Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 16 Sep 2001 22:57:30 +0200 (CEST)
From:      Poul-Henning Kamp <phk@critter.freebsd.dk>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   kern/30617: [PATCH] ACPI bug: don't dereference a pointer you have set to NULL
Message-ID:  <200109162057.f8GKvUN99682@critter.freebsd.dk>
next in thread | raw e-mail | index | archive | help 

>Number:         30617
>Category:       kern
>Synopsis:       [PATCH] ACPI bug: don't dereference a pointer you have set to NULL
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 16 14:00:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Poul-Henning Kamp
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
International Keep It Simple Stupid! brotherhood
>Environment:
System: FreeBSD critter.freebsd.dk 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Wed Aug 8 13:10:20 CEST 2001 root@critter.freebsd.dk:/freebsd/src/sys/i386/compile/CRITTER i386


>Description:
	In AcpiExDyadic1() a DEBUG statement tried to dereference the pointer 
	"Operand[0]" which has explictly been set to NULL earlier in the same
	function.  This panics the kernel.

>How-To-Repeat:
	Pull the powerplug on an Asus M1300 machine with bios 1.05

>Fix:

	This patch is a workaround, I don't know enough about the ACPI code to judge if
	the setting of "Operand[0] = NULL" is kosher or bogus, so I have simply added
	an if() to avoid dereferencing the NULL pointer.


Index: exdyadic.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/dev/acpica/exdyadic.c,v
retrieving revision 1.1.1.9
diff -u -r1.1.1.9 exdyadic.c
--- exdyadic.c	7 Sep 2001 01:22:24 -0000	1.1.1.9
+++ exdyadic.c	16 Sep 2001 20:41:41 -0000
@@ -375,8 +375,11 @@
                 break;
 
             default:
-                ACPI_DEBUG_PRINT ((ACPI_DB_ERROR, "Unexpected notify object type %X\n",
-                    Operand[0]->Common.Type));
+		if (Operand[0] == NULL)
+			ACPI_DEBUG_PRINT ((ACPI_DB_ERROR, "Unexpected notify object type (details at 11...)\n"));
+		else
+			ACPI_DEBUG_PRINT ((ACPI_DB_ERROR, "Unexpected notify object type %X\n",
+			    Operand[0]->Common.Type));
 
                 Status = AE_AML_OPERAND_TYPE;
                 break;

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109162057.f8GKvUN99682>