* [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
@ 2001-12-17 12:50 Yoshiki Hayashi
2001-12-17 13:00 ` Stephan von Krawczynski
0 siblings, 1 reply; 6+ messages in thread
From: Yoshiki Hayashi @ 2001-12-17 12:50 UTC (permalink / raw)
To: torvalds; +Cc: linux-kernel
This patch is against 2.4.16. I couldn't find maintainer in
MAINTAINERS file so I'm simply sending this to Linus and
linux-kernel list.
In apggart_be.c, if the chip is i830M and the secondary device is not
found, linux kernel tries to dereference NULL pointer. It checks NULL
and returns from the function in the next statement but it's too late.
The attached patch add NULL check before dereferencing the
pointer to fix the problem.
The error log is:
Linux agpgart interface v0.99 (c) Jeff Hartmann
agpgart: Maximum main memory to use for agp memory: 564M
Unable to handle kernel NULL pointer dereference at virtual address 00000020
printing eip:
e8808238
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<e8808238>] Not tainted
EFLAGS: 00010296
eax: 00000000 ebx: 00000000 ecx: ffffffff edx: c025cb28
esi: c1a08400 edi: e8809ba8 ebp: 00000000 esp: e695def0
ds: 0018 es: 0018 ss: 0018
Process insmod (pid: 564, stackpage=e695d000)
Stack: e8804000 00000000 00000000 00809ba8 00000000 e88084b2 e8804000 00000000
e8804068 00005be0 00000000 e88086ac e8809420 00000000 00000063 e8804000
c011525d e695c000 40020a30 bfffcf9c bfffcf5c 000055df e5eb8000 00000060
Call Trace: [<e88084b2>] [<e8804068>] [<e88086ac>] [<e8809420>] [sys_init_module+1285/1448]
[<e8804060>] [system_call+51/56]
Code: f6 43 20 07 74 15 53 68 77 35 00 00 68 86 80 00 00 e8 f2 97
--- drivers/char/agp/agpgart_be.c~ Sat Nov 17 03:11:22 2001
+++ drivers/char/agp/agpgart_be.c Sat Dec 15 12:02:51 2001
@@ -3879,7 +3879,7 @@
i810_dev = pci_find_device(PCI_VENDOR_ID_INTEL,
PCI_DEVICE_ID_INTEL_830_M_1,
NULL);
- if(PCI_FUNC(i810_dev->devfn) != 0) {
+ if(i810_dev != NULL && PCI_FUNC(i810_dev->devfn) != 0) {
i810_dev = pci_find_device(PCI_VENDOR_ID_INTEL,
PCI_DEVICE_ID_INTEL_830_M_1,
i810_dev);
--
Yoshiki Hayashi
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
2001-12-17 12:50 [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c Yoshiki Hayashi
@ 2001-12-17 13:00 ` Stephan von Krawczynski
2001-12-17 16:49 ` Marcelo Tosatti
0 siblings, 1 reply; 6+ messages in thread
From: Stephan von Krawczynski @ 2001-12-17 13:00 UTC (permalink / raw)
To: Yoshiki Hayashi; +Cc: torvalds, linux-kernel, Marcelo Tosatti
On 17 Dec 2001 21:50:03 +0900
Yoshiki Hayashi <yoshiki@xemacs.org> wrote:
> This patch is against 2.4.16. I couldn't find maintainer in
> MAINTAINERS file so I'm simply sending this to Linus and
> linux-kernel list.
>
> In apggart_be.c, if the chip is i830M and the secondary device is not
> found, linux kernel tries to dereference NULL pointer. It checks NULL
> and returns from the function in the next statement but it's too late.
>
> The attached patch add NULL check before dereferencing the
> pointer to fix the problem.
This was solved some weeks ago and the patch is pending somewhere (marcelo?).
Unfortunately the complete cure is inside this pending patch, because there are
other small tweaks for i830M. The NULL-check is sufficient for non-oops, but
i830-register size is smaller than the further ongoings inside agpgart_be.c.
Regards,
Stephan
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
2001-12-17 13:00 ` Stephan von Krawczynski
@ 2001-12-17 16:49 ` Marcelo Tosatti
2001-12-17 17:55 ` Marcelo Tosatti
0 siblings, 1 reply; 6+ messages in thread
From: Marcelo Tosatti @ 2001-12-17 16:49 UTC (permalink / raw)
To: Stephan von Krawczynski; +Cc: Yoshiki Hayashi, torvalds, linux-kernel
On Mon, 17 Dec 2001, Stephan von Krawczynski wrote:
> > The attached patch add NULL check before dereferencing the
> > pointer to fix the problem.
