lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 30 Jan 2010 20:50:10 +0100
From:	Johannes Hirte <johannes.hirte@....tu-ilmenau.de>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Kevin Winchester <kjwinchester@...il.com>,
	Dave Airlie <airlied@...ux.ie>,
	"dri-devel" <dri-devel@...ts.sf.net>,
	"linux-kernel" <linux-kernel@...r.kernel.org>,
	Alex Deucher <alexdeucher@...il.com>,
	Jerome Glisse <jglisse@...hat.com>
Subject: Re: Radeon KMS regression still present in 2.6.33-rc6

Am Samstag 30 Januar 2010 18:43:52 schrieb Linus Torvalds:
> On Sat, 30 Jan 2010, Kevin Winchester wrote:
> > I took a picture of the crash details:
> > 
> > http://picasaweb.google.ca/kjwinchester/LinuxKernelPanic#5432580230065271
> > 634
> > 
> > In case it helps, here is the gdb listing for the problem address:
> > 
> > (gdb) l *(radeon_agp_init+0x1d)
> > 0xffffffff811c1592 is in radeon_agp_init
> > (drivers/gpu/drm/radeon/radeon_agp.c:136). 131		uint32_t agp_status;
> > 132		int default_mode;
> > 133		bool is_v3;
> > 134		int ret;
> > 135
> > 136		if (rdev->ddev->agp->agp_info.aper_size < 32) {
> > 137			dev_warn(rdev->dev, "AGP aperture to small (%dM) "
> > 138				"need at least 32M, disabling AGP\n",
> > 139				rdev->ddev->agp->agp_info.aper_size);
> > 140			return -EINVAL;
> > 
> > Is there any other info I can provide?
> 
> In your crash 'rdev->ddev->agp' is NULL. The instruction decode is:
> 
>    e:	55                   	push   %rbp
>    f:	48 89 e5             	mov    %rsp,%rbp
>   12:	41 56                	push   %r14
>   14:	41 55                	push   %r13
>   16:	41 54                	push   %r12
>   18:	53                   	push   %rbx
>   19:	48 89 fb             	mov    %rdi,%rbx
>   1c:	48 83 ec 40          	sub    $0x40,%rsp
>   20:	48 8b 7f 08          	mov    0x8(%rdi),%rdi
>   24:	48 8b 87 20 03 00 00 	mov    0x320(%rdi),%rax
>   2b:*	4c 8b 60 28          	mov    0x28(%rax),%r12     <-- trapping
> instruction 2f:	49 83 fc 1f          	cmp    $0x1f,%r12
>   33:	77 2e                	ja     0x63
>   35:	48 8b 3b             	mov    (%rbx),%rdi
>   38:	48 8b 5f 10          	mov    0x10(%rdi),%rbx
> 
> so it's that lod of "agp_info.aper_size" that fails (you can see how it's
> trying to compare with 31, it comes from that "agp_info.aper_size < 32"
> thing.
> 
> Did that DRM init happen before AGP init or something?
> 
> 		Linus

This is caused by commit 42590a75019a50012f25a962246498dead42843

Fix is already posted:

http://marc.info/?l=linux-kernel&m=126428141429200&w=2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