NULL pointer dereference in ALSA triggered through saa7134-alsa

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
I've finally succesfully compiled and linked saa7134-alsa driver usingan external alsa-driver and its Module.symvers file. Everything seemsokay, no undefined symbol or something else:
- An installed 2.6.30.4 kernel which only builds and brings soundcoreand sound_firmware,- Latest alsa-driver built externally and installed,- Latest saa7134-alsa, cx88-alsa, etc. code from linus-2.6 (seen thatthey don't affected by some API/ABI changes) patched on top of thealsa-driver tarball,
I'm copying Module.symvers file generated after building the alsa-driverinto each directory for getting rid of undefined snd_*() symbols.
When I plug a saa7134 PCI card and reboot, the -alsa driver isautomatically probed but it immediately oopses. I wonder if this couldbe related to my weird-but-apparently-successful compilation experienceabove?
[    6.876120] Linux video capture interface: v2.00[    7.089550] saa7130/34: v4l2 driver version 0.2.15 loaded[    7.089612] saa7134 0000:03:05.0: PCI INT A -> GSI 20 (level, low) ->IRQ 20[    7.089622] saa7133[0]: found at 0000:03:05.0, rev: 209, irq: 20,latency: 64, mmio: 0xfdbff000[    7.089631] saa7133[0]: subsystem: 1461:f11d, board: Avermedia PCIpure analog (M135A) [card=149,autodetected][    7.089659] saa7133[0]: board init: gpio is 40000[    7.089744] input: saa7134 IR (Avermedia PCI pure  as/devices/pci0000:00/0000:00:14.4/0000:03:05.0/input/input6[    7.089789] IRQ 20/saa7133[0]: IRQF_DISABLED is not guaranteed onshared IRQs[    7.230265] saa7133[0]: i2c eeprom 00: 61 14 1d f1 54 20 1c 00 43 43a9 1c 55 d2 b2 92[    7.230274] saa7133[0]: i2c eeprom 10: ff ff ff ff ff 20 ff ff ff ffff ff ff ff ff ff[    7.230282] saa7133[0]: i2c eeprom 20: 01 40 01 32 32 01 01 43 88 ff00 56 ff ff ff ff[    7.230289] saa7133[0]: i2c eeprom 30: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230296] saa7133[0]: i2c eeprom 40: ff 22 00 c0 96 ff 03 30 15 00ff ff ff ff ff ff[    7.230302] saa7133[0]: i2c eeprom 50: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230309] saa7133[0]: i2c eeprom 60: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230316] saa7133[0]: i2c eeprom 70: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230323] saa7133[0]: i2c eeprom 80: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230330] saa7133[0]: i2c eeprom 90: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230337] saa7133[0]: i2c eeprom a0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230344] saa7133[0]: i2c eeprom b0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230350] saa7133[0]: i2c eeprom c0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230357] saa7133[0]: i2c eeprom d0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230364] saa7133[0]: i2c eeprom e0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.230371] saa7133[0]: i2c eeprom f0: ff ff ff ff ff ff ff ff ff ffff ff ff ff ff ff[    7.412095] HDA Intel 0000:00:14.2: PCI INT A -> GSI 16 (level, low)-> IRQ 16[    7.512683] hda_codec: ALC883: BIOS auto-probing.[    7.512886] input: HDA Digital PCBeep as/devices/pci0000:00/0000:00:14.2/input/input7[    7.516862] HDA Intel 0000:01:05.2: PCI INT B -> GSI 19 (level, low)-> IRQ 19[    7.689107] tuner 1-004b: chip found @ 0x96 (saa7133[0])[    7.724034] tda829x 1-004b: setting tuner address to 60[    7.800011] tda829x 1-004b: type set to tda8290+75a[    8.294455] usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto2 vid 0x04E8 pid 0x325B[    8.294500] usbcore: registered new interface driver usblp[   10.814379] saa7133[0]: dsp access error[   10.845083] saa7133[0]: registered device video0 [v4l2][   10.845111] saa7133[0]: registered device vbi0[   10.845130] saa7133[0]: registered device radio0[   10.950359] EXT3 FS on sda5, internal journal[   10.996203] saa7134 ALSA driver for DMA sound loaded[   10.996217] IRQ 20/saa7133[0]: IRQF_DISABLED is not guaranteed onshared IRQs[   10.996247] saa7133[0]/alsa: saa7133[0] at 0xfdbff000 irq 20registered as card -1  <-- /* That's interesting? */[   10.996349] BUG: unable to handle kernel NULL pointer dereference at00000002 <-- ********** 1st null ptr deref[   10.996962] IP: [<f8834cd4>] snd_pcm_timer_init+0x26/0xd1 [snd_pcm][   10.997255] *pde = 00000000·[   10.997255] Oops: 0000 [#1] SMP·[   10.997255] last sysfs file: /sys/module/saa7134/initstate[   10.997255] Modules linked in: saa7134_alsa(+) usblp tda827x tda8290snd_hda_codec_atihdmi tuner snd_hda_codec_realtek snd_hda_intelsnd_hda_codec snd_seq_dummy snd_hwdep snd_seq_oss saa7134 snd_seq_midi_event snd_seq snd_seq_device ir_common snd_pcm_oss snd_mixer_ossv4l2_common videodev v4l1_compat videobuf_dma_sg videobuf_core snd_pcmtveeprom snd_timer snd i2c_piix4 shpchp k8temp soundcore snd_page_alloc pcspkr r8169 ati_agp agpgart mii brd ata_generic pata_acpi ahcipata_atiixp libata[   10.997255]·[   10.997255] Pid: 1141, comm: modprobe.bin Not tainted (2.6.30.4-126#3) Unknow[   10.997255] EIP: 0060:[<f8834cd4>] EFLAGS: 00010246 CPU: 1[   10.997255] EIP is at snd_pcm_timer_init+0x26/0xd1 [snd_pcm][   10.997255] EAX: 00000002 EBX: f65c0e0c ECX: f6b2fe98 EDX: 00000000[   10.997255] ESI: f65c0c00 EDI: 00000018 EBP: f6b2febc ESP: f6b2fe98[   10.997255]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068[   10.997255] Process modprobe.bin (pid: 1141, ti=f6b2e000task=f6a2caa0 task.ti=f6b2e000)[   10.997255] Stack:[   10.997255]  00000003 00000000 c030c2e9 f6b2feb8 f87ca221 00000000f65c0e0c f6921400[   10.997255]  00000018 f6b2feec f882da8f 00000001 f6921438 f88358e4436d6370 63304432[   10.997255]  f65c0c00 f87cf9fe f69b42a0 f65c0d70 f65c0c00 f6b2fefcf87ce0bb f65c0e0c[   10.997255] Call Trace:[   10.997255]  [<c030c2e9>] ? device_create_file+0x13/0x15[   10.997255]  [<f87ca221>] ? snd_add_device_sysfs_file+0x67/0x6e [snd][   10.997255]  [<f882da8f>] ? snd_pcm_dev_register+0x176/0x1de [snd_pcm][   10.997255]  [<f87ce0bb>] ? snd_device_register_all+0x27/0x44 [snd][   10.997255]  [<f87cadce>] ? snd_card_register+0x4c/0x131 [snd][   10.997255]  [<f8d17687>] ? alsa_device_init+0x200/0x24b [saa7134_alsa][   10.997255]  [<f8d1773d>] ? saa7134_alsa_init+0x6b/0x93 [saa7134_alsa][   10.997255]  [<c0101137>] ? do_one_initcall+0x4a/0x115[   10.997255]  [<f8d176d2>] ? saa7134_alsa_init+0x0/0x93 [saa7134_alsa][   10.997255]  [<c0145205>] ? __blocking_notifier_call_chain+0x40/0x4c[   10.997255]  [<c015302d>] ? sys_init_module+0x87/0x18b[   10.997255]  [<c01031b4>] ? sysenter_do_call+0x12/0x28[   11.066012] Code: 00 00 5b 5d c3 55 89 e5 57 56 53 89 c3 83 ec 18 8b53 30 c7 45 e0 00 00 00 00 8d 4d dc c7 45 dc 03 00 00 00 8b 30 83 e2 018b 06 <8b> 00 89 45 e4 8b 46 0c 89 45 e8 8b 43 0c 01 c0 09c2 8d 45 f0·[   11.066012] EIP: [<f8834cd4>] snd_pcm_timer_init+0x26/0xd1 [snd_pcm]SS:ESP 0068:f6b2fe98[   11.066012] CR2: 0000000000000002[   11.066318] ---[ end trace 000b75f3b1903e42 ]---[   14.079154] r8169: eth0: link up[   14.095472] r8169: eth0: link up[   14.335980] r8169: eth0: link up[   17.074440] NET: Registered protocol family 10[   17.074879] lo: Disabled Privacy Extensions[   20.520592] BUG: unable to handle kernel NULL pointer dereference at00000002 <--  ********* 2nd nullptr deref[   20.535353] IP: [<f8830abf>] snd_pcm_info+0x2e/0xe0 [snd_pcm][   20.535353] *pde = 00000000·[   20.559932] Oops: 0000 [#2] SMP·[   20.559932] last sysfs file:/sys/devices/pci0000:00/0000:00:14.4/0000:03:05.0/sound/card2/pcmC2D0c/pcm_class[   20.586971] Modules linked in: