Re: [PATCH] intel-agp.c: Fix crash when accessing nonexistent GTT entries in i915

From: Miguel Ojeda
Date: Thu Mar 25 2010 - 12:56:04 EST

Next message: Richard Hartmann: "Question about e06e7c615877026544ad7f8b309d1a3706410383 -- [IPV4]: The scheduled removal of multipath cached routing support."
Previous message: Bjorn Helgaas: "Re: [Bugme-new] [Bug 15621] New: BUG: unable to handle kernel paging request - comm: pccardd"
In reply to: Miguel Ojeda: "Re: [PATCH] intel-agp.c: Fix crash when accessing nonexistent GTT entries in i915"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 24, 2010 at 7:14 PM, Andrew Morton
<akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Tue, 23 Mar 2010 12:40:05 +0100
> Miguel Ojeda <miguel.ojeda.sandonis@xxxxxxxxx> wrote:
>
>> On Tue, Mar 23, 2010 at 5:14 AM, Christian Kujau <lists@xxxxxxxxxxxxxxx> wrote:
>> > On Mon, 22 Mar 2010 at 20:57, Andrew Morton wrote:
>> >> On Sun, 21 Mar 2010 16:30:20 +0100 Miguel Ojeda <miguel.ojeda.sandonis@xxxxxxxxx> wrote:
>> >> > I bisected in order to find the commit 5877960869333e42ebeb733e8d9d5630ff96d350.
>> >
>> > I believe this[0] is fc61901373987ad61851ed001fe971f3ee8d96a3 upstream:
>>
>> Indeed. Also in
>>
>> http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.32.y.git;a=commit;h=fc61901373987ad61851ed001fe971f3ee8d96a3
>
> Does reverting that patch from the current code fix the crash?

Yes. In addition, applying the patch I provided also fixes it in current code.

Current code:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=01e77706cdde7c0b47e5ca1f4284a795504c7c40

>
> --- a/drivers/char/agp/intel-agp.c~revert-1
> +++ a/drivers/char/agp/intel-agp.c
> @@ -207,7 +207,6 @@ static struct _intel_private {
> * popup and for the GTT.
> */
> int gtt_entries; /* i830+ */
> - int gtt_total_size;
> union {
> void __iomem *i9xx_flush_page;
> void *i8xx_flush_page;
> @@ -1239,7 +1238,7 @@ static int intel_i915_configure(void)
> readl(intel_private.registers+I810_PGETBL_CTL); /* PCI Posting. */
>
> if (agp_bridge->driver->needs_scratch_page) {
> - for (i = intel_private.gtt_entries; i < intel_private.gtt_total_size; i++) {
> + for (i = intel_private.gtt_entries; i < current_size->num_entries; i++) {
> writel(agp_bridge->scratch_page, intel_private.gtt+i);
> }
> readl(intel_private.gtt+i-1); /* PCI Posting. */
> @@ -1394,8 +1393,6 @@ static int intel_i915_create_gatt_table(
> if (!intel_private.gtt)
> return -ENOMEM;
>
> - intel_private.gtt_total_size = gtt_map_size / 4;
> -
> temp &= 0xfff80000;
>
> intel_private.registers = ioremap(temp, 128 * 4096);
> @@ -1485,8 +1482,6 @@ static int intel_i965_create_gatt_table(
> if (!intel_private.gtt)
> return -ENOMEM;
>
> - intel_private.gtt_total_size = gtt_size / 4;
> -
> intel_private.registers = ioremap(temp, 128 * 4096);
> if (!intel_private.registers) {
> iounmap(intel_private.gtt);
> _
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Hartmann: "Question about e06e7c615877026544ad7f8b309d1a3706410383 -- [IPV4]: The scheduled removal of multipath cached routing support."
Previous message: Bjorn Helgaas: "Re: [Bugme-new] [Bug 15621] New: BUG: unable to handle kernel paging request - comm: pccardd"
In reply to: Miguel Ojeda: "Re: [PATCH] intel-agp.c: Fix crash when accessing nonexistent GTT entries in i915"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]