[alsa-devel] [BUG] NULL pointer dereference in patch_sigmatel.c
Ozan Çağlayan
ozan at pardus.org.tr
Thu Jul 16 21:51:50 CEST 2009
Hi,
One of our users is having a NULL ptr dereference upon loading the
snd_hda_intel module with 20090624's snapshot. There's only one commit
after that date in patch_sigmatel.c so I didn't tell him to try with the
latest snapshot but if you think that the bug may be related to another
part of the ALSA codebase, I can make him try the latest snapshot.
I'm attaching the alsa-info output on a working system with 1.0.18a. The
kernel version in subject is 2.6.25.20.
Thanks,
Ozan
------------------------
First the BUG's trace:
------------------------
BUG: unable to handle kernel NULL pointer dereference at 00000074
IP: [<f8cdb83a>] :snd_hda_codec_idt:stac92xx_add_jack+0x84/0x9e
*pde = 00000000
Oops: 0002 [#1] SMP
Modules linked in: snd_hda_codec_idt snd_hda_intel(+) snd_hda_codec aes_i586 aes_generic ipv6 af_packet bridge bnep rfcomm l2cap microcode acpi_cpufreq cpufreq_powersave cpufreq_userspace cpufreq_conservative ndiswrapper vboxdrv pcmcia snd_hwdep rtc_cmos rtc_core yenta_socket tpm_infineon snd_seq_dummy rtc_lib tpm snd_seq_oss rsrc_nonstatic tpm_bios tifm_7xx1 iTCO_wdt snd_seq_midi_event tifm_core i2c_i801 snd_seq iTCO_vendor_support pcmcia_core r5u870 arc4 joydev snd_seq_device snd_pcm_oss nvidia(P) battery sg usbcam snd_mixer_oss ecb ac videobuf_dma_sg videobuf_core sony_laptop snd_pcm uvcvideo iwl4965 video compat_ioctl32 snd_timer output hci_usb iwlcore videodev thermal bluetooth snd processor v4l1_compat rfkill button led_class soundcore firmware_class snd_page_alloc mac80211 intel_agp i2c_core sky2 cfg80211 agpgart ext3 jbd mbcache sr_mod cdrom sd_mod ata_piix uhci_hcd pata_acpi ehci_hcd usbcore ohci1394 ieee1394 ata_generic libata scsi_mod dock
Pid: 1977, comm: modprobe Tainted: P (2.6.25.20-114 #1)
EIP: 0060:[<f8cdb83a>] EFLAGS: 00210206 CPU: 0
EIP is at stac92xx_add_jack+0x84/0x9e [snd_hda_codec_idt]
EAX: 00000000 EBX: f8c7973e ECX: 00000004 EDX: f8cdeb1a
ESI: 03211020 EDI: f675c600 EBP: f68d7d20 ESP: f68d7cd4
DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process modprobe (pid: 1977, ti=f68d6000 task=f69ece60 task.ti=f68d6000)
Stack: f68d7cf4 f8cdeb0a f8c796d5 f8c7973e f8c79793 00000001 000a69e0 f8c79793
4f205048 61207475 78452074 654c2074 4a207466 006b6361 f6898800 f6898800
00000000 f6898800 f6898800 f68d7d4c f8cdbac0 f65ef000 f6970000 00000001
Call Trace:
[<f8cdbac0>] ? stac92xx_build_controls+0x26c/0x2d0 [snd_hda_codec_idt]
[<f8c73aa9>] ? snd_hda_codec_build_controls+0x31/0x3d [snd_hda_codec]
[<f8c750d3>] ? snd_hda_build_controls+0x18/0x67 [snd_hda_codec]
[<f8c69138>] ? azx_probe+0x79e/0x840 [snd_hda_intel]
[<f8c68857>] ? azx_send_cmd+0x0/0x101 [snd_hda_intel]
[<f8c686a6>] ? azx_get_response+0x0/0x1b1 [snd_hda_intel]
[<f8c67ece>] ? azx_attach_pcm_stream+0x0/0x15c [snd_hda_intel]
[<f8c67b84>] ? azx_bus_reset+0x0/0x56 [snd_hda_intel]
[<f8c67a40>] ? azx_power_notify+0x0/0x57 [snd_hda_intel]
[<c01e7a37>] ? pci_device_probe+0x39/0x59
[<c024395f>] ? driver_probe_device+0xa0/0x136
[<c0243a50>] ? __driver_attach+0x5b/0x91
[<c024333c>] ? bus_for_each_dev+0x3b/0x63
[<c0243804>] ? driver_attach+0x14/0x16
[<c02439f5>] ? __driver_attach+0x0/0x91
[<c0242d3a>] ? bus_add_driver+0x9d/0x1ba
[<c0243bc4>] ? driver_register+0x47/0xa7
[<c0168681>] ? __vunmap+0x93/0x9b
[<c01e7bec>] ? __pci_register_driver+0x35/0x61
[<f8afd017>] ? alsa_card_azx_init+0x17/0x19 [snd_hda_intel]
[<c0141f9c>] ? sys_init_module+0x18ad/0x19ca
[<c0109c77>] ? do_syscall_trace+0x138/0x17f
[<c0104a2e>] ? syscall_call+0x7/0xb
=======================
Code: f9 ff 89 45 d0 89 f0 e8 29 68 f9 ff 89 c3 89 f0 e8 32 68 f9 ff ff 75 d0 53 50 68 0a eb cd f8 8d 45 d4 50 e8 45 25 50 c7 8b 47 08 <89> 78 74 8b 47 08 83 c4 14 c7 40 78 7f a2 cd f8 31 c0 8d 65 f4
EIP: [<f8cdb83a>] stac92xx_add_jack+0x84/0x9e [snd_hda_codec_idt] SS:ESP 0068:f68d7cd4
---[ end trace 4a628a5b4fc302e7 ]---
alsa-info output:
-------------------
upload=true&script=true&cardinfo=
!!################################
!!ALSA Information Script v 0.4.52
!!################################
!!Script ran on: Sun Feb 8 19:15:27 EET 2009
!!Linux Distribution
!!------------------
Pardus 2008.2 Canis aureus
!!Kernel Information
!!------------------
Kernel release: 2.6.25.20-114
Operating System: GNU/Linux
Architecture: i686
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
SMP Enabled: Yes
!!ALSA Version
!!------------
Driver version: 1.0.18a
Library version: 1.0.18
Utilities version: 1.0.18
!!Loaded ALSA modules
!!-------------------
snd_hda_intel
!!Soundcards recognised by ALSA
!!-----------------------------
0 [Intel ]: HDA-Intel - HDA Intel
HDA Intel at 0xfc300000 irq 21
!!PCI Soundcards installed in the system
!!--------------------------------------
00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03)
09:04.2 Mass storage controller: Texas Instruments 5-in-1 Multimedia Card Reader (SD/MMC/MS/MS PRO/xD)
!!Advanced information - PCI Vendor/Device/Susbsystem ID's
!!--------------------------------------------------------
00:1b.0 0403: 8086:284b (rev 03)
Subsystem: 104d:9008
!!Modprobe options (Sound related)
!!--------------------------------
snd-hda-intel: model=vaio
!!Loaded sound module options
!!--------------------------
!!Module: snd_hda_intel
bdl_pos_adj : 1,-1,-1,-1,-1,-1,-1,-1
enable : Y,Y,Y,Y,Y,Y,Y,Y
enable_msi : 0
id : <NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
index : -1,-1,-1,-1,-1,-1,-1,-1
model : vaio,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>,<NULL>
position_fix : 0,0,0,0,0,0,0,0
power_save : 0
power_save_controller : Y
probe_mask : -1,-1,-1,-1,-1,-1,-1,-1
single_cmd : N
!!HDA-Intel Codec information
!!---------------------------
--startcollapse--
Codec: SigmaTel STAC9872AK
Address: 0
