Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications

On Tue, Apr 04, 2006 at 09:12:18PM +0200, Takashi Iwai wrote:
> At Tue, 4 Apr 2006 21:06:31 +0200,
> Jan Niehusmann wrote:
> > 
> > On Tue, Apr 04, 2006 at 05:56:36PM +0200, Takashi Iwai wrote:
> > > Could you try the patch below by OGAWA Hirofumi
> > > <[email protected]>?
> > 
> > Sorry, no success with that patch applied:
> > 
> > Apr  4 20:18:00 knautsch kernel: [17179569.184000] Linux version 2.6.17-rc1-g231a1569-dirty (root@knautsch) (gcc version 4.0.3 (Debian 4.0.3-1)) #1 Tue Apr 4 19:37:29 CEST 2006 
> > 
> > (This is 2.6.17-rc1 with the patch you sent applied)
> > 
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] BUG: unable to handle kernel paging request at virtual address 6b6b6b6b
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  printing eip:
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] e04a2eb6
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] *pde = 00000000
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Oops: 0000 [#1]
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Modules linked in: tun ipv6 lp i915 drm rfcomm l2cap bluetooth thermal processor fan button battery asus_acpi ac usb_storage usbmouse sbp2 usbkbd autofs4 af_packet nls_iso8859_1 nls_cp437 usbhid cm4000_cs 8250_pci 8250 serial_core eth1394 pcmcia snd_intel8x0 snd_pcm_oss snd_mixer_oss snd_intel8x0m snd_ac97_codec snd_ac97_bus ipw2200 ieee80211 ieee80211_crypt 8139too mii nsc_ircc irda snd_pcm snd_timer ohci1394 ieee1394 evdev joydev crc_ccitt parport_pc parport pcspkr firmware_class yenta_socket rsrc_nonstatic pcmcia_core rtc snd soundcore snd_page_alloc ehci_hcd uhci_hcd usbcore intel_agp agpgart
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] CPU:    0
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] EIP:    0060:[pg0+537210550/1069212672]    Not tainted VLI
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] EFLAGS: 00210002   (2.6.17-rc1-g231a1569-dirty #1) 
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] EIP is at snd_pcm_lib_write1+0x196/0x4a0 [snd_pcm]
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] eax: 000009c4   ebx: cc785a84   ecx: de505e54   edx: 6b6b6b6b
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] esi: 0000062c   edi: 00000000   ebp: dede51a4   esp: de505e78
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] ds: 007b   es: 007b   ss: 0068
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Process twinkle (pid: 4936, threadinfo=de505000 task=cae0f550)
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Stack: <0>dede51a4 000015cd e07a5000 00000b42 0000003c 00000001 cc785b28 c84ef000 
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]        e07a5000 00000b7e 00000b7e 00000000 00000000 0001c639 00000000 cae0f550 
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]        c0114d60 cc785b28 cc785b28 c0000000 de505000 dede51a4 cc785a84 e0547727 
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Call Trace:
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  <c0114d60> default_wake_function+0x0/0x20   <e0547727> snd_pcm_oss_write3+0x67/0xe0 [snd_pcm_oss]
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  <e04a0250> snd_pcm_lib_write_transfer+0x0/0xc0 [snd_pcm]   <e054949f> snd_pcm_plug_write_transfer+0x8f/0xe0 [snd_pcm_oss]
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  <e054781a> snd_pcm_oss_write2+0x7a/0x110 [snd_pcm_oss]   <e054892e> snd_pcm_oss_write+0x10e/0x1f0 [snd_pcm_oss]
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  <c0158f85> vfs_write+0xb5/0x190   <c0159a1b> sys_write+0x4b/0x80
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000]  <c0102e97> syscall_call+0x7/0xb  
> > Apr  4 20:25:51 knautsch kernel: [17180076.984000] Code: b8 c4 09 00 00 e8 db fb e5 df fa 85 c0 0f 85 05 02 00 00 8b 93 98 00 00 00 8b 02 83 f8 02 74 0b 8b 02 83 f8 06 0f 85 da 02 00 00 <8b> 02 83 f8 05 0f 8f ed 01 00 00 83 f8 04 0f 8d 1e 02 00 00 48 
> > 
> > This oops is different from the others in that it contains the 6b6b6b6b
> > magic from slab poisoning. But, again, this is clearly sound related:
> > EIP points to snd_pcm_lib_write, and the trigger procedure was the
> > following:
> > 
> > 1) Use twinke to make a VoIP-Call. Sound was a little bit choppy, so
> > there is already something wrong here. No oops or other error message 
> > yet, though.
> > 
> > 2) From a second xterm, call "yes >/dev/dsp"
> > 
> > This lead to a beeping sound (as expected), so opening the device and
> > sending sound was successful - and to the oops quoted above.
> 
> What happens if you copy the whole subtree linux/sound and
> linux/include/sound from 2.6.16?
> 
> I don't figure out yet what could break except for that typo.

After the sound tree from 2.6.16 did work fine, I used git-bisect to
find the offending commit:

$git-bisect good
3bf75f9b90c981f18f27a0d35a44f488ab68c8ea is first bad commit
diff-tree 3bf75f9b90c981f18f27a0d35a44f488ab68c8ea (from bf1bbb5a49eec51c30d341606885507b501b37e8)
Author: Takashi Iwai <[email protected]>
Date:   Mon Mar 27 16:40:49 2006 +0200

    [ALSA] Clean up PCM codes (take 2)
    
    - Clean up initialization and destruction of substream instance
      Now snd_pcm_open_substream() alone does most initialization jobs.
      Add pcm_release callback for cleaning up at snd_pcm_release_substream()
    - Tidy up PCM oss code
    
    Signed-off-by: Takashi Iwai <[email protected]>

:040000 040000 df14b16c98da02d8aea1e5ee18baae5caae6245b a6779060f9e41f5033376735f9b290ba5db98b6e M      include
:040000 040000 7578b410668bcbfc2ed1f3f31011270e6e44f716 c70f96dd906c74d559385ef08ac6e518132936d1 M      sound

...which happens to be the commit which contains the bug you already
mentioned. I wonder if there is a second one hidden somewhere in that
commit, or if git-bisect led me to that bug while the second one is
hidden in a different commit...

Jan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
    • From: Jan Niehusmann <[email protected]>

• References:
  • 2.6.17-rc1: Oops in sound applications
    • From: Ken Moffat <[email protected]>
  • Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
    • From: Jan Niehusmann <[email protected]>
  • Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
    • From: Takashi Iwai <[email protected]>
  • Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
    • From: Jan Niehusmann <[email protected]>
  • Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
    • From: Takashi Iwai <[email protected]>

• Prev by Date: Re: + isdn4linux-siemens-gigaset-drivers-logging-usage.patch added to -mm tree
• Next by Date: Re: [ANNOUNCE][RFC] PlugSched-6.3.1 for 2.6.16-rc5
• Previous by thread: Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
• Next by thread: Re: [Alsa-devel] Slab corruptions & Re: 2.6.17-rc1: Oops in sound applications
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]