Kernel oops with dvb_usb_umt_010 module (x86_64 2.6.21-rc3)

From: Alexis Ballier
Date: Thu Mar 08 2007 - 03:02:33 EST


Hi,

I bought a HanfTek UMT-010 dvb-T usb stick, so I compiled yesterday's
linus' git tree (2.6.21-rc3) and downloaded the firmware from
linuxtv.org. The driver loads fine :


[ 170.316104] usb 1-4: new high speed USB device using ehci_hcd and address 5
[ 170.448372] usb 1-4: configuration #1 chosen from 1 choice
[ 170.667165] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0 ' in
cold state, will try to load a firmware
[ 170.702176] dvb-usb: downloading firmware from file 'dvb-usb-umt-010-02.fw'
[ 170.737380] usbcore: registered new interface driver dvb_usb_umt_010
[ 170.737624 ] usb 1-4: USB disconnect, address 5
[ 170.739692] dvb-usb: generic DVB-USB module successfully
deinitialized and disconnected.
[ 172.493762] usb 1-4: new high speed USB device using ehci_hcd and address 6
[ 172.626428 ] usb 1-4: configuration #1 chosen from 1 choice
[ 172.626502] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[ 172.641677] dvb-usb: will pass the complete MPEG2 transport stream
to the software demuxer.
[ 172.641860] DVB: registering new adapter (Hanftek UMT-010 DVB-T USB2.0).
[ 172.643098] DVB: registering frontend 0 (Zarlink MT352 DVB-T)...
[ 172.657695] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 successfully
initialized and connected.

but when I try to access it (with vlc, or dvbscan -c for example) I
get a kernel oops :

[ 180.459390] Unable to handle kernel paging request at 000000002de68808 RIP:
[ 180.459393] [<ffffffff882ad315>]
:dvb_usb_dibusb_common:dibusb_streaming_ctrl+0x35/0xa0
[ 180.459402] PGD 2ddd1067 PUD 2de40067 PMD 0
[ 180.459406] Oops: 0000 [1] PREEMPT
[ 180.459408] CPU 0
[ 180.459410] Modules linked in: dvb_usb_umt_010 mt352
dvb_usb_dibusb_common dib3000mc dibx000_common dvb_usb dvb_core
dvb_pll nfsd exportfs lockd nfs_acl sunrpc xt_state xt_multiport
ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack
snd_pcm_oss snd_mixer_oss snd_seq_oss snd_seq_midi_event snd_seq
snd_seq_device reiserfs genrtc eth1394 bt878 tuner msp3400 saa7134
ir_kbd_i2c 8250_pnp 8250 serial_core bttv video_buf ir_common
compat_ioctl32 i2c_algo_bit btcx_risc tveeprom videodev v4l2_common
v4l1_compat parport_pc parport psmouse ohci1394 ieee1394 snd_intel8x0
snd_ac97_codec ac97_bus snd_pcm snd_timer snd snd_page_alloc ide_cd
cdrom i2c_nforce2 i2c_core
[ 180.459443] Pid: 8363, comm: dvbscan Not tainted 2.6.21-rc3-dirty #22
[ 180.459446] RIP: 0010:[<ffffffff882ad315>] [<ffffffff882ad315>]
:dvb_usb_dibusb_common:dibusb_streaming_ctrl+0x35/0xa0
[ 180.459453] RSP: 0018:ffff810034aa9ca8 EFLAGS: 00010296
[ 180.459455] RAX: 0000000000000051 RBX: 000000002de68800 RCX: 0000000000000000
[ 180.459458] RDX: 00000000ffffff01 RSI: 0000000000000000 RDI: 0000000000000001
[ 180.459461] RBP: ffff81002dc5ee90 R08: 00000000ffffffff R09: 0000000000000001
[ 180.459464] R10: 00000000ffffffff R11: 0000000000000006 R12: 0000000000000001
[ 180.459467] R13: 0000000000000001 R14: ffff81002dc5ef60 R15: ffff81002dc5efc8
[ 180.459471] FS: 00002b3a0c76d6d0(0000) GS:ffffffff805e3000(0000)
knlGS:0000000000000000
[ 180.459474] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 180.459476] CR2: 000000002de68808 CR3: 00000000293f3000 CR4: 00000000000006e0
[ 180.459480] Process dvbscan (pid: 8363, threadinfo
ffff810034aa8000, task ffff81003be4a1c0)
[ 180.459482] Stack: ffff81002dc5ee90 0000000000000001
ffff81002dc5ee90 ffffffff882ad58b
[ 180.459488] 0000000000000000 ffff81002dc5ee90 ffff81002dc5ee90
0000000000000001
[ 180.459493] ffffc20010586000 ffffffff882a1496 0000000000000002
ffffc20010586000
[ 180.459497] Call Trace:
[ 180.459503] [<ffffffff882ad58b>]
:dvb_usb_dibusb_common:dibusb2_0_streaming_ctrl+0x3b/0x110
[ 180.459512] [<ffffffff882a1496>] :dvb_usb:dvb_usb_ctrl_feed+0x106/0x140
[ 180.459525] [<ffffffff8828dea8>]
:dvb_core:dmx_section_feed_start_filtering+0x108/0x170
[ 180.459535] [<ffffffff8828b502>]
:dvb_core:dvb_dmxdev_filter_start+0x2c2/0x480
[ 180.459542] [<ffffffff8025a432>] kobject_get+0x12/0x20
[ 180.459547] [<ffffffff802bdce8>] cdev_get+0x88/0xc0
[ 180.459558] [<ffffffff8828b9a4>] :dvb_core:dvb_demux_do_ioctl+0x2e4/0x490
[ 180.459567] [<ffffffff8828b6c0>] :dvb_core:dvb_demux_do_ioctl+0x0/0x490
[ 180.459576] [<ffffffff8828a165>] :dvb_core:dvb_usercopy+0xe5/0x170
[ 180.459588] [<ffffffff80228f0d>] do_filp_open+0x2d/0x40
[ 180.459595] [<ffffffff80243db9>] do_ioctl+0x69/0xa0
[ 180.459600] [<ffffffff80231773>] vfs_ioctl+0x2a3/0x2e0
[ 180.459607] [<ffffffff8024ea39>] sys_ioctl+0x49/0x80
[ 180.459611] [<ffffffff8021a922>] do_sys_open+0xd2/0x100
[ 180.459617] [<ffffffff8025fb9e>] system_call+0x7e/0x83
[ 180.459625]
[ 180.459626]
[ 180.459627] Code: 48 83 7b 08 00 74 44 48 c7 c7 08 d7 2a 88 31 c0 e8 36 73 fd
[ 180.459636] RIP [<ffffffff882ad315>]
:dvb_usb_dibusb_common:dibusb_streaming_ctrl+0x35/0xa0
[ 180.459642] RSP <ffff810034aa9ca8>
[ 180.459643] CR2: 000000002de68808


after doing some basic tracking, I found that the offending line was :

if (st->ops.fifo_ctrl != NULL){

in drivers/media/dvb/dvb-usb/dibusb-common.c : ~25

I modified it to do some printk, and the value of st I have is :
000000002de68800

Is that a correct value ?
I've not really been able to track where this value comes from so I
suppose reporting that here is the best way to get some help as I have
no clue on how to fix that.

--

Regards,

Alexis Ballier.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/