[alsa-devel] snd-hda-intel: HG regression - NULL pointer dereference

Ivan N. Zlatev contact at i-nz.net
Tue Dec 18 20:01:52 CET 2007 

Takashi Iwai wrote:
> At Tue, 18 Dec 2007 16:28:59 +0000,
> Ivan N. Zlatev wrote:
>> On 12/18/07, Takashi Iwai <tiwai at suse.de> wrote:
>>> At Tue, 18 Dec 2007 15:24:45 +0000,
>>> Ivan N. Zlatev wrote:
>>>> When loading snd-hda-intel from Alsa HG I get a NULL pointer
>>>> dereference and the trace below. The card is with the following codec:
>>>>
>>>> Codec: SigmaTel STAC9228
>>>> Address: 0
>>>> Vendor Id: 0x83847616
>>>> Subsystem Id: 0x10280227
>>>> Revision Id: 0x100201
>>>>
>>>> The trace:
>>>>
>>>> ALSA /home/ivanz/svn/alsa/alsa-driver/pci/hda/hda_codec.c:2792:
>>>> autoconfig: line_outs=1 (0xf/0x0/0x0/0x0/0x0)
>>>> ALSA /home/ivanz/svn/alsa/alsa-driver/pci/hda/hda_codec.c:2796:
>>>> speaker_outs=1 (0xd/0x0/0x0/0x0/0x0)
>>>> ALSA /home/ivanz/svn/alsa/alsa-driver/pci/hda/hda_codec.c:2800:
>>>> hp_outs=1 (0xa/0x0/0x0/0x0/0x0)
>>>> ALSA /home/ivanz/svn/alsa/alsa-driver/pci/hda/hda_codec.c:2808:
>>>> inputs: mic=0x13, fmic=0x0, line=0xe, fline=0x0, cd=0x0, aux=0x0
>>>> ALSA /home/ivanz/svn/alsa/alsa-driver/pci/hda/../../alsa-kernel/pci/hda/patch_sigmatel.c:2088:
>>>> dac_nids=2 (0x5/0x4/0x0/0x0/0x0)
>>>> BUG: unable to handle kernel NULL pointer dereference at virtual
>>>> address 00000000
>>>>  printing eip:
>>>> f91cfcb0
>>>> *pde = 00000000
>>>> Oops: 0000 [#1]
>>>> SMP
>>>> last sysfs file: /devices/pci0000:00/0000:00:1c.1/0000:0c:00.0/cmd
>>>> Modules linked in: snd_hda_intel snd_pcm snd_timer snd_page_alloc
>>>> snd_hwdep snd soundcore nls_iso8859_1 nls_cp437 vfat fat usb_storage
>>>> ide_core rndis_host cdc_ether usbnet mii aes_i586 ieee80211_crypt_ccmp
>>>> af_packet xt_tcpudp xt_pkttype ipt_LOG xt_limit vboxdrv ipt_REJECT
>>>> xt_state iptable_mangle iptable_nat nf_nat iptable_filter
>>>> nf_conntrack_ipv4 nf_conntrack nfnetlink ip_tables ip6_tables x_tables
>>>> cpufreq_conservative cpufreq_userspace cpufreq_powersave acpi_cpufreq
>>>> speedstep_lib microcode apparmor loop dm_mod rfcomm l2cap nvidia(P)
>>>> ipw3945 sdhci ohci1394 ieee1394 mmc_core ieee80211 hci_usb ac
>>>> ieee80211_crypt battery i2c_i801 button tg3 rtc_cmos bluetooth
>>>> rtc_core sr_mod rtc_lib cdrom intel_agp firmware_class i2c_core
>>>> agpgart sg usbhid hid ff_memless sd_mod ehci_hcd uhci_hcd usbcore edd
>>>> ext3 mbcache jbd fan ata_piix ahci libata scsi_mod thermal processor
>>>> CPU:    1
>>>> EIP:    0060:[<f91cfcb0>]    Tainted: P      N VLI
>>>> EFLAGS: 00010246   (2.6.22.13-0.3-default #1)
>>>> EIP is at stac92xx_dmux_enum_put+0x28/0x3c [snd_hda_intel]
>>>> eax: 00000000   ebx: 00000000   ecx: f54b7014   edx: d7e241ec
>>>> esi: d7e24014   edi: f71e6014   ebp: 00000000   esp: d9ea1ea0
>>>> ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
>>>> Process alsactl (pid: 25097, ti=d9ea0000 task=c7457030 task.ti=d9ea0000)
>>>> Stack: 00000000 d7e240a4 f54b7014 cbe43694 fffffff3 f911c2b3 cbe43694 c2175154
>>>>        df8a4c14 df8a4d60 df8a4c14 00000000 f54b7014 df8a4dc4 f911cd85 cb940b7c
>>>>        c03c5aec f52693c0 f52693c0 bf8ef020 c2175154 c0172331 c016e87a dfbef2c0
>>>> Call Trace:
>>>>  [<f911c2b3>] snd_ctl_elem_write+0xa6/0xe6 [snd]
>>>>  [<f911cd85>] snd_ctl_ioctl+0x494/0x7af [snd]
>>>>  [<c0172331>] chrdev_open+0x0/0x133
>>>>  [<c016e87a>] __dentry_open+0xe4/0x178
>>>>  [<c016e988>] nameidata_to_filp+0x24/0x33
>>>>  [<c016e9ce>] do_filp_open+0x37/0x3e
>>>>  [<f911c8f1>] snd_ctl_ioctl+0x0/0x7af [snd]
>>>>  [<c017a13d>] do_ioctl+0x21/0xa0
>>>>  [<c017a3f3>] vfs_ioctl+0x237/0x249
>>>>  [<c017a451>] sys_ioctl+0x4c/0x67
>>>>  [<c0104e22>] sysenter_past_esp+0x6b/0xa9
>>>>  [<c02c0000>] unix_bind+0x5e/0x28e
>>>>  =======================
>>>> Code: 31 c0 c3 57 89 d1 56 53 83 ec 08 8b 78 60 8b 5a 3c 2b 58 44 8b
>>>> 77 4c 8d 84 9e 90 00 00 00 8b 96 8c 00 00 00 89 44 24 04 8b 46 6c <0f>
>>>> b7 04 58 89 04 24 89 f8 e8 99 24 ff ff 5f 5a 5b 5e 5f c3 53
>>>> EIP: [<f91cfcb0>] stac92xx_dmux_enum_put+0x28/0x3c [snd_hda_intel]
>>>> SS:ESP 0068:d9ea1ea0
>>> I suppose your device has no digital mic input?
>>> If so, the patch below should fix.  Give it a try.
>>>
>> No digital mic input, just analog as far as I am aware. I no longer
>> get the problem with HG (this time for real), but I suppose that's
>> because of Matthew's Patch which adds my system (DELL Vostro 1400) to
>> the PCI quirks list where it's associated with STAC_DELL_3ST.
> 
> Ah, OK, then could you try the driver with my patch and pass
> model=ref?  If the driver still works without Oops, it's fine.  Then
> I'll apply my patch.
> 

No Oops with the patch applied for me either.

More information about the Alsa-devel mailing list