Date: Thu, 1 Jul 2010 20:43:52 +0200 (CEST) From: Yamagi Burmeister <lists@yamagi.org> To: freebsd-mobile@freebsd.org Cc: Christoph Mallon <christoph.mallon@gmx.de>, jkim@freebsd.org Subject: PATCH: Crash while suspending on FreeBSD/amd64 8.1-RC2 Message-ID: <alpine.BSF.2.00.1007012019490.2120@maka.home.yamagi.org> In-Reply-To: <alpine.BSF.2.00.1007011623470.2777@screw.home.yamagi.org> References: <alpine.BSF.2.00.1007011623470.2777@screw.home.yamagi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Okay, with the help of a friend of mine I managed to track this down. > (kgdb) bt > #0 doadump () at pcpu.h:223 > #1 0xffffffff8020dfe9 in boot (howto=260) at > /usr/src/sys/kern/kern_shutdown.c:416 > #2 0xffffffff8020e41c in panic (fmt=0xffffffff8044ebbb "%s") > at /usr/src/sys/kern/kern_shutdown.c:590 > #3 0xffffffff80408bc8 in trap_fatal (frame=0xffffff0004a4e000, > eva=Variable "eva" is not available. > ) > at /usr/src/sys/amd64/amd64/trap.c:777 > #4 0xffffffff80408f94 in trap_pfault (frame=0xffffff803da285e0, > usermode=0) > at /usr/src/sys/amd64/amd64/trap.c:693 > #5 0xffffffff804097da in trap (frame=0xffffff803da285e0) > at /usr/src/sys/amd64/amd64/trap.c:451 > #6 0xffffffff803ef543 in calltrap () at > /usr/src/sys/amd64/amd64/exception.S:223 > #7 0xffffffff80406f16 in bcopy () at > /usr/src/sys/amd64/amd64/support.S:124 > #8 0xffffffff80745fb7 in vesa_bios_save_restore (code=1, > p=0xffffff80002a6004, > size=4928) at /usr/src/sys/modules/vesa/../../dev/fb/vesa.c:551 > #9 0xffffffff80746059 in vesa_save_state (adp=Variable "adp" is not > available. > ) > at /usr/src/sys/modules/vesa/../../dev/fb/vesa.c:1429 > #10 0xffffffff80424144 in vga_suspend (dev=0xffffff0001632a00) > at /usr/src/sys/isa/vga_isa.c:81 > #11 0xffffffff804241d7 in isavga_suspend (dev=0xffffff0001632a00) > at /usr/src/sys/isa/vga_isa.c:234 The problem is on stack level 8. Line 538 in sys/dev/fb/vesa.c returns NULL because x86bios_alloc(&offs, size); couldn't allocate memory. In line 551 the nullpointer is passed to bcopy(), causing the crash. A simple sollution is to add a nullpointer check like the attached patch does. But I'm not sure if that's the right solution, since the VGA state will not be saved if the check triggers. --- vesa.c_ 2010-07-01 20:38:54.000000000 +0200 +++ vesa.c 2010-07-01 20:38:03.000000000 +0200 @@ -536,6 +536,8 @@ return (1); buf = x86bios_alloc(&offs, size); + if (buf == NULL) + return (1); x86bios_init_regs(®s); regs.R_AX = 0x4f04; -- Homepage: www.yamagi.org Jabber: yamagi@yamagi.org GnuPG/GPG: 0xEFBCCBCB
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1007012019490.2120>