On Thu, Feb 24, 2011 at 4:48 PM, Anca Emanuel <anca.emanuel@xxxxxxxxx> wrote: > > diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c > index e2bf953..e8f8925 100644 > --- a/drivers/video/fbmem.c > +++ b/drivers/video/fbmem.c > @@ -1511,6 +1511,7 @@ void remove_conflicting_framebuffers(struct > apertures_struct *a, > "%s vs %s - removing generic driver\n", > name, registered_fb[i]->fix.id); > unregister_framebuffer(registered_fb[i]); > + registered_fb[i] = NULL; > > Tested the patch, and now I get this: > dmesg: http://pastebin.com/ieMNrA7C > > [ 12.252328] BUG: unable to handle kernel NULL pointer dereference > at 00000000000003b8 > [ 12.252342] IP: [<ffffffff81311178>] fb_mmap+0x58/0x1d0 Ok, goodie. Or not so goodie, but it does make it clear that yeah, the fb code seems to be using stale pointers from that registered_fb[] array, and the whole unregistration process is just racing with people using it. Herton had that much bigger patch, can you test it? Linus _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel
