PATCH: Crash while suspending on FreeBSD/amd64 8.1-RC2

Jung-uk Kim jkim at FreeBSD.org
Tue Jul 6 18:12:00 UTC 2010 

On Thursday 01 July 2010 02:43 pm, Yamagi Burmeister wrote:
> Okay, with the help of a friend of mine I managed to track this
> down.
>
> > (kgdb) bt
> > #0  doadump () at pcpu.h:223
> > #1  0xffffffff8020dfe9 in boot (howto=260) at
> > /usr/src/sys/kern/kern_shutdown.c:416
> > #2  0xffffffff8020e41c in panic (fmt=0xffffffff8044ebbb "%s")
> >    at /usr/src/sys/kern/kern_shutdown.c:590
> > #3  0xffffffff80408bc8 in trap_fatal (frame=0xffffff0004a4e000,
> > eva=Variable "eva" is not available.
> > )
> >    at /usr/src/sys/amd64/amd64/trap.c:777
> > #4  0xffffffff80408f94 in trap_pfault (frame=0xffffff803da285e0,
> > usermode=0)
> >    at /usr/src/sys/amd64/amd64/trap.c:693
> > #5  0xffffffff804097da in trap (frame=0xffffff803da285e0)
> >    at /usr/src/sys/amd64/amd64/trap.c:451
> > #6  0xffffffff803ef543 in calltrap () at
> > /usr/src/sys/amd64/amd64/exception.S:223
> > #7  0xffffffff80406f16 in bcopy () at
> > /usr/src/sys/amd64/amd64/support.S:124
> > #8  0xffffffff80745fb7 in vesa_bios_save_restore (code=1,
> > p=0xffffff80002a6004,
> >    size=4928) at
> > /usr/src/sys/modules/vesa/../../dev/fb/vesa.c:551 #9 
> > 0xffffffff80746059 in vesa_save_state (adp=Variable "adp" is not
> > available.
> > )
> >    at /usr/src/sys/modules/vesa/../../dev/fb/vesa.c:1429
> > #10 0xffffffff80424144 in vga_suspend (dev=0xffffff0001632a00)
> >    at /usr/src/sys/isa/vga_isa.c:81
> > #11 0xffffffff804241d7 in isavga_suspend (dev=0xffffff0001632a00)
> >    at /usr/src/sys/isa/vga_isa.c:234
>
> The problem is on stack level 8. Line 538 in sys/dev/fb/vesa.c
> returns NULL because x86bios_alloc(&offs, size); couldn't allocate
> memory. In line 551 the nullpointer is passed to bcopy(), causing
> the crash. A simple sollution is to add a nullpointer check like
> the attached patch does. But I'm not sure if that's the right
> solution, since the VGA state will not be saved if the check
> triggers.
>
> --- vesa.c_	2010-07-01 20:38:54.000000000 +0200
> +++ vesa.c	2010-07-01 20:38:03.000000000 +0200
> @@ -536,6 +536,8 @@
>  		return (1);
>
>  	buf = x86bios_alloc(&offs, size);
> +	if (buf == NULL)
> +		return (1);
>
>  	x86bios_init_regs(&regs);
>  	regs.R_AX = 0x4f04;

Fixed on HEAD.  Will be MFC'ed soon.

Thanks!

Jung-uk Kim

More information about the freebsd-mobile mailing list