Re: [4KSTACK][2.6.6] Stack overflow in radeonfb
From: Jörn Engel
Date: Thu May 13 2004 - 10:18:56 EST
On Thu, 13 May 2004 16:56:40 +0200, Kronos wrote:
> Kronos <kronos@xxxxxxxxxxxxxx> ha scritto:
> > do_IRQ: stack overflow: 460
> > Call Trace:
> > [<c01086be>] do_IRQ+0x3fe/0x410
> > [<c011c902>] __wake_up_locked+0x22/0x30
> > [<c010633c>] common_interrupt+0x18/0x20
> > [<c02e1baa>] radeon_write_pll_regs+0xbaa/0x1e10
> > [<c011c902>] __wake_up_locked+0x22/0x30
> > [<c02e3c5c>] radeon_calc_pll_regs+0xfc/0x120
> > [<c02e333c>] radeon_write_mode+0x35c/0xb80
> > [<c02e4509>] radeonfb_set_par+0x889/0xb50
>
> I think that the problem is here:
>
> int radeonfb_set_par(struct fb_info *info)
> {
> struct radeonfb_info *rinfo = info->par;
> struct fb_var_screeninfo *mode = &info->var;
> struct radeon_regs newmode;
>
> struct radeon_regs is huge: 2356 bytes
> Quick fix (I'll test ASAP):
Even quicker fix:
--- linux-2.6/drivers/video/aty/radeon_base.c~ 2004-05-13 16:51:08.000000000 +0200
+++ linux-2.6/drivers/video/aty/radeon_base.c 2004-05-13 16:55:09.000000000 +0200
@@ -1397,7 +1397,7 @@
{
struct radeonfb_info *rinfo = info->par;
struct fb_var_screeninfo *mode = &info->var;
- struct radeon_regs newmode;
+ static struct radeon_regs newmode;
int hTotal, vTotal, hSyncStart, hSyncEnd,
hSyncPol, vSyncStart, vSyncEnd, vSyncPol, cSync;
u8 hsync_adj_tab[] = {0, 0x12, 9, 9, 6, 5};
I'm not sure what the point behind the radeon_write_mode() is at all.
The best solution could be to just merge radeon_write_mode() and
radeonfb_set_par() into a single function and do the tons of OUTREG()
directly. In that case, don't bother to fix any typos.
Ben? Wrong analysis?
Jörn
--
Don't patch bad code, rewrite it.
-- Kernigham and Pike, according to Rusty
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/