Hi there.
I use a CMI8738 card mainly through OSS emulation. /dev/dsp is mapped to
subdevice 2 (digital IO). If I open it with a really strange combination
of channel count and rate (ch=48000, r=2) snd-pcm-oss oopses.
2.4.17 with preempt patch compiled by egcs-1.1.2
alsa-0.9.0beta10.
Attached my OOOps report and a little C-program to reproduce it. Please
do also cc directly to me as I'm not on the mailing list.
cu Marcus
#include <sys/soundcard.h>
#include <fcntl.h>
int main(int argc, char * args[])
{
/* NOTICE: rate and channels values are exchanged */
int snd_format = AFMT_S16_LE;
int snd_channels = 48000;
int snd_rate = 2;
int fd = open("/dev/dsp", O_RDONLY);
int tmp;
tmp = snd_format;
if (ioctl(fd, SNDCTL_DSP_SETFMT, &tmp) || (tmp != snd_format))
{
printf("could not set format\n");
return -1;
}
tmp = snd_channels;
if (ioctl(fd, SNDCTL_DSP_CHANNELS, &tmp) || (tmp != snd_channels))
{
printf("could not set format\n");
return -1;
}
tmp = snd_rate;
if (ioctl(fd, SNDCTL_DSP_SPEED, &tmp) || (tmp != snd_rate))
{
printf("could not set format\n");
return -1;
}
printf("ok\n");
return 0;
}
ksymoops 2.4.1 on i686 2.4.17. Options used
-V (default)
-k /proc/ksyms (specified)
-l /proc/modules (default)
-o /lib/modules/2.4.17/ (default)
-m /boot/System.map-2.4.17 (default)
8139too Fast Ethernet driver 0.9.22
Unable to handle kernel NULL pointer dereference at virtual address 00000000
d8929156
*pde = 00000000
Oops: 0002
CPU: 0
EIP: 0010:[<d8929156>] Not tainted
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010246
eax: 00000000 ebx: 00000000 ecx: cc18fc74 edx: 00000000
esi: 00000002 edi: 00000000 ebp: 0000bb80 esp: cc18fc4c
ds: 0018 es: 0018 ss: 0018
Process main (pid: 5027, stackpage=cc18f000)
Stack: 00000002 00000004 d7c6d580 d0285800 00000000 cc18fc8c cc18fc74 cc18fc70
00000003 d76926a0 00000002 00001f40 00000002 00000002 00001f40 0000bb80
00000002 00001f40 00000002 d892588c d7c6d580 cc18fe40 cc18fd44 d7c6d580
Call Trace: [<d892588c>] [<d8925bd6>] [<d89265b0>] [<d89266f8>] [<d8926599>]
[<d89279eb>] [<c01408a2>] [<d8927578>] [<c0106f8b>]
Code: c7 04 87 10 00 00 00 42 31 c9 39 f2 0f 44 d1 01 74 24 10 43
>>EIP; d8929156 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3de/584> <=====
Trace; d892588c <[snd-pcm-oss]snd_pcm_oss_change_params+2a8/5c4>
Trace; d8925bd6 <[snd-pcm-oss]snd_pcm_oss_get_active_substream+2e/4c>
Trace; d89265b0 <[snd-pcm-oss]snd_pcm_oss_get_channels+10/28>
Trace; d89266f8 <[snd-pcm-oss]snd_pcm_oss_set_format+54/5c>
Trace; d8926599 <[snd-pcm-oss]snd_pcm_oss_set_channels+41/48>
Trace; d89279eb <[snd-pcm-oss]snd_pcm_oss_ioctl+473/734>
Trace; c01408a2 <sys_ioctl+1c6/224>
Trace; d8927578 <[snd-pcm-oss]snd_pcm_oss_ioctl+0/734>
Trace; c0106f8b <system_call+33/38>
Code; d8929156 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3de/584>
00000000 <_EIP>:
Code; d8929156 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3de/584> <=====
0: c7 04 87 10 00 00 00 movl $0x10,(%edi,%eax,4) <=====
Code; d892915d <[snd-pcm-oss]snd_pcm_plug_format_plugins+3e5/584>
7: 42 inc %edx
Code; d892915e <[snd-pcm-oss]snd_pcm_plug_format_plugins+3e6/584>
8: 31 c9 xor %ecx,%ecx
Code; d8929160 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3e8/584>
a: 39 f2 cmp %esi,%edx
Code; d8929162 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3ea/584>
c: 0f 44 d1 cmove %ecx,%edx
Code; d8929165 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3ed/584>
f: 01 74 24 10 add %esi,0x10(%esp,1)
Code; d8929169 <[snd-pcm-oss]snd_pcm_plug_format_plugins+3f1/584>
13: 43 inc %ebx
