[Bug 30049] New: 2.6.36-rc3: divide by zero in radeon_crtc_scaling_mode_fixup

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Sep 6 11:46:58 PDT 2010


https://bugs.freedesktop.org/show_bug.cgi?id=30049

           Summary: 2.6.36-rc3: divide by zero in
                    radeon_crtc_scaling_mode_fixup
           Product: DRI
           Version: XOrg CVS
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: DRM/Radeon
        AssignedTo: dri-devel at lists.freedesktop.org
        ReportedBy: jeffm at suse.com


Created an attachment (id=38483)
 --> (https://bugs.freedesktop.org/attachment.cgi?id=38483)
Quick debugging patch

When I boot 2.6.36-rc3 on my V5250 (M56GL) equipped t60p, I get the following:
[drm:atom_op_jump] *ERROR* atombios stuck in loop for more than 5secs aborting
[drm:atom_execute_table_locked] *ERROR* atombios stuck executing E21A (len 82,
WS 4, PS 4) @ 0xE24B
[drm:atom_op_jump] *ERROR* atombios stuck in loop for more than 5secs aborting
[drm:atom_execute_table_locked] *ERROR* atombios stuck executing E21A (len 82,
WS 4, PS 4) @ 0xE24B
[drm:atom_execute_table_locked] *ERROR* atombios stuck executing CD0E (len 462,
WS 4, PS 12) @ 0xCD67
[drm:atom_op_jump] *ERROR* atombios stuck in loop for more than 5secs aborting
[drm:atom_execute_table_locked] *ERROR* atombios stuck executing E8F2 (len 86,
WS 4, PS 0) @ 0xE925
divide error: 0000 [#1] PREEMPT SMP 
last sysfs file: /sys/devices/system/cpu/cpu1/cache/index2/shared_cpu_map
CPU 1 
Modules linked in: nfs lockd fscache nfs_acl auth_rpcgss sunrpc netconsole
configfs ip6t_LOG xt_tcpudp xt_pkttype ipt_LOG xt_limit autofs4 af_packet
rfcomm snd_pcm_oss snd_mixer_oss sco binfmt_misc bnep l2cap snd_seq ip6t_REJECT
nf_conntrack_ipv6 ip6table_raw xt_NOTRACK ipt_REJECT iptable_raw iptable_filter
ip6table_mangle nf_conntrack_netbios_ns nf_conntrack_ipv4 nf_defrag_ipv4
ip_tables xt_conntrack cpufreq_conservative nf_conntrack cpufreq_userspace
ip6table_filter cpufreq_powersave ip6_tables x_tables acpi_cpufreq mperf fuse
sha256_generic cryptd aes_x86_64 aes_generic cbc dm_crypt loop pcmcia uvcvideo
snd_hda_codec_analog videodev yenta_socket ppdev v4l1_compat pcmcia_rsrc sr_mod
parport_pc snd_hda_intel kvm_intel kvm snd_hda_codec snd_usb_audio parport
pcmcia_core thinkpad_acpi sg cdrom i2c_i801 btusb v4l2_compat_ioctl32 arc4
battery button iTCO_wdt snd_pcm snd_hwdep iTCO_vendor_support snd_timer
snd_usbmidi_lib video ecb ac snd_rawmidi snd_seq_device snd iwl39
oc tpm_tis tpm tpm_bios soundcore iwlcore mac80211 joydev cfg80211 nsc_ircc
bluetooth irda crc_ccitt e1000e rfkill ext4 jbd2 crc16 linear radeon ttm
drm_kms_helper drm i2c_algo_bit sd_mod dm_snapshot edd dm_mod fan ata_generic
ata_piix thermal processor thermal_sys ahci libahci libata scsi_mod [last
unloaded: netconsole]

Pid: 3072, comm: Xorg Not tainted 2.6.36-rc3-0.0.35.d9bfa1e-desktop #1
20088JU/20088JU
RIP: 0010:[<ffffffffa02049e3>]  [<ffffffffa02049e3>]
radeon_crtc_scaling_mode_fixup+0x153/0x340 [radeon]
RSP: 0018:ffff8800bce6ba88  EFLAGS: 00010206
RAX: 0000000600000000 RBX: ffff880037610000 RCX: ffff8800b97074c0
RDX: 0000000000000000 RSI: ffff8800bedd0000 RDI: ffff880037610858
RBP: 0000000000000400 R08: 0000000000000698 R09: 0000000000000578
R10: ffffffffa0265420 R11: 000000000000041a R12: ffff8800b97074b8
R13: ffff8800b97074c0 R14: 0000000000000000 R15: 0000000000000300
FS:  00007fd702f84840(0000) GS:ffff880001f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc4c5fdb558 CR3: 00000000bce7f000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process Xorg (pid: 3072, threadinfo ffff8800bce6a000, task ffff8800bce88600)
Stack:
 ffff8800bedd0000 ffff8800b9707001 ffff880037610778 00000000bce2b3c0
<0> ffff8800bce2b3c0 ffff8800bedd0000 ffff880037610000 ffff880037610000
<0> ffff8800b97074c0 ffff8800b9707000 ffff8800b97074b8 ffff8800bce2b3c0
Call Trace:
 [<ffffffffa019a1d4>] drm_crtc_helper_set_mode+0x1a4/0x3c0 [drm_kms_helper]
 [<ffffffffa019b11a>] drm_crtc_helper_set_config+0x8ba/0x950 [drm_kms_helper]
 [<ffffffffa0159e19>] drm_mode_setcrtc+0x359/0x430 [drm]
 [<ffffffffa014bb0c>] drm_ioctl+0x39c/0x460 [drm]
 [<ffffffff8115a3b8>] do_vfs_ioctl+0x88/0x300
 [<ffffffff8115a6b0>] sys_ioctl+0x80/0xa0
 [<ffffffff8100303b>] system_call_fastpath+0x16/0x1b
 [<00007fd701444057>] 0x7fd701444057
Code: 8b 93 68 07 00 00 85 d2 0f 84 92 00 00 00 44 89 f8 c1 e0 0c 85 c0 0f 84
a1 01 00 00 41 c1 e6 0c 89 c0 31 d2 48 c1 e0 0d 45 89 f6 <49> f7 f6 48 83 c0 01
48 d1 e8 89 83 70 07 00 00 89 e8 c1 e0 0c 
RIP  [<ffffffffa02049e3>] radeon_crtc_scaling_mode_fixup+0x153/0x340 [radeon]
 RSP <ffff8800bce6ba88>

The divide by zero was introduced with kernel commit
d65d65b175a29bd7ea2bb69c046419329c4a5db7.

It seems that v_dst on my system can end up being 0, so when it's used at the
bottom of radeon_crtc_scaling_mode_fixup, it triggers a divide by zero error.

The attached patch, probably not the right fix, avoids the Oops but my displays
don't come up properly. Sometimes they get invalid modes. Other times they come
up properly in dual-head mode but GNOME won't start. Xorg seems to be spinning.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the dri-devel mailing list