fedora kernel: CR2: 000000000000004c CR3: > >> > 0000000113948001 CR4: 0000000000f70ef0 > >> > Mar 29 17:43:16.180642 fedora kernel: PKRU: 55555554 > >> > Mar 29 17:43:16.180654 fedora kernel: Call Trace: > >> > Mar 29 17:43:16.180664 fedora kernel: <TASK> > >> > Mar 29 17:43:16.180676 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > >> > Mar 29 17:43:16.180688 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > >> > Mar 29 17:43:16.180704 fedora kernel: ? show_trace_log_lvl+0x1d2/0x2f0 > >> > Mar 29 17:43:16.180712 fedora kernel: ? device_add+0x8f/0x6e0 > >> > Mar 29 17:43:16.180724 fedora kernel: ? __die_body.cold+0x8/0x12 > >> > Mar 29 17:43:16.180739 fedora kernel: ? page_fault_oops+0x146/0x180 > >> > Mar 29 17:43:16.180748 fedora kernel: ? exc_page_fault+0x7e/0x1a0 > >> > Mar 29 17:43:16.180758 fedora kernel: ? asm_exc_page_fault+0x26/0x30 > >> > Mar 29 17:43:16.180769 fedora kernel: ? __pfx_klist_children_get+0x10/0x10 > >> > Mar 29 17:43:16.180781 fedora kernel: ? kobject_get+0xd/0x70 > >> > Mar 29 17:43:16.180792 fedora kernel: device_add+0x8f/0x6e0 > >> > Mar 29 17:43:16.180804 fedora kernel: rfkill_register+0xbc/0x2c0 [rfkill] > >> > Mar 29 17:43:16.180813 fedora kernel: tpacpi_new_rfkill+0x185/0x230 > >> > [thinkpad_acpi] > >> > Mar 29 17:43:16.180826 fedora kernel: ibm_init+0x66/0x2a0 [thinkpad_acpi] > >> > Mar 29 17:43:16.180840 fedora kernel: > >> > tpacpi_pdriver_probe+0x160/0x250 [thinkpad_acpi] > >> > Mar 29 17:43:16.180852 fedora kernel: platform_probe+0x41/0xa0 > >> > Mar 29 17:43:16.180887 fedora kernel: really_probe+0xdb/0x340 > >> > Mar 29 17:43:16.180900 fedora kernel: ? pm_runtime_barrier+0x55/0x90 > >> > Mar 29 17:43:16.180912 fedora kernel: ? __pfx___driver_attach+0x10/0x10 > >> > Mar 29 17:43:16.180920 fedora kernel: __driver_probe_device+0x78/0x140 > >> > Mar 29 17:43:16.180932 fedora kernel: driver_probe_device+0x1f/0xa0 > >> > Mar 29 17:43:16.180942 fedora kernel: __driver_attach+0xb8/0x1d0 > >> > Mar 29 17:43:16.180954 fedora kernel: bus_for_each_dev+0x82/0xd0 > >> > Mar 29 17:43:16.180966 fedora kernel: bus_add_driver+0x12f/0x210 > >> > Mar 29 17:43:16.180976 fedora kernel: driver_register+0x72/0xd0 > >> > Mar 29 17:43:16.180988 fedora kernel: __platform_driver_probe+0x45/0x90 > >> > Mar 29 17:43:16.180999 fedora kernel: __platform_create_bundle+0xe7/0x100 > >> > Mar 29 17:43:16.181011 fedora kernel: ? > >> > __pfx_tpacpi_pdriver_probe+0x10/0x10 [thinkpad_acpi] > >> > Mar 29 17:43:16.181025 fedora kernel: ? > >> > __pfx_thinkpad_acpi_module_init+0x10/0x10 [thinkpad_acpi] > >> > Mar 29 17:43:16.181035 fedora kernel: > >> > thinkpad_acpi_module_init+0x37e/0x430 [thinkpad_acpi] > >> > Mar 29 17:43:16.181045 fedora kernel: do_one_initcall+0x58/0x300 > >> > Mar 29 17:43:16.181053 fedora kernel: do_init_module+0x82/0x240 > >> > Mar 29 17:43:16.181065 fedora kernel: init_module_from_file+0x8b/0xe0 > >> > Mar 29 17:43:16.181073 fedora kernel: idempotent_init_module+0x113/0x310 > >> > Mar 29 17:43:16.181083 fedora kernel: __x64_sys_finit_module+0x67/0xc0 > >> > Mar 29 17:43:16.181093 fedora kernel: do_syscall_64+0x7f/0x170 > >> > Mar 29 17:43:16.181103 fedora kernel: ? syscall_exit_to_user_mode+0x1d5/0x210 > >> > Mar 29 17:43:16.181112 fedora kernel: ? do_syscall_64+0x8c/0x170 > >> > Mar 29 17:43:16.181124 fedora kernel: ? > >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 > >> > Mar 29 17:43:16.181135 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > >> > Mar 29 17:43:16.181144 fedora kernel: ? do_syscall_64+0x8c/0x170 > >> > Mar 29 17:43:16.181152 fedora kernel: ? > >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 > >> > Mar 29 17:43:16.181163 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > >> > Mar 29 17:43:16.181173 fedora kernel: ? do_syscall_64+0x8c/0x170 > >> > Mar 29 17:43:16.181182 fedora kernel: ? seq_read_iter+0x20e/0x480 > >> > Mar 29 17:43:16.181198 fedora kernel: ? vfs_read+0x29b/0x370 > >> > Mar 29 17:43:16.181217 fedora kernel: ? __seccomp_filter+0x41/0x4e0 > >> > Mar 29 17:43:16.181233 fedora kernel: ? > >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 > >> > Mar 29 17:43:16.181250 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > >> > Mar 29 17:43:16.181264 fedora kernel: ? do_syscall_64+0x8c/0x170 > >> > Mar 29 17:43:16.181280 fedora kernel: ? do_syscall_64+0x8c/0x170 > >> > Mar 29 17:43:16.181292 fedora kernel: ? > >> > syscall_exit_to_user_mode_prepare+0x14a/0x180 > >> > Mar 29 17:43:16.181316 fedora kernel: ? syscall_exit_to_user_mode+0x10/0x210 > >> > Mar 29 17:43:16.181331 fedora kernel: ? clear_bhb_loop+0x35/0x90 > >> > Mar 29 17:43:16.181341 fedora kernel: ? clear_bhb_loop+0x35/0x90 > >> > Mar 29 17:43:16.181351 fedora kernel: ? clear_bhb_loop+0x35/0x90 > >> > Mar 29 17:43:16.181360 fedora kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e > >> > Mar 29 17:43:16.181372 fedora kernel: RIP: 0033:0x7f1aa84c5a8d > >> > Mar 29 17:43:16.181381 fedora kernel: Code: ff c3 66 2e 0f 1f 84 00 00 > >> > 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 > >> > 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d > >> > 4b> > >> > Mar 29 17:43:16.181392 fedora kernel: RSP: 002b:00007ffe5ca79bc8 > >> > EFLAGS: 00000246 ORIG_RAX: 0000000000000139 > >> > Mar 29 17:43:16.181406 fedora kernel: RAX: ffffffffffffffda RBX: > >> > 00005610a8c7deb0 RCX: 00007f1aa84c5a8d > >> > Mar 29 17:43:16.181419 fedora kernel: RDX: 0000000000000000 RSI: > >> > 00007f1aa7b88965 RDI: 0000000000000032 > >> > Mar 29 17:43:16.181431 fedora kernel: RBP: 00007ffe5ca79c80 R08: > >> > 0000000000000000 R09: 00007ffe5ca79c30 > >> > Mar 29 17:43:16.181441 fedora kernel: R10: 0000000000000000 R11: > >> > 0000000000000246 R12: 0000000000020000 > >> > Mar 29 17:43:16.181448 fedora kernel: R13: 00005610a8c7f880 R14: > >> > 00007f1aa7b88965 R15: 0000000000000000 > >> > Mar 29 17:43:16.181458 fedora kernel: </TASK> > >> > Mar 29 17:43:16.181472 fedora kernel: Modules linked in: cfg80211(+) > >> > thunderbolt(+) thinkpad_acpi(+) igen6_edac intel_soc_dts_iosf > >> > platform_profile snd soundcore int3403_thermal int340x_thermal_zone > >> > soc_button_> > >> > Mar 29 17:43:16.181784 fedora kernel: CR2: 000000000000004c > >> > Mar 29 17:43:16.181806 fedora kernel: ---[ end trace 0000000000000000 ]--- > >> > > >> > Best regards > >> > Damian > >> > >> Hmmm - I have a feeling about this one. > >> > >> Can you apply and test the attached proposed patch? If you do please > >> verify if the problem persist and if the driver has all the features > >> present before the regression. > >> > >> If everything goes nicely, feel free to add a Tested-by: tag for when I > >> submit this. > >> > >> -- > >> ~ Kurt > > > > Hi Kurt, > > > > many thnaks for the fast response. > > With this patch my system boot again but i have other dump in dmesg > > Oh, makes sense. It's the same problem but it was hidden because of the > previous one. > > The attached patch should fix it. > > -- > ~ Kurt ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Kernel Null Pointer Dereference on Fedora with thinkpad_acpi 2025-03-30 10:16 ` Damian Tometzki @ 2025-03-30 15:41 ` Kurt Borja 0 siblings, 0 replies; 6+ messages in thread From: Kurt Borja @ 2025-03-30 15:41 UTC (permalink / raw) To: Damian Tometzki Cc: hmh, ibm-acpi-devel, platform-driver-x86, Linux Kernel Mailing List On Sun Mar 30, 2025 at 7:16 AM -03, Damian Tometzki wrote: > Hello Kurt, > hello together, > > I successfully tested the patch on my ThinkPad X1. System boots > normally without errors. > > Tested-by: Damian Tometzki <damian@riscv-rocks.de> > > Best regards > Damian Thanks a lot for reporting and testing! The fix has been submitted now. -- ~ Kurt ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-03-30 15:41 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2025-03-30 5:19 Kernel Null Pointer Dereference on Fedora with thinkpad_acpi Damian Tometzki 2025-03-30 6:01 ` Kurt Borja 2025-03-30 6:28 ` Damian Tometzki 2025-03-30 6:47 ` Kurt Borja 2025-03-30 10:16 ` Damian Tometzki 2025-03-30 15:41 ` Kurt Borja
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox