• Vivek Goyal's avatar
    resource: fix the case of null pointer access · 800df627
    Vivek Goyal authored
    Richard and Daniel reported that UML is broken due to changes to
    resource traversal functions.  Problem is that iomem_resource.child can
    be null and new code does not consider that possibility.  Old code used
    a for loop and that loop will not even execute if p was null.
    Revert back to for() loop logic and bail out if p is null.
    I also moved sibling_only check out of resource_lock. There is no
    reason to keep it inside the lock.
    Following is backtrace of the UML crash.
    RIP: 0033:[<0000000060039b9f>]
    RSP: 0000000081459da0  EFLAGS: 00010202
    RAX: 0000000000000000 RBX: 00000000219b3fff RCX: 000000006010d1d9
    RDX: 0000000000000001 RSI: 00000000602dfb94 RDI: 0000000081459df8
    RBP: 0000000081459de0 R08: 00000000601b59f4 R09: ffffffff0000ff00
    R10: ffffffff0000ff00 R11: 0000000081459e88 R12: 0000000081459df8
    R13: 00000000219b3fff R14: 00000000602dfb94 R15: 0000000000000000
    Kernel panic - not syncing: Segfault with no mm
    CPU: 0 PID: 1 Comm: swapper Not tainted 3.16.0-10454-g58d08e3b #13
     00000000 000080d0 81459df0 219b3fff
     81459e70 6010d1d9 ffffffff 6033e010
     81459e50 6003a269 81459e30 00000000
    Call Trace:
     [<6010d1d9>] ? kclist_add_private+0x0/0xe7
     [<6003a269>] walk_system_ram_range+0x61/0xb7
     [<6000e859>] ? proc_kcore_init+0x0/0xf1
     [<6010d574>] kcore_update_ram+0x4c/0x168
     [<6010d72e>] ? kclist_add+0x0/0x2e
     [<6000e943>] proc_kcore_init+0xea/0xf1
     [<6000e859>] ? proc_kcore_init+0x0/0xf1
     [<6000e859>] ? proc_kcore_init+0x0/0xf1
     [<600189f0>] do_one_initcall+0x13c/0x204
     [<6004ca46>] ? parse_args+0x1df/0x2e0
     [<6004c82d>] ? parameq+0x0/0x3a
     [<601b5990>] ? strcpy+0x0/0x18
     [<60001e1a>] kernel_init_freeable+0x240/0x31e
     [<6026f1c0>] kernel_init+0x12/0x148
     [<60019fad>] new_thread_handler+0x81/0xa3
    Fixes 8c86e70a
     ("resource: provide new functions to walk
    through resources").
    Reported-by: default avatarDaniel Walter <sahne@0x90.at>
    Tested-by: default avatarRichard Weinberger <richard@nod.at>
    Tested-by: default avatarToralf Förster <toralf.foerster@gmx.de>
    Tested-by: default avatarDaniel Walter <sahne@0x90.at>
    Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
resource.c 33.6 KB