>
> This was solved some weeks ago and the patch is pending somewhere (marcelo?).
The whole patch is queued for 2.4.18pre..
> Unfortunately the complete cure is inside this pending patch, because there are
> other small tweaks for i830M. The NULL-check is sufficient for non-oops, but
> i830-register size is smaller than the further ongoings inside agpgart_be.c.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
2001-12-17 16:49 ` Marcelo Tosatti
@ 2001-12-17 17:55 ` Marcelo Tosatti
2001-12-17 19:16 ` Robert Love
0 siblings, 1 reply; 6+ messages in thread
From: Marcelo Tosatti @ 2001-12-17 17:55 UTC (permalink / raw)
To: Stephan von Krawczynski; +Cc: Yoshiki Hayashi, torvalds, linux-kernel
On Mon, 17 Dec 2001, Marcelo Tosatti wrote:
>
>
> On Mon, 17 Dec 2001, Stephan von Krawczynski wrote:
>
> > > The attached patch add NULL check before dereferencing the
> > > pointer to fix the problem.
> >
> > This was solved some weeks ago and the patch is pending somewhere (marcelo?).
>
> The whole patch is queued for 2.4.18pre..
>
> > Unfortunately the complete cure is inside this pending patch, because there are
> > other small tweaks for i830M. The NULL-check is sufficient for non-oops, but
> > i830-register size is smaller than the further ongoings inside agpgart_be.c.
Well, Stephan, if you could send me only the part which fixes the oops for
2.4.17 then I'll be happy.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
2001-12-17 17:55 ` Marcelo Tosatti
@ 2001-12-17 19:16 ` Robert Love
2001-12-17 23:17 ` Stephan von Krawczynski
0 siblings, 1 reply; 6+ messages in thread
From: Robert Love @ 2001-12-17 19:16 UTC (permalink / raw)
To: Marcelo Tosatti
Cc: Stephan von Krawczynski, Yoshiki Hayashi, torvalds, linux-kernel
On Mon, 2001-12-17 at 12:55, Marcelo Tosatti wrote:
> Well, Stephan, if you could send me only the part which fixes the oops for
> 2.4.17 then I'll be happy.
This patch is sufficient to prevent the oops (check for null pointer),
but as said the full patch from Nicolas is needed for completely correct
operation.
--- linux-2.4.17-rc1/drivers/char/agp/agpgart_be.c Sat Nov 17 03:11:22 2001
+++ linux/drivers/char/agp/agpgart_be.c Sat Dec 15 12:02:51 2001
@@ -3879,7 +3879,7 @@
i810_dev = pci_find_device(PCI_VENDOR_ID_INTEL,
PCI_DEVICE_ID_INTEL_830_M_1,
NULL);
- if(PCI_FUNC(i810_dev->devfn) != 0) {
+ if(i810_dev != NULL && PCI_FUNC(i810_dev->devfn) != 0) {
i810_dev = pci_find_device(PCI_VENDOR_ID_INTEL,
PCI_DEVICE_ID_INTEL_830_M_1,
i810_dev);
Robert Love
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c
2001-12-17 19:16 ` Robert Love
@ 2001-12-17 23:17 ` Stephan von Krawczynski
0 siblings, 0 replies; 6+ messages in thread
From: Stephan von Krawczynski @ 2001-12-17 23:17 UTC (permalink / raw)
To: Robert Love
Cc: Marcelo Tosatti, Stephan von Krawczynski, Yoshiki Hayashi,
torvalds, linux-kernel
> On Mon, 2001-12-17 at 12:55, Marcelo Tosatti wrote:
>
> > Well, Stephan, if you could send me only the part which fixes the
oops for
> > 2.4.17 then I'll be happy.
Robert's patch is it. Plain and simple, was my approach too, but it
turned out, Nics was cleaner.
Anyway, I guess Nic will re-submit it based on the non-oopsing 2.4.17
:-)
Regards,
Stephan
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2001-12-17 23:18 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-12-17 12:50 [PATCH] 2.4.16 Fix NULL pointer dereferencing in agpgart_be.c Yoshiki Hayashi
2001-12-17 13:00 ` Stephan von Krawczynski
2001-12-17 16:49 ` Marcelo Tosatti
2001-12-17 17:55 ` Marcelo Tosatti
2001-12-17 19:16 ` Robert Love
2001-12-17 23:17 ` Stephan von Krawczynski
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox