Hi, I am seeing some garbage data in /proc/ioports. Currently, I can cat
the file without an oops, but on a previous boot, the following oops came
up when catting the file.
Exact output from /proc/ioports is attached (some 8-bit garbage), as well as
lsmod output. Let me know if further data is needed.
I suspect that this is a problem in one of the drivers I am using, but
how do I track down which one it is (since the name is not there)?
Thanks,
-Chris
printing eip:
c01a123a
Oops: 0000 [#1]
CPU: 0
EIP: 0060:[<c01a123a>] Not tainted
EFLAGS: 00010297
EIP is at vsnprintf+0x31a/0x450
eax: cca060f5 ebx: 0000000a ecx: cca060f5 edx: fffffffe
esi: c3e7f10d edi: 00000000 ebp: c45bdec0 esp: c45bde88
ds: 007b es: 007b ss: 0068
Process cat (pid: 1661, threadinfo=c45bc000 task=c44a9340)
Stack: c3e7f106 c3e7ffff 0000038b 00000000 00000010 00000004 00000002 00000001
ffffffff ffffffff c3e7ffff c32971e0 00000000 c0241301 c45bdedc c0167426
c3e7f101 00000eff c024131a c45bdef8 c76fc580 c45bdf04 c011cf64 c32971e0
Call Trace:
[<c0167426>] seq_printf+0x36/0x60
[<c011cf64>] do_resource_list+0x64/0xa0
[<c011cfeb>] ioresources_show+0x4b/0x70
[<c0166e0f>] seq_read+0xef/0x300
[<c0149b3a>] vfs_read+0xaa/0x130
[<c0149def>] sys_read+0x3f/0x60
[<c010940b>] syscall_call+0x7/0xb
Code: 80 38 00 74 07 40 4a 83 fa ff 75 f4 29 c8 83 e7 10 89 c3 75
<6>note: cat[1661] exited with preempt_count 1
Chris Ruvolo <[email protected]> wrote:
>
> Hi, I am seeing some garbage data in /proc/ioports. Currently, I can cat
> the file without an oops, but on a previous boot, the following oops came
> up when catting the file.
>
> Exact output from /proc/ioports is attached (some 8-bit garbage), as well as
> lsmod output. Let me know if further data is needed.
>
> I suspect that this is a problem in one of the drivers I am using, but
> how do I track down which one it is (since the name is not there)?
You could load all those modules one at a time, doing a `cat /proc/ioports'
after each one. One sneaky way of doing that would be to make your
modprobe executable be:
#!/bin/sh
echo Loading $* > /dev/console
modprobe.orig $*
cat /proc/ioports > /dev/null
echo that worked
and then just boot in the normal manner.
Have you ever unloaded a module? The usual source of this crash is some
driver forgot to unregister an IO region during module unload. So a read
of /proc/ioports crashes _after_ the module is rmmodded.
(adding alsa-devel)
On Thu, Jul 17, 2003 at 09:15:33PM -0700, Andrew Morton wrote:
> You could load all those modules one at a time, doing a `cat /proc/ioports'
> after each one. One sneaky way of doing that would be to make your
> modprobe executable be:
Ok, this let me track it down to the ALSA snd-sbawe module. I did not have
isapnp compiled into the kernel and was relying on the userspace isapnp to
configure the device (carried over from 2.4). Apparently the module didn't
like this.
With isapnp built into the kernel, the module loads successfully.
It seems that the driver is made to not require isapnp, so I'm not sure
where it is going wrong.
> Have you ever unloaded a module? The usual source of this crash is some
> driver forgot to unregister an IO region during module unload. So a read
> of /proc/ioports crashes _after_ the module is rmmodded.
No, I hadn't. I was able to reproduce this by just loading the snd_sbawe
module on a clean boot. Transcript follows.
