On 12/10/2013 04:23 PM, Daniel Vetter wrote:
On Tue, Dec 10, 2013 at 12:27:55PM +0400, Eugene Shatokhin wrote:
Hi,
I have recently observed a NULL pointer dereference in i915 driver
on my Eee PC running ROSA Linux with kernel 3.10.21.
The crash occurs during shutdown but quite rarely, not each time.
The system log is lost but here is what I extracted from the info
displayed on the screen.
NULL pointer dereference at 0x4
EIP is at i915_update_dri1_breadcrumb+0x25/0x70
comm: systemd-journal
i915_update_dri1_breadcrumb+0x25:
mov 0x4(%eax),%ebx // %eax contains 0, the list of register
values confirms that.
That is the reading of 'master_priv->sarea_priv':
void i915_update_dri1_breadcrumb(struct drm_device *dev)
{
drm_i915_private_t *dev_priv = dev->dev_private;
struct drm_i915_master_private *master_priv;
if (dev->primary->master) {
master_priv = dev->primary->master->driver_priv;
if (master_priv->sarea_priv) // <<< crashes here
master_priv->sarea_priv->last_dispatch =
READ_BREADCRUMB(dev_priv);
}
}
Indeed, that's fairly hapzardous. But also only needed for legacy ums
support. I'll send out a patch to block this in kms mode quickly. Please
test it.
Thanks, Daniel
Thanks a lot!
I am building kernel 3.10.23 now with this patch applied and will let
you know if something goes wrong.
Regards,
Eugene
--
Eugene Shatokhin, ROSA Laboratory.
www.rosalab.com
_______________________________________________
Intel-gfx mailing list
Intel-gfx@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/intel-gfx
