[Bug 826774] [NEW] fwts: corrupt ACPI table input causes segmentation fault in acpica core

Colin King Mon, 15 Aug 2011 07:30:50 -0700

Public bug reported:

Running fwts method test with input from a dumped ACPI table which is
corrupt causes the ACPI table installation in the ACPICA core to
segfault.


Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7502109 in AcpiTbInstallTable () from /usr/lib/libfwtsacpica.so.1
(gdb) where
#0  0x00007ffff7502109 in AcpiTbInstallTable () from /usr/lib/libfwtsacpica.so.1
#1  0x00007ffff7500fd7 in AcpiTbParseFadt () from /usr/lib/libfwtsacpica.so.1
#2  0x00007ffff7502520 in AcpiTbParseRootTable () from 
/usr/lib/libfwtsacpica.so.1
#3  0x00007ffff75026a0 in AcpiInitializeTables () from 
/usr/lib/libfwtsacpica.so.1
#4  0x00007ffff74c8214 in fwts_acpica_init () from /usr/lib/libfwtsacpica.so.1
#5  0x0000000000411969 in ?? ()
#6  0x00007ffff7740ada in fwts_framework_args () from /usr/lib/libfwts.so.1
#7  0x00000000004038e9 in ?? ()
#8  0x00007ffff713deff in __libc_start_main () from 
/lib/x86_64-linux-gnu/libc.so.6
#9  0x0000000000403819 in ?? ()
#10 0x00007fffffffe2b8 in ?? ()
#11 0x000000000000001c in ?? ()
#12 0x0000000000000004 in ?? ()
#13 0x00007fffffffe59b in ?? ()
#14 0x00007fffffffe5a9 in ?? ()
#15 0x00007fffffffe5d8 in ?? ()
#16 0x00007fffffffe5df in ?? ()
#17 0x0000000000000000 in ?? ()

The ACPI table dump begins as follows:

Error: command ['/usr/share/apport/dump_acpi_tables.py'] failed with exit code 
1: DSDT @ 0x00000000
  0000: 44 53 44 54 64 4c 00 00 01 8d 4c 4e 56 5f 50 00  DSDTdL....LNV_P.
  0010: 4c 4e 56 5f 50 35 30 31 01 05 00 00 49 4e 54 4c  LNV_P501....INTL
  0020: 17 11 05 20 5b 80 41 43 4d 53 01 0a 72 0a 02 5b  ... [.ACMS..r..[
  0030: 81 10 41 43 4d 53 01 49 43 4d 53 08 44 43 4d 53  ..ACMS.ICMS.DCMS
  0040: 08 5b 86 1f 49 43 4d 53 44 43 4d 53 01 00 08 00  .[..ICMSDCMS....
  0050: 18 00 20 42 53 5f 41 20 52 45 56 30 08 52 45 56  .. BS_A REV0.REV
  0060: 31 08 5b 80 41 43 41 46 00 42 53 5f 41 0a 20 5b  1.[.ACAF.BS_A. [
  0070: 81 44 09 41 43 41 46 00 4f 43 43 30 01 4f 43 43  .D.ACAF.OCC0.OCC

This causes the parser to not find the DSDT which in turn means that
fwts_acpica_FADT->Dsdt and fwts_acpica_FADT->XDsdt are not initialised
and this causes the ACPICA core to segfault when loading these tables
from the internal cached copies.  The fix is to nullify these pointers
if the DSDT fails to load which in turn causes the table loading to
detect the error and abort gracefully rather than segfault.

** Affects: fwts (Ubuntu)
     Importance: Medium
     Assignee: Colin King (colin-king)
         Status: In Progress

** Changed in: fwts (Ubuntu)
       Status: New => In Progress

** Changed in: fwts (Ubuntu)
   Importance: Undecided => Medium

** Changed in: fwts (Ubuntu)
     Assignee: (unassigned) => Colin King (colin-king)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/826774

Title:
  fwts: corrupt ACPI table input causes segmentation fault in acpica
  core

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fwts/+bug/826774/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 826774] [NEW] fwts: corrupt ACPI table input causes segmentation fault in acpica core

Reply via email to