Vendor Id: 0x83847662
Subsystem Id: 0x104d1e00
Revision Id: 0x100201
No Modem Function Group found
Default PCM:
rates [0x7e0]: 44100 48000 88200 96000 176400 192000
bits [0xe]: 16 20 24
formats [0x1]: PCM
Default Amp-In caps: ofs=0x00, nsteps=0x0f, stepsize=0x05, mute=1
Default Amp-Out caps: ofs=0x7f, nsteps=0x7f, stepsize=0x02, mute=1
GPIO: io=5, o=0, i=0, unsolicited=1, wake=1
IO[0]: enable=0, dir=0, wake=0, sticky=0, data=0, unsol=0
IO[1]: enable=0, dir=0, wake=0, sticky=0, data=0, unsol=0
IO[2]: enable=0, dir=0, wake=0, sticky=0, data=0, unsol=0
IO[3]: enable=0, dir=0, wake=0, sticky=0, data=0, unsol=0
IO[4]: enable=0, dir=0, wake=0, sticky=0, data=0, unsol=0
Node 0x02 [Audio Output] wcaps 0xd0c05: Stereo Amp-Out R/L
Amp-Out caps: N/A
Amp-Out vals: [0x7f 0x7f]
Converter: stream=0, channel=0
Power: setting=D0, actual=D0
Delay: 13 samples
Node 0x03 [Audio Output] wcaps 0xd0c05: Stereo Amp-Out R/L
Amp-Out caps: N/A
Amp-Out vals: [0xff 0xff]
Converter: stream=0, channel=0
Power: setting=D0, actual=D0
Delay: 13 samples
Node 0x04 [Audio Output] wcaps 0xd0c05: Stereo Amp-Out R/L
Amp-Out caps: N/A
Amp-Out vals: [0xff 0xff]
Converter: stream=0, channel=0
Power: setting=D0, actual=D0
Delay: 13 samples
Node 0x05 [Audio Output] wcaps 0xd0c05: Stereo Amp-Out R/L
Amp-Out caps: N/A
Amp-Out vals: [0x7f 0x7f]
Converter: stream=0, channel=0
Power: setting=D0, actual=D0
Delay: 13 samples
Node 0x06 [Audio Input] wcaps 0x1d0541: Stereo
Converter: stream=0, channel=0
SDI-Select: 0
Power: setting=D0, actual=D0
Delay: 13 samples
Connection: 1
0x07
Processing caps: benign=0, ncoeff=0
Node 0x07 [Audio Selector] wcaps 0x300903: Stereo Amp-In R/L
Amp-In caps: N/A
Amp-In vals: [0x00 0x00]
Connection: 1
0x0e
Node 0x08 [Audio Input] wcaps 0x1d0541: Stereo
Converter: stream=0, channel=0
SDI-Select: 0
Power: setting=D0, actual=D0
Delay: 13 samples
Connection: 1
0x09
Processing caps: benign=0, ncoeff=0
Node 0x09 [Audio Selector] wcaps 0x300903: Stereo Amp-In R/L
Amp-In caps: N/A
Amp-In vals: [0x0d 0x0d]
Connection: 1
0x15
Node 0x0a [Pin Complex] wcaps 0x400181: Stereo
Pincap 0x0000173c: IN OUT HP Detect
Vref caps: HIZ 50 GRD 80
Pin Default 0x03211020: [Jack] HP Out at Ext Left
Conn = 1/8, Color = Black
DefAssociation = 0x2, Sequence = 0x0
Pin-ctls: 0x80: HP VREF_HIZ
Unsolicited: tag=04, enabled=1
Connection: 1
0x02
Node 0x0b [Pin Complex] wcaps 0x400181: Stereo
Pincap 0x00000014: OUT Detect
Pin Default 0x411111f0: [N/A] Speaker at Ext Rear
Conn = 1/8, Color = Black
DefAssociation = 0xf, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x00:
Unsolicited: tag=00, enabled=0
Connection: 1
0x04
Node 0x0c [Pin Complex] wcaps 0x400181: Stereo
Pincap 0x00000014: OUT Detect
Pin Default 0x411111f0: [N/A] Speaker at Ext Rear
Conn = 1/8, Color = Black
DefAssociation = 0xf, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x00:
Unsolicited: tag=00, enabled=0
Connection: 1
0x03
