On Monday 28 September 2009, Alex Chiang wrote: > Hi Xiaotian, > > Thanks for the bug report. > > * Xiaotian Feng <dfeng@xxxxxxxxxx>: > > commit 275582 introduces acpi_get_pci_dev(), but pdev->subordinate > > can be NULL, then a NULL was passed to pci_get_slot, this results > > the kernel oops when resume from suspend. > > > > This patch resolves following kernel oops: > > BUG: unable to handle kernel NULL pointer dereference at 0000000000000028 > > IP: [<ffffffff812217e7>] pci_get_slot+0x4c/0x8c > > > > Signed-off-by: Xiaotian Feng <dfeng@xxxxxxxxxx> > > --- > > drivers/acpi/pci_root.c | 6 +++++- > > 1 files changed, 5 insertions(+), 1 deletions(-) > > > > diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c > > index 3112221..3c35144 100644 > > --- a/drivers/acpi/pci_root.c > > +++ b/drivers/acpi/pci_root.c > > @@ -387,7 +387,11 @@ struct pci_dev *acpi_get_pci_dev(acpi_handle handle) > > if (!pdev || hnd == handle) > > break; > > > > - pbus = pdev->subordinate; > > + if (pdev->subordinate) > > + pbus = pdev->subordinate; > > + else > > + pbus = pdev->bus; > > + > > I'm a little confused by this. If we start from the PCI root > bridge and walk back down the hierarchy, shouldn't everything > between the root and the device be a P2P bridge? Well, if my reading of the code is correct, there's no guarantee that pci_get_slot() will always return either the right device or a bridge. If it returns anything that's not a bridge or the device we're looking for, we'll hit the NULL pointer deref. In fact it looks like we should also clear pdev if no device was found. Thanks, Rafael -- To unsubscribe from this list: send the line "unsubscribe linux-acpi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
