RE: [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free

Next message: Gary Yang: "[PATCH v7 3/3] arm64: dts: cix: add support for cix sky1 resets"
Previous message: Sherry Sun: "RE: [PATCH V5 5/5] arm64: dts: imx93: Add i.MX93 Wireless EVK board support"
In reply to: Bjorn Helgaas: "Re: [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free"
Next in thread: Bjorn Helgaas: "Re: [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jiawen Wu

Date: Tue Feb 03 2026 - 21:04:52 EST

On Wed, Feb 4, 2026 6:55 AM, Bjorn Helgaas wrote:
> On Tue, Feb 03, 2026 at 10:12:32AM +0800, Jiawen Wu wrote:
> > The function ghes_estatus_pool_region_free() is exported and be called
> > by the PCIe AER recovery path, which unconditionally invokes it to free
> > aer_capability_regs memory.
> >
> > Although current AER usage assumes memory comes from the GHES pool,
> > robustness requires guarding against pool unavailability. Add a NULL check
> > before calling gen_pool_free() to prevent crashes when the pool is not
> > initialized. This also makes the API safer for potential future use by
> > non-GHES callers.
>
> I'm not sure what you mean by "pool unavailability." I think getting
> here with ghes_estatus_pool==NULL means we have a logic error
> somewhere, and I don't think we should silently hide that error.
>
> I'm generally in favor of *not* checking so we find out if the caller
> forgot to keep track of the pointer correctly.

"pool unavailability" means that when I attempt to call
aer_recover_queue() in a ethernet driver, which does not create
ghes_estatus_pool, it leads to a NULL pointer dereference.