Node 0x0d [Pin Complex] wcaps 0x400181: Stereo
Pincap 0x0000173c: IN OUT HP Detect
Vref caps: HIZ 50 GRD 80
Pin Default 0x03a15030: [Jack] Mic at Ext Left
Conn = 1/8, Color = Red
DefAssociation = 0x3, Sequence = 0x0
Pin-ctls: 0x24: IN VREF_80
Unsolicited: tag=00, enabled=0
Connection: 1
0x02
Node 0x0e [Pin Complex] wcaps 0x400081: Stereo
Pincap 0x00000024: IN Detect
Pin Default 0x411111f0: [N/A] Speaker at Ext Rear
Conn = 1/8, Color = Black
DefAssociation = 0xf, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x20: IN
Unsolicited: tag=00, enabled=0
Node 0x0f [Pin Complex] wcaps 0x400181: Stereo
Pincap 0x00000014: OUT Detect
Pin Default 0x90170110: [Fixed] Speaker at Int N/A
Conn = Analog, Color = Unknown
DefAssociation = 0x1, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x40: OUT
Unsolicited: tag=00, enabled=0
Connection: 1
0x05
Node 0x10 [Audio Output] wcaps 0x40211: Stereo Digital
Converter: stream=0, channel=0
Digital:
Digital category: 0x0
PCM:
rates [0x3e0]: 44100 48000 88200 96000 176400
bits [0xe]: 16 20 24
formats [0x5]: PCM AC3
Delay: 4 samples
Node 0x11 [Pin Complex] wcaps 0x400301: Stereo Digital
Pincap 0x00000010: OUT
Pin Default 0x411111f0: [N/A] Speaker at Ext Rear
Conn = 1/8, Color = Black
DefAssociation = 0xf, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x00:
Connection: 2
0x10* 0x09
Node 0x12 [Audio Input] wcaps 0x140311: Stereo Digital
Converter: stream=0, channel=0
SDI-Select: 0
Digital:
Digital category: 0x0
PCM:
rates [0x160]: 44100 48000 96000
bits [0xe]: 16 20 24
formats [0x5]: PCM AC3
Delay: 4 samples
Connection: 1
0x13
Node 0x13 [Pin Complex] wcaps 0x440381: Stereo Digital
Pincap 0x00000034: IN OUT Detect
Pin Default 0x411111f0: [N/A] Speaker at Ext Rear
Conn = 1/8, Color = Black
DefAssociation = 0xf, Sequence = 0x0
Misc = NO_PRESENCE
Pin-ctls: 0x00:
Unsolicited: tag=00, enabled=0
Delay: 4 samples
Connection: 1
0x18
Node 0x14 [Pin Complex] wcaps 0x400001: Stereo
Pincap 0x00000020: IN
Pin Default 0x90a7013e: [Fixed] Mic at Int N/A
Conn = Analog, Color = Unknown
DefAssociation = 0x3, Sequence = 0xe
Misc = NO_PRESENCE
Pin-ctls: 0x20: IN
Node 0x15 [Audio Selector] wcaps 0x30010d: Stereo Amp-Out
Amp-Out caps: ofs=0x00, nsteps=0x04, stepsize=0x27, mute=1
Amp-Out vals: [0x00 0x00]
Connection: 4
0x0a 0x0d 0x14* 0x02
Node 0x16 [Beep Generator Widget] wcaps 0x70000c: Mono Amp-Out
Amp-Out caps: ofs=0x03, nsteps=0x03, stepsize=0x17, mute=0
Amp-Out vals: [0x00]
Node 0x17 [Volume Knob Widget] wcaps 0x600000: Mono
Volume-Knob: delta=1, steps=127, direct=0, val=127
Connection: 4
0x02* 0x03 0x04 0x05
Node 0x18 [Audio Output] wcaps 0x40201: Stereo Digital
Converter: stream=0, channel=0
Digital:
Digital category: 0x0
Delay: 4 samples
Codec: Conexant ID 2c06
Address: 1
Vendor Id: 0x14f12c06
Subsystem Id: 0x104d1700
Revision Id: 0x100000
Modem Function Group: 0x2
--endcollapse--
!!ALSA Device nodes
!!-----------------
crw-rw----+ 1 root audio 116, 0 Şub 8 2009 /dev/snd/controlC0
crw-rw----+ 1 root audio 116, 4 Şub 8 2009 /dev/snd/hwC0D0
crw-rw----+ 1 root audio 116, 5 Şub 8 2009 /dev/snd/hwC0D1
crw-rw----+ 1 root audio 116, 24 Şub 8 19:14 /dev/snd/pcmC0D0c
crw-rw----+ 1 root audio 116, 16 Şub 8 19:15 /dev/snd/pcmC0D0p
crw-rw----+ 1 root audio 116, 1 Şub 8 2009 /dev/snd/seq
crw-rw----+ 1 root audio 116, 33 Şub 8 2009 /dev/snd/timer
!!ALSA configuration files
!!------------------------
!!System wide config file (/etc/asound.conf)
# PulseAudio plugin configuration
# Let's create a virtual device "pulse" for mixer and PCM
pcm.pulse {
type pulse
hint {
description "PulseAudio Sound Server"
}
}
ctl.pulse {
type pulse
hint {
description "PulseAudio Sound Server"
}
}
# Let's make it the default!
pcm.!default {
type pulse
hint {
description "Default"
}
}
ctl.!default {
type pulse
hint {
description "Default"
}
}
!!Aplay/Arecord output
!!------------
APLAY
**** List of PLAYBACK Hardware Devices ****
card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
ARECORD
**** List of CAPTURE Hardware Devices ****
card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
!!Amixer output
!!-------------
!!-------Mixer controls for card 0 [Intel]
Card hw:0 'Intel'/'HDA Intel at 0xfc300000 irq 21'
Mixer name : 'SigmaTel STAC9872AK'
Components : 'HDA:83847662,104d1e00,00100201 HDA:14f12c06,104d1700,00100000'
Controls : 10
Simple ctrls : 7
Simple mixer control 'Master',0
Capabilities: pvolume pvolume-joined pswitch pswitch-joined
Playback channels: Mono
Limits: Playback 0 - 127
Mono: Playback 127 [100%] [0.00dB] [on]
Simple mixer control 'Headphone',0
Capabilities: pvolume pswitch
Playback channels: Front Left - Front Right
Limits: Playback 0 - 127
Mono:
Front Left: Playback 127 [100%] [0.00dB] [on]
Front Right: Playback 127 [100%] [0.00dB] [on]
Simple mixer control 'PCM',0
Capabilities: pvolume cswitch cswitch-joined cswitch-exclusive
Capture exclusive group: 0
Playback channels: Front Left - Front Right
Capture channels: Mono
Limits: Playback 0 - 255
Mono: Capture [off]
Front Left: Playback 0 [0%] [-51.00dB]
Front Right: Playback 0 [0%] [-51.00dB]
Simple mixer control 'Mic Jack',0
Capabilities: cswitch cswitch-joined cswitch-exclusive
Capture exclusive group: 0
Capture channels: Mono
Mono: Capture [off]
Simple mixer control 'Capture',0
Capabilities: cvolume cswitch
Capture channels: Front Left - Front Right
Limits: Capture 0 - 15
Front Left: Capture 13 [87%] [19.50dB] [on]
Front Right: Capture 13 [87%] [19.50dB] [on]
Simple mixer control 'Internal Mic',0
Capabilities: cswitch cswitch-joined cswitch-exclusive
Capture exclusive group: 0
Capture channels: Mono
Mono: Capture [on]
Simple mixer control 'Speaker',0
Capabilities: pvolume pswitch
Playback channels: Front Left - Front Right
Limits: Playback 0 - 127
Mono:
Front Left: Playback 127 [100%] [0.00dB] [on]
Front Right: Playback 127 [100%] [0.00dB] [on]