ipv6 saa7134_alsa(+) usblp tda827xtda8290 snd_hda_codec_atihdmi tuner snd_hda_codec_realtek snd_hda_intelsnd_hda_codec snd_seq_dummy snd_hwdep snd_seq_oss saa7134 snd_seq_midi_event snd_seq snd_seq_device ir_common snd_pcm_osssnd_mixer_oss v4l2_common videodev v4l1_compat videobuf_dma_sgvideobuf_core snd_pcm tveeprom snd_timer snd i2c_piix4 shpchp k8tempsoundcore snd_page_alloc pcspkr r8169 ati_agp agpgart mii brd ata_generic pata_acpiahci pata_atiixp libata[   20.606741]·[   20.606741] Pid: 1367, comm: hald Tainted: G      D    (2.6.30.4-126#3) Unknow[   20.704561] Process hald (pid: 1367, ti=f660e000task=f6420c70 task.ti=f660e000)[   20.704561] Stack:[   20.704561]  f65c0e0c f65c0c00 f6ada3f0 f642fe00 f6919ac0 f660fe34f882e15a f65c0e0c[   20.704561]  00000200 f6ada3f0 f6ada3c0 f6667000 f660fe3c f882e254f660fe70 f87cb9e9[   20.704561]  f680db00 0160fe70 ffffffff f64cb870 f6919ac0 0000100000000020 00000020[   20.704561] Call Trace:[   20.704561]  [<f882e15a>] ? snd_pcm_proc_info_read+0x80/0x16c [snd_pcm][   20.704561]  [<f882e254>] ? snd_pcm_stream_proc_info_read+0xe/0x10[snd_pcm][   20.704561]  [<f87cb9e9>] ? snd_info_entry_open+0x26b/0x2de [snd][   20.704561]  [<c01df157>] ? proc_reg_open+0xb6/0x122[   20.704561]  [<f87cb6ca>] ? snd_info_entry_release+0x0/0xa7 [snd][   20.704561]  [<c01ac441>] ? __dentry_open+0x119/0x207[   20.704561]  [<c01ac5c9>] ? nameidata_to_filp+0x2c/0x43[   20.704561]  [<c01df0a1>] ? proc_reg_open+0x0/0x122[   20.704561]  [<c01b656b>] ? do_filp_open+0x3ae/0x6c8[   20.704561]  [<c019ff47>] ? free_pages_and_swap_cache+0x44/0x57[   20.704561]  [<c01b6937>] ? getname+0x20/0xb7[   20.704561]  [<c01be23c>] ? alloc_fd+0x55/0xbe[   20.704561]  [<c01ac253>] ? do_sys_open+0x44/0xba[   20.704561]  [<c01ac30b>] ? sys_open+0x1e/0x26[   20.704561]  [<c01031b4>] ? sysenter_do_call+0x12/0x28[   20.704561] Code: 00 00 00 89 e5 57 56 53 89 d3 83 ec 08 89 df 89 45ec 8b 00 8b 55 ec 89 45 f0 31 c0 8b 72 04 f3 ab 8b 55 f0 b9 40 00 00 008b 02 <8b> 00 89 43 0c 8b 42 0c 8b 55 ec 89 03 8b 42 30 89 43 08 8b 42·[   20.704561] EIP: [<f8830abf>] snd_pcm_info+0x2e/0xe0 [snd_pcm] SS:ESP0068:f660fe04[   21.199052] CR2: 0000000000000002[   21.222000] ---[ end trace 000b75f3b1903e43 ]---[   20.606741] EIP: 0060:[<f8830abf>] EFLAGS: 00010246 CPU: 1[   20.704561] EIP is at snd_pcm_info+0x2e/0xe0 [snd_pcm][   20.704561] EAX: 00000002 EBX: f642fe00 ECX: 00000040 EDX: f65c0c00[   20.704561] ESI: 00000000 EDI: f642ff20 EBP: f660fe18 ESP: f660fe04[   20.704561]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
The first dereference is happening at:
(gdb) list *snd_pcm_timer_init+0x260x7cf8 is in snd_pcm_timer_init(/var/pisi/module-alsa-driver-1.0.20_20090808-49/work/alsa-driver/acore/../alsa-kernel/core/pcm_timer.c:131).126             struct snd_timer_id tid;127             struct snd_timer *timer;128129             tid.dev_sclass = SNDRV_TIMER_SCLASS_NONE;130             tid.dev_class = SNDRV_TIMER_CLASS_PCM;131             tid.card = substream->pcm->card->number;        <----------132             tid.device = substream->pcm->device;133             tid.subdevice = (substream->number << 1) |(substream->stream & 1);134             if (snd_timer_new(substream->pcm->card, "PCM", &tid,&timer) < 0)135                     return;at the following place:
Can it be related to a race condition between the sound card and thesaa7134-alsa interface?


_______________________________________________Alsa-devel mailing listAlsa-devel@xxxxxxxxxxxxxxxxxxxx://mailman.alsa-project.org/mailman/listinfo/alsa-devel
[Index of Archives]     [ALSA User]     [Linux Audio Users]     [Kernel Archive]     [Asterisk PBX]     [Photo Sharing]     [Linux Sound]     [Video 4 Linux]     [Gimp]     [Yosemite News]

  Powered by Linux