From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755410Ab3KUCBd (ORCPT ); Wed, 20 Nov 2013 21:01:33 -0500 Received: from mailout2.w2.samsung.com ([211.189.100.12]:29185 "EHLO usmailout2.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755349Ab3KUCB2 (ORCPT ); Wed, 20 Nov 2013 21:01:28 -0500 X-AuditID: cbfec37d-b7f0e6d00000657c-7e-528d69768682 Message-id: <528D6972.9010702@samsung.com> Date: Wed, 20 Nov 2013 19:01:22 -0700 From: Shuah Khan Reply-to: shuah.kh@samsung.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-version: 1.0 To: len.brown@intel.com, pavel@ucw.cz, rjw@rjwysocki.net, gregkh@linuxfoundation.org, anton@enomsg.org, dwmw2@infradead.org, rostedt@goodmis.org, fweisbec@gmail.com, mingo@redhat.com, keun-o.park@windriver.com, paul.gortmaker@windriver.com Cc: Shuah Khan , linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org, shuahkhan@gmail.com, stable@vger.kernel.org Subject: Re: [PATCH 2/2] PM: Fix Oops from NULL pointer dereference in wakeup_source_activate References: <43b305b56bbbfc82b2684919e2d1ba2bd50fecae.1384990612.git.shuah.kh@samsung.com> In-reply-to: <43b305b56bbbfc82b2684919e2d1ba2bd50fecae.1384990612.git.shuah.kh@samsung.com> Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7bit X-Originating-IP: [105.144.21.63] X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrKIsWRmVeSWpSXmKPExsVy+t9hP92yzN4gg9vdYhYHt2paTFw5mdli 5utuJovmxevZLG603mexmDVlL5PF5V1z2Cw+9x5htLh0YAGTxbW9x5kt7p46ymZx5vQlVot9 HQ+YLL7+dLBYsPERowO/x4T+T4weO2fdZfdo2XeL3WPzCi2PxXteMnnsn7uG3eP9vqtsHluu trN4rFj9nd3j8yY5j/VbtjIFcEdx2aSk5mSWpRbp2yVwZXR/Oshe8FG/4mbLSdYGxrfqXYyc HBICJhKX7r5nhbDFJC7cW8/WxcjFISSwjFGibeoeVginl0li7oVHTBDOJkaJg9t/MYK08Apo Sdw79YoJxGYRUJVo+niLDcRmE1CX+Px6BzuILSQgJ9G0ZDUziC0qECFxdPUzVoheQYkfk++x gAwVEfjKKNH3+DqYwyzQwyixvP0T2CRhgXiJ2cuvsUCs7mCU2HLnEVg7p0CsxJZNB8HGMgtY S6yctI0RwpaX2LzmLTPEamWJP5dPAZ3HAfSdosT21VYTGEVmIVk+C0n3LCTdCxiZVzGKlRYn FxQnpadWmOgVJ+YWl+al6yXn525ihER17Q7G+19tDjEKcDAq8fA+eNoTJMSaWFZcmXuIUYKD WUmEN8a6N0iINyWxsiq1KD++qDQntfgQIxMHp1QDY2H/o+lXb8dcv+ESLF+q+v7r07OHilMu 2dfyvC5LPnI7efGWEudI5t/LXrx359e6d3HCbkERF2dlDrMVm9b+SJp2QEngxve3bKELC1JC H3fs//G43vhkwralx7xvvQli0Fi3tvcjV+Z6dxPbRC7HdCXOGRuFhd7/u3Ike6P8FYd1Rkc3 fJb7NkuJpTgj0VCLuag4EQDOU1C9yAIAAA== Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/20/2013 06:40 PM, Shuah Khan wrote: > power_supply_register() calls device_init_wakeup() to register a wakeup > source before initializing dev_name. As a result, device_wakeup_enable() > end up registering wakeup source with a null name when wakeup_source_register() > gets called with dev_name(dev) which is null at the time. > > When kernel is booted with wakeup_source_activate enabled, it will panic > when the trace point code tries to dereference ws->name. Registering a > a wakeup source without a name should be possible. > > Fix wakeup_source_activate tracepoint to check for null name and handle it > gracefully by just using "(no name)" as the name string for the source. > > Fixes: commit 6791e36c4a40e8930e08669e60077eea6770c429 > > Trace after the change: > bash-2008 [000] d... 610.307262: wakeup_source_activate: (no name) state=0x20001 > kworker/0:0-2000 [000] d... 610.307287: wakeup_source_deactivate: (no name) state=0x30000 > > Oops message: > > [ 819.769934] device: 'BAT1': device_add > [ 819.770078] PM: Adding info for No Bus:BAT1 > [ 819.770235] BUG: unable to handle kernel NULL pointer dereference at (null) > [ 819.770435] IP: [] skip_spaces+0x30/0x30 > [ 819.770572] PGD 3efd90067 PUD 3eff61067 PMD 0 > [ 819.770716] Oops: 0000 [#1] SMP > [ 819.770829] Modules linked in: arc4 iwldvm mac80211 x86_pkg_temp_thermal coretemp kvm_intel joydev i915 kvm uvcvideo ghash_clmulni_intel videobuf2_vmalloc aesni_intel videobuf2_memops videobuf2_core aes_x86_64 ablk_helper cryptd videodev iwlwifi lrw rfcomm gf128mul