Linux 2.6.38-rc6
Dave Airlie
airlied at redhat.com
Thu Feb 24 17:14:59 PST 2011
On Thu, 2011-02-24 at 16:54 -0800, Linus Torvalds wrote:
> On Thu, Feb 24, 2011 at 4:48 PM, Anca Emanuel <anca.emanuel at gmail.com> wrote:
> >
> > diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c
> > index e2bf953..e8f8925 100644
> > --- a/drivers/video/fbmem.c
> > +++ b/drivers/video/fbmem.c
> > @@ -1511,6 +1511,7 @@ void remove_conflicting_framebuffers(struct
> > apertures_struct *a,
> > "%s vs %s - removing generic driver\n",
> > name, registered_fb[i]->fix.id);
> > unregister_framebuffer(registered_fb[i]);
> > + registered_fb[i] = NULL;
> >
> > Tested the patch, and now I get this:
> > dmesg: http://pastebin.com/ieMNrA7C
> >
> > [ 12.252328] BUG: unable to handle kernel NULL pointer dereference
> > at 00000000000003b8
> > [ 12.252342] IP: [<ffffffff81311178>] fb_mmap+0x58/0x1d0
>
> Ok, goodie.
>
> Or not so goodie, but it does make it clear that yeah, the fb code
> seems to be using stale pointers from that registered_fb[] array, and
> the whole unregistration process is just racing with people using it.
>
> Herton had that much bigger patch, can you test it?
I think Andy's patch worked, not sure why it fell between the cracks,
either didn't appear on lkml or in my inbox at all.
if we can get Herton to repost it properly + a tested by I'm happy for
it to go in.
Dave.
More information about the dri-devel
mailing list