[alsa-devel] 3.6-rc Cirrus HDA reconfig oops...
Takashi Iwai
tiwai at suse.de
Mon Sep 10 19:33:59 CEST 2012
At Mon, 10 Sep 2012 23:00:39 +0800,
Daniel J Blueman wrote:
>
> On 10 September 2012 16:29, Takashi Iwai <tiwai at suse.de> wrote:
> > At Mon, 10 Sep 2012 09:46:43 +0200,
> > Takashi Iwai wrote:
> >>
> >> At Sun, 9 Sep 2012 13:02:16 +0800,
> >> Daniel J Blueman wrote:
> >> >
> >> > With a non-specialised Cirrus HDA codec, it's readily possible to
> >> > cause a kernel oops as root with 3.6-rc kernels [1].
> >> >
> >> > patch_cirrus.c:
> >> >
> >> > static int cs_init(struct hda_codec *codec)
> >> > {
> >> > struct cs_spec *spec = codec->spec;
> >> >
> >> > /* init_verb sequence for C0/C1/C2 errata*/
> >> > snd_hda_sequence_write(codec, cs_errata_init_verbs);
> >> >
> >> > snd_hda_sequence_write(codec, cs_coef_init_verbs);
> >> >
> >> > if (spec->gpio_mask) {
> >> > snd_hda_codec_write(codec, 0x01, 0, AC_VERB_SET_GPIO_MASK,
> >> > spec->gpio_mask);
> >> >
> >> > Here, spec is NULL, so loading spec->gpio_mask causes a fatal
> >> > pagefault at address 0x180 (ie the offset of gpio_mask in the struct).
> >> > I was going to prepare a patch to guard for this, but since spec is
> >> > expected in so many places, there is a likely a behavioural issue
> >> > preventing a spec struct being generated.
> >> >
> >> > Let me know for further testing and debug.
> >>
> >> It's because of calling a leftover callback.
> >> The patch below should fix the issue. I'll queue it up to for-linus
> >> branch.
> >
> > Oops, a wrong patch. The corrected one below.
>
> [...]
>
> Superb; this fixes the issue nicely.
>
> Thanks Takashi!
OK, thanks for confirmation!
Takashi
More information about the Alsa-devel
mailing list