glue_helper bnep btusb media bluetooth parport_pc hid_generic ppdev snd_hda_codec_hdmi drm_kms_helper snd_hda_codec_realtek cfg80211 drm tpm_infineon samsung_laptop snd_hda_intel usbhid snd_hda_codec hid snd_hwdep snd_pcm microcode snd_page_alloc snd_timer psmouse i2c_algo_bit lpc_ich tpm_tis video wmi mac_hid serio_raw ext2 lp parport r8169 mii > [ 819.771802] CPU: 0 PID: 2167 Comm: bash Not tainted 3.12.0+ #25 > [ 819.771876] Hardware name: SAMSUNG ELECTRONICS CO., LTD. 900X3C/900X3D/900X4C/900X4D/SAMSUNG_NP1234567890, BIOS P03AAC 07/12/2012 > [ 819.772022] task: ffff88002e6ddcc0 ti: ffff8804015ca000 task.ti: ffff8804015ca000 > [ 819.772119] RIP: 0010:[] [] skip_spaces+0x30/0x30 > [ 819.772242] RSP: 0018:ffff8804015cbc70 EFLAGS: 00010046 > [ 819.772310] RAX: 0000000000000003 RBX: ffff88040cfd6d40 RCX: 0000000000000018 > [ 819.772397] RDX: 0000000000020001 RSI: 0000000000000000 RDI: 0000000000000000 > [ 819.772484] RBP: ffff8804015cbcc0 R08: 0000000000000000 R09: ffff8803f0768d40 > [ 819.772570] R10: ffffea001033b800 R11: 0000000000000000 R12: ffffffff81c519c0 > [ 819.772656] R13: 0000000000020001 R14: 0000000000000000 R15: 0000000000020001 > [ 819.772744] FS: 00007ff98309b740(0000) GS:ffff88041f200000(0000) knlGS:0000000000000000 > [ 819.772845] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 819.772917] CR2: 0000000000000000 CR3: 00000003f59dc000 CR4: 00000000001407f0 > [ 819.773001] Stack: > [ 819.773030] ffffffff81114003 ffff8804015cbcb0 0000000000000000 0000000000000046 > [ 819.773146] ffff880409757a18 ffff8803f065a160 0000000000000000 0000000000020001 > [ 819.773273] 0000000000000000 0000000000000000 ffff8804015cbce8 ffffffff8143e388 > [ 819.773387] Call Trace: > [ 819.773434] [] ? ftrace_raw_event_wakeup_source+0x43/0xe0 > [ 819.773520] [] wakeup_source_report_event+0xb8/0xd0 > [ 819.773595] [] __pm_stay_awake+0x2d/0x50 > [ 819.773724] [] power_supply_changed+0x3c/0x90 > [ 819.773795] [] power_supply_register+0x18c/0x250 > [ 819.773869] [] sysfs_add_battery+0x61/0x7b > [ 819.773935] [] battery_notify+0x37/0x3f > [ 819.774001] [] notifier_call_chain+0x4c/0x70 > [ 819.774071] [] __blocking_notifier_call_chain+0x4d/0x70 > [ 819.774149] [] blocking_notifier_call_chain+0x16/0x20 > [ 819.774227] [] pm_notifier_call_chain+0x1a/0x40 > [ 819.774316] [] hibernate+0x66/0x1c0 > [ 819.774407] [] state_store+0x71/0xa0 > [ 819.774507] [] kobj_attr_store+0xf/0x20 > [ 819.774613] [] sysfs_write_file+0x128/0x1c0 > [ 819.774735] [] vfs_write+0xbd/0x1e0 > [ 819.774841] [] SyS_write+0x49/0xa0 > [ 819.774939] [] system_call_fastpath+0x16/0x1b > [ 819.775055] Code: 89 f8 48 89 e5 f6 82 c0 a6 84 81 20 74 15 0f 1f 44 00 00 48 83 c0 01 0f b6 10 f6 82 c0 a6 84 81 20 75 f0 5d c3 66 0f 1f 44 00 00 <80> 3f 00 55 48 89 e5 74 15 48 89 f8 0f 1f 40 00 48 83 c0 01 80 > [ 819.775760] RIP [] skip_spaces+0x30/0x30 > [ 819.775881] RSP > [ 819.775949] CR2: 0000000000000000 > [ 819.794175] ---[ end trace c4ef25127039952e ]--- > > Signed-off-by: Shuah Khan > Cc: stable@vger.kernel.org > --- > include/trace/events/power.h | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/include/trace/events/power.h b/include/trace/events/power.h > index cda100d..5ba545a 100644 > --- a/include/trace/events/power.h > +++ b/include/trace/events/power.h > @@ -110,12 +110,14 @@ DECLARE_EVENT_CLASS(wakeup_source, > TP_ARGS(name, state), > > TP_STRUCT__entry( > - __string( name, name ) > + __string(name, name ? name : "(no name)") > __field( u64, state ) > ), > > TP_fast_assign( > - __assign_str(name, name); > + const char *tname = name ? name : "(no name)"; > + > + __assign_str(name, tname); > __entry->state = state; > ), > > Adding tracing maintainers. -- Shuah Khan Senior Linux Kernel Developer - Open Source Group Samsung Research America(Silicon Valley) shuah.kh@samsung.com | (970) 672-0658