Thanks,
-Chris
# /sbin/isapnp /etc/isapnp.conf
Board 1 has Identity 0e 10 00 2f 76 45 00 8c 0e: CTL0045 Serial No 268447606 [checksum 0e]
CTL0045/268447606[0]{Audio }: Ports 0x220 0x330 0x388; IRQ5 DMA1 DMA5 --- Enabled OK
CTL0045/268447606[2]{WaveTable }: Port 0x620; --- Enabled OK
# cat /proc/ioports
0000-001f : dma1
0020-0021 : pic1
0040-005f : timer
0060-006f : keyboard
0080-008f : dma page reg
00a0-00a1 : pic2
00c0-00df : dma2
00f0-00ff : fpu
0170-0177 : ide1
01f0-01f7 : ide0
0376-0376 : ide1
03c0-03df : vga+
03f6-03f6 : ide0
0cf8-0cff : PCI conf1
4000-403f : Intel Corp. 82371AB/EB/MB PIIX4
5000-501f : Intel Corp. 82371AB/EB/MB PIIX4
d000-dfff : PCI Bus #01
d000-d0ff : 3Dfx Interactive, In Voodoo 3
e000-e01f : Intel Corp. 82371AB/EB/MB PIIX4
e400-e4ff : Lite-On Communicatio LNE100TX
e800-e87f : VIA Technologies, In IEEE 1394 Host Contr
ec00-ec07 : US Robotics/3Com 56K FaxModem Model 5
f000-f00f : Intel Corp. 82371AB/EB/MB PIIX4
f000-f007 : ide0
f008-f00f : ide1
# modprobe snd_sbawe
FATAL: Error inserting snd_sbawe (/lib/modules/2.6.0-test1/kernel/sound/isa/sb/snd-sbawe.ko): No such device
# cat /proc/ioports
Segmentation fault
# dmesg | tail -31
sbawe: fatal error - EMU-8000 synthesizer not detected at 0x620
Sound Blaster 16 soundcard not found or device busy
In case, if you have non-AWE card, try snd-sb16 module
Unable to handle kernel paging request at virtual address c887d0f5
printing eip:
c01a123a
*pde = 07bc6067
*pte = 00000000
Oops: 0000 [#1]
CPU: 0
EIP: 0060:[<c01a123a>] Not tainted
EFLAGS: 00010297
EIP is at vsnprintf+0x31a/0x450
eax: c887d0f5 ebx: 0000000a ecx: c887d0f5 edx: fffffffe
esi: c739f0d3 edi: 00000000 ebp: c73a3ec0 esp: c73a3e88
ds: 007b es: 007b ss: 0068
Process cat (pid: 202, threadinfo=c73a2000 task=c73f8140)
Stack: c739f0cc c739ffff 0000038b 00000000 00000010 00000004 00000002 00000001
ffffffff ffffffff c739ffff c13fed60 00000000 c0241301 c73a3edc c0167426
c739f0c7 00000f39 c024131a c73a3ef8 c72f3700 c73a3f04 c011cf64 c13fed60
Call Trace:
[<c0167426>] seq_printf+0x36/0x60
[<c011cf64>] do_resource_list+0x64/0xa0
[<c011cfeb>] ioresources_show+0x4b/0x70
[<c0166e0f>] seq_read+0xef/0x300
[<c0149b3a>] vfs_read+0xaa/0x130
[<c0149def>] sys_read+0x3f/0x60
[<c010940b>] syscall_call+0x7/0xb
Code: 80 38 00 74 07 40 4a 83 fa ff 75 f4 29 c8 83 e7 10 89 c3 75
<6>note: cat[202] exited with preempt_count 1
Chris Ruvolo <[email protected]> wrote:
>
> (adding alsa-devel)
>
> On Thu, Jul 17, 2003 at 09:15:33PM -0700, Andrew Morton wrote:
> > You could load all those modules one at a time, doing a `cat /proc/ioports'
> > after each one. One sneaky way of doing that would be to make your
> > modprobe executable be:
>
> Ok, this let me track it down to the ALSA snd-sbawe module. I did not have
> isapnp compiled into the kernel and was relying on the userspace isapnp to
> configure the device (carried over from 2.4). Apparently the module didn't
> like this.
OK, thanks for that.
