Commit 5cd73762 authored by Ingo Molnar's avatar Ingo Molnar

fix: crash: IP: __bitmap_intersects+0x48/0x73

-tip testing found this crash:

> [   35.258515] calling  acpi_cpufreq_init+0x0/0x127 @ 1
> [   35.264127] BUG: unable to handle kernel NULL pointer dereference at (null)
> [   35.267554] IP: [<ffffffff80478092>] __bitmap_intersects+0x48/0x73
> [   35.267554] PGD 0
> [   35.267554] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC

arch/x86/kernel/cpu/cpufreq/acpi-cpufreq.c is still broken: there's no
allocation of the variable mask, so we pass in an uninitialized cmd.mask
field to drv_read(), which then passes it to the scheduler which then
crashes ...

Switch it over to the much simpler constant-cpumask-pointers approach.
Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
parent 49a93bc9
...@@ -145,7 +145,7 @@ typedef union { ...@@ -145,7 +145,7 @@ typedef union {
struct drv_cmd { struct drv_cmd {
unsigned int type; unsigned int type;
cpumask_var_t mask; const struct cpumask *mask;
drv_addr_union addr; drv_addr_union addr;
u32 val; u32 val;
}; };
...@@ -235,8 +235,7 @@ static u32 get_cur_val(const struct cpumask *mask) ...@@ -235,8 +235,7 @@ static u32 get_cur_val(const struct cpumask *mask)
return 0; return 0;
} }
cpumask_copy(cmd.mask, mask); cmd.mask = mask;
drv_read(&cmd); drv_read(&cmd);
dprintk("get_cur_val = %u\n", cmd.val); dprintk("get_cur_val = %u\n", cmd.val);
...@@ -403,9 +402,6 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy, ...@@ -403,9 +402,6 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy,
return -ENODEV; return -ENODEV;
} }
if (unlikely(!alloc_cpumask_var(&cmd.mask, GFP_KERNEL)))
return -ENOMEM;
perf = data->acpi_data; perf = data->acpi_data;
result = cpufreq_frequency_table_target(policy, result = cpufreq_frequency_table_target(policy,
data->freq_table, data->freq_table,
...@@ -450,9 +446,9 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy, ...@@ -450,9 +446,9 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy,
/* cpufreq holds the hotplug lock, so we are safe from here on */ /* cpufreq holds the hotplug lock, so we are safe from here on */
if (policy->shared_type != CPUFREQ_SHARED_TYPE_ANY) if (policy->shared_type != CPUFREQ_SHARED_TYPE_ANY)
cpumask_and(cmd.mask, cpu_online_mask, policy->cpus); cmd.mask = policy->cpus;
else else
cpumask_copy(cmd.mask, cpumask_of(policy->cpu)); cmd.mask = cpumask_of(policy->cpu);
freqs.old = perf->states[perf->state].core_frequency * 1000; freqs.old = perf->states[perf->state].core_frequency * 1000;
freqs.new = data->freq_table[next_state].frequency; freqs.new = data->freq_table[next_state].frequency;
...@@ -479,7 +475,6 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy, ...@@ -479,7 +475,6 @@ static int acpi_cpufreq_target(struct cpufreq_policy *policy,
perf->state = next_perf_state; perf->state = next_perf_state;
out: out:
free_cpumask_var(cmd.mask);
return result; return result;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment