Reproducable bug with sound driver (2.0.18)

Boris Tobotras (boris@xtalk.msk.su)
Sun, 08 Sep 1996 21:26:33 +0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon Lewis: "Re: signed int for interrupts??"
Previous message: Alan Cox: "Re: [off-topic] Fully virtualisable CPUs"

Hello,

I got following OOPS with my program:

Unable to handle kernel paging request at virtual address c186f8a0
current->tss.cr3 = 00c6a000, 0r3 = 00c6a000
*pde = 0009e067
*pte = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<01830ebf>]
EFLAGS: 00010202
eax: 000010ef ebx: 01867000 ecx: 00000001 edx: 000000ff
esi: 00000001 edi: 00000008 ebp: 00000001 esp: 01298ec0
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process bug (pid: 1703, process nr: 42, stackpage=01298000)
Stack: 00000000 0183e260 00000008 00000000 00e875b8 01840000 01863000 000000c0
01298f4c 00000001 0183165a 0186d000 00000000 0183e260 01831704 0186d000
00000008 0183e260 01830841 00000008 08049e94 0183e260 08049e94 00000001
Call Trace: [<0183e260>] [<01840000>] [<01863000>] [<0183165a>] [<0186d000>]
[<0183e260>] [<01831704>]
[<0186d000>] [<0183e260>] [<01830841>] [<0183e260>] [<01834e7d>]
[<0183e260>] [<0182e0c3>] [<0183e260>]
[<001231c5>] [<0010a6b2>]
Code: 89 ac c3 28 01 00 00 39 35 b0 b9 83 01 0f 8f 55 02 00 00 8b

ksymoops:

Using `/usr/src/linux/System.map' to map addresses to symbols.

Trace: 183e260
Trace: 1840000
Trace: 1863000
Trace: 183165a
Trace: 186d000
Trace: 183e260
Trace: 1831704
Trace: 186d000
Trace: 183e260
Trace: 1830841
Trace: 183e260
Trace: 1834e7d
Trace: 183e260
Trace: 182e0c3
Trace: 183e260
Trace: 1231c5 <sys_write+145/180>
Trace: 10a6b2 <system_call+52/80>

Code: movl %ebp,0x128(%ebx,%eax,8)
Code: cmpl %esi,0x183b9b0
Code: jg 00000268 <_EIP+268>
Code: movl (%eax),%eax
Code: nop
Code: nop
Code: nop

This is minimal program which causes the oops.

# include <assert.h>
# include <sys/soundcard.h>
# include <fcntl.h>

SEQ_DEFINEBUF( 1024 );

int fd;

main( void )
{
fd = open( "/dev/sequencer2", O_RDWR );
assert( fd != -1 );
SEQ_SET_PATCH( 1, -1, 1 ); /* YES!!!! THIS IS UNCORRECT!
* BUT KERNEL PANIC IS NOT
* BEST REACTION :)
*/
SEQ_DUMPBUF();
SEQ_START_NOTE( 1, 0, 60, 100 );
SEQ_DUMPBUF(); // <- this write(2) doesn't returns. OOPS!!
close( fd );
}

void seqbuf_dump( void )
{
if ( _seqbufptr ) {
assert( write( fd, _seqbuf, _seqbufptr ) != -1 );
_seqbufptr = 0;
}
}

The same OOPS comes with both USS/Linux (for 2.0.18) and sound driver from
kernel distribution.

Thanks in advance for fixing that ;-)

-- 
	Best regards, -- Boris.

Next message: Jon Lewis: "Re: signed int for interrupts??"
Previous message: Alan Cox: "Re: [off-topic] Fully virtualisable CPUs"