>From my reading, snd_sb16_probe() is, in the case of !CONFIG_PNP, doing:
/* block the 0x388 port to avoid PnP conflicts */
acard->fm_res = request_region(0x388, 4, "SoundBlaster FM");
but this reservation is never undone. So later, after the module is
unloaded, a read of /proc/ioports is oopsing when trying to access that
string "SoundBlaster FM". Because it now resides in vfree'd memory.
The fix would be to run release_region() either at the end of
snd_sb16_probe() or on module unload.
Adam or Jaroslav, could you please take care of this?
Thanks.
On Sun, Jul 27, 2003 at 04:38:12PM -0700, Andrew Morton wrote:
> Chris Ruvolo <[email protected]> wrote:
> >
> > (adding alsa-devel)
> >
> > On Thu, Jul 17, 2003 at 09:15:33PM -0700, Andrew Morton wrote:
> > > You could load all those modules one at a time, doing a `cat /proc/ioports'
> > > after each one. One sneaky way of doing that would be to make your
> > > modprobe executable be:
> >
> > Ok, this let me track it down to the ALSA snd-sbawe module. I did not have
> > isapnp compiled into the kernel and was relying on the userspace isapnp to
> > configure the device (carried over from 2.4). Apparently the module didn't
> > like this.
>
> OK, thanks for that.
>
> >From my reading, snd_sb16_probe() is, in the case of !CONFIG_PNP, doing:
>
> /* block the 0x388 port to avoid PnP conflicts */
> acard->fm_res = request_region(0x388, 4, "SoundBlaster FM");
>
> but this reservation is never undone. So later, after the module is
> unloaded, a read of /proc/ioports is oopsing when trying to access that
> string "SoundBlaster FM". Because it now resides in vfree'd memory.
>
> The fix would be to run release_region() either at the end of
> snd_sb16_probe() or on module unload.
>
> Adam or Jaroslav, could you please take care of this?
>
> Thanks.
I believe this will fix it. Testing would be appreciated.
Thanks,
Adam
--- a/sound/isa/sb/sb16.c 2003-07-14 03:37:15.000000000 +0000
+++ b/sound/isa/sb/sb16.c 2003-07-27 22:33:22.000000000 +0000
@@ -350,6 +350,18 @@
#endif /* CONFIG_PNP */
+static void snd_sb16_free(snd_card_t *card)
+{
+ struct snd_card_sb16 *acard = (struct snd_card_sb16 *) card->private_data;
+
+ if (acard == NULL)
+ return;
+ if (acard->fm_res) {
+ release_resource(acard->fm_res);
+ kfree_nocheck(acard->fm_res);
+ }
+}
+
static int __init snd_sb16_probe(int dev,
struct pnp_card_link *pcard,
const struct pnp_card_device_id *pid)
@@ -374,6 +386,7 @@
if (card == NULL)
return -ENOMEM;
acard = (struct snd_card_sb16 *) card->private_data;
+ card->private_free = snd_sb16_free;
#ifdef CONFIG_PNP
if (isapnp[dev]) {
if ((err = snd_card_sb16_pnp(dev, acard, pcard, pid))) {
On Sun, Jul 27, 2003 at 10:43:57PM +0000, Adam Belay wrote:
> > The fix would be to run release_region() either at the end of
> > snd_sb16_probe() or on module unload.
> >
> > Adam or Jaroslav, could you please take care of this?
>
> I believe this will fix it. Testing would be appreciated.
Adam,
Yes, this looks good. The module loads and fails cleanly. /proc/ioports is
then readable. Thanks for this fix.
However, this doesn't fix the loading of the module without in-kernel isapnp.
# modprobe --verbose snd-sbawe
insmod /lib/modules/2.6.0-test1/kernel/sound/isa/sb/snd-sbawe.ko
sbawe: fatal error - EMU-8000 synthesizer not detected at 0x620
Sound Blaster 16 soundcard not found or device busy
In case, if you have non-AWE card, try snd-sb16 module
FATAL: Error inserting snd_sbawe (/lib/modules/2.6.0-test1/kernel/sound/isa/sb/snd-sbawe.ko): No such device
Specifying the parameters (port, irq, awe_port, etc.) doesn't seem to help.
In-kernel isapnp has been working though.
Thanks
-Chris