!!Alsactl output
!!-------------
--startcollapse--
state.Intel {
control.1 {
comment.access 'read write'
comment.type INTEGER
comment.count 2
comment.range '0 - 127'
comment.dbmin -9525
comment.dbmax 0
iface MIXER
name 'Headphone Playback Volume'
value.0 127
value.1 127
}
control.2 {
comment.access 'read write'
comment.type BOOLEAN
comment.count 2
iface MIXER
name 'Headphone Playback Switch'
value.0 true
value.1 true
}
control.3 {
comment.access 'read write'
comment.type INTEGER
comment.count 2
comment.range '0 - 127'
comment.dbmin -9525
comment.dbmax 0
iface MIXER
name 'Speaker Playback Volume'
value.0 127
value.1 127
}
control.4 {
comment.access 'read write'
comment.type BOOLEAN
comment.count 2
iface MIXER
name 'Speaker Playback Switch'
value.0 true
value.1 true
}
control.5 {
comment.access 'read write'
comment.type INTEGER
comment.count 2
comment.range '0 - 15'
comment.dbmin 0
comment.dbmax 2250
iface MIXER
name 'Capture Volume'
value.0 13
value.1 13
}
control.6 {
comment.access 'read write'
comment.type BOOLEAN
comment.count 2
iface MIXER
name 'Capture Switch'
value.0 true
value.1 true
}
control.7 {
comment.access 'read write'
comment.type ENUMERATED
comment.count 1
comment.item.0 'Mic Jack'
comment.item.1 'Internal Mic'
comment.item.2 PCM
iface MIXER
name 'Capture Source'
value 'Internal Mic'
}
control.8 {
comment.access 'read write'
comment.type INTEGER
comment.count 1
comment.range '0 - 127'
comment.dbmin -9525
comment.dbmax 0
iface MIXER
name 'Master Playback Volume'
value 127
}
control.9 {
comment.access 'read write'
comment.type BOOLEAN
comment.count 1
iface MIXER
name 'Master Playback Switch'
value true
}
control.10 {
comment.access 'read write user'
comment.type INTEGER
comment.count 2
comment.range '0 - 255'
comment.tlv '0000000100000008ffffec1400000014'
comment.dbmin -5100
comment.dbmax 0
iface MIXER
name 'PCM Playback Volume'
value.0 0
value.1 0
}
}
--endcollapse--
!!All Loaded Modules
!!------------------
Module
aes_i586
aes_generic
ipv6
bridge
bnep
af_packet
rfcomm
l2cap
microcode
acpi_cpufreq
cpufreq_powersave
cpufreq_userspace
ndiswrapper
r5u870
usbcam
videobuf_dma_sg
snd_hda_intel
snd_seq_dummy
snd_seq_oss
snd_seq_midi_event
videobuf_core
nvidia
snd_seq
uvcvideo
snd_seq_device
snd_pcm_oss
arc4
compat_ioctl32
ecb
snd_mixer_oss
intel_agp
snd_pcm
iwl4965
snd_timer
snd_page_alloc
snd_hwdep
snd
pcmcia
hci_usb
rtc_cmos
bluetooth
yenta_socket
rsrc_nonstatic
tpm_infineon
pcmcia_core
tifm_7xx1
sky2
battery
videodev
iTCO_wdt
agpgart
ac
thermal
processor
iwlcore
rfkill
led_class
firmware_class
i2c_i801
mac80211
video
output
tpm
tpm_bios
rtc_core
rtc_lib
joydev
iTCO_vendor_support
tifm_core
sony_laptop
v4l1_compat
i2c_core
sg
button
soundcore
cfg80211
ext3
jbd
mbcache
sr_mod
cdrom
sd_mod
ata_piix
ohci1394
ieee1394
uhci_hcd
pata_acpi
ata_generic
libata
scsi_mod
dock
ehci_hcd
usbcore
More information about the Alsa-devel
mailing list