Re: [PATCH 5.10/5.15/6.1/6.6/6.12] agp/amd64: Fix broken error propagation in agp_amd64_probe()

From: Mingyu Wang

Date: Mon Jun 29 2026 - 21:24:36 EST



What is special about this virtual environment? Nobody else
seems to have seen that in 20+ years.

Or maybe the Fixes tag is not quite correct and something else more
recent has caused it.

Hi Andi,


You are right that normal users will not see this crash in the wild.

The environment is a QEMU-based driver fuzzing framework. Rather than functionally emulating specific hardware, the framework extracts device matching information from the driver and synthesizes a mock PCI device just to trigger the driver's binding and initialization paths.

In this case, the synthesized PCI device matched the AGP bridge's IDs, forcing `agp_amd64_probe()` to run. However, because this is a synthetic fuzzing environment, there was no physical or emulated AMD Northbridge present in the system.

In a real-world system, the AGP bridge and the Northbridge exist together. Because the fuzzing framework provided the mock PCI device but did not provide the Northbridge, `cache_nbs()` returned -ENODEV, exposing the flawed `== -1` error handling path.

The `Fixes` tag is correct. The logic flaw was introduced in that commit, but it remained dormant because standard hardware configurations do not produce this specific missing-hardware scenario.

Best regards,
Mingyu Wang