panic in AcpiExReleaseMutex
Moore, Robert
robert.moore at intel.com
Fri Dec 4 04:57:21 UTC 2009
>I am somewhat suspicious of recursive use of \_SB.PCI0.LPC0.EC0.MUT1
It is OK for AML code to acquire a mutex multiple times, so I don't think that is the problem.
> PreviousSyncLevel =
> WalkState->Thread->AcquiredMutexList->Mutex.OriginalSyncLevel;
Multiple pointers here, do you know which one is null?
>-----Original Message-----
>From: Andriy Gapon [mailto:avg at icyb.net.ua]
>Sent: Thursday, December 03, 2009 1:23 AM
>To: freebsd-acpi at freebsd.org; Moore, Robert
>Cc: Tarick
>Subject: panic in AcpiExReleaseMutex
>
>
>We are trying to resolve an issue reported in the following FreeBSD PR:
>http://www.freebsd.org/cgi/query-pr.cgi?pr=140979
>
>There is some additional information in:
>http://people.freebsd.org/~avg/pr140979/
>
>This is 8-stable, so ACPICA version is 20090521.
>
>It looks like a NULL-pointer issue in AcpiExReleaseMutex.
>The reported line where the trap happens is the following:
>
> PreviousSyncLevel =
> WalkState->Thread->AcquiredMutexList->Mutex.OriginalSyncLevel;
>
>Fault address is 0x40 which is exactly an offset of OriginalSyncLevel
>within
>ACPI_OBJECT_MUTEX on amd64 platform.
>
>My understanding of the stacktrace on the pictures is the following.
>From EC driver we call AcpiInstallAddressSpaceHandler to install
>EcSpaceHandler
>function for ACPI_ADR_SPACE_EC. As I understand, that leads to execution
>of
>_REG method of EC device. _REG method seems to access some registers in EC
>address space (with \_SB.PCI0.LPC0.EC0.MUT1 mutex locked). That access
>triggers
>a call to EcSpaceHandler. Now, we have a code in EcSpaceHandler that makes
>a
>direct call to EcGpeQueryHandler during a cold boot phase if SCI bit is set
>in
>CSR register. EcGpeQueryHandler performs an EC query and executes _Qxx
>method
>if need. Apparently, in our case that code path was taken and we got the
>NULL-pointer problem while evaluating AML Release function in either _Q20
>or
>_Q09. Both of them acquire and release the already mentioned
>\_SB.PCI0.LPC0.EC0.MUT1 Mutex.
>
>Does my interpretation sound correct?
>Does this scenario ring any bells?
>Does our EC driver do everything correct?
>
>I am somewhat suspicious of recursive use of \_SB.PCI0.LPC0.EC0.MUT1 in
>this
>situation. But I am not sure if it's an issue with AML or with our code.
>
>--
>Andriy Gapon
More information about the freebsd-acpi
mailing list