NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/52099: audio crashes the kernel
>Number: 52099
>Category: kern
>Synopsis: audio crashes the kernel
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Mar 21 14:10:00 +0000 2017
>Originator: Martin Husemann
>Release: NetBSD 7.99.66
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD night-owl.duskware.de 7.99.66 NetBSD 7.99.66 (NIGHT-OWL) #496: Fri Mar 17 15:01:22 CET 2017 martin%night-owl.duskware.de@localhost:/usr/src/sys/arch/amd64/compile/NIGHT-OWL amd64
Architecture: x86_64
Machine: amd64
>Description:
While trying to get pulseaudio to work, I ran into this crash:
(gdb) x/i $pc
=> 0xffffffff80631352 <recswvol_func+262>: movswl (%rdi),%edx
(gdb) p/x $rdi
$5 = 0xffff800008ae5000
with backtrace:
#8 0xffffffff80631352 in recswvol_func16 (sc=0xfffffe81070df808,
vc=vc@entry=0xfffffe810ab48808, blksize=8192, cb=0xfffffe810ab48b68,
cb@entry=0x180) at ../../../../dev/audio.c:5669
#9 recswvol_func (sc=sc@entry=0xfffffe81070df808,
cb=cb@entry=0xfffffe810ab48b68, blksize=blksize@entry=8192,
---Type <return> to continue, or q <return> to quit---
vc=vc@entry=0xfffffe810ab48808) at ../../../../dev/audio.c:5681
#10 0xffffffff80631514 in audio_upmix (v=v@entry=0xfffffe81070df808)
at ../../../../dev/audio.c:3855
#11 0xffffffff806317b8 in audio_rec_thread (v=0xfffffe81070df808)
at ../../../../dev/audio.c:5880
That is:
#8 0xffffffff80631352 in recswvol_func16 (sc=0xfffffe81070df808,
vc=vc@entry=0xfffffe810ab48808, blksize=8192, cb=0xfffffe810ab48b68,
cb@entry=0x180) at ../../../../dev/audio.c:5669
5669 DEF_RECSWVOL_FUNC(16, int16_t, int32_t);
(gdb) info locals
cc = 8192
cc1 = 0
m = 0
resid = 8192
orig = 0xffff800008ae5000
and orig is an invalid pointer.
(gdb) p *sc
$2 = {dev = 0xfffffe81071cc308, hw_hdl = 0xfffffe81071c3138,
hw_if = 0xffffffff80de4f60 <hdafg_hw_if>, sc_dev = 0xfffffe81071ccc08,
sc_audiochan = {sqh_first = 0xfffffe8137281ee0,
sqh_last = 0xfffffe812aa5ad18}, sc_encodings = 0xfffffe81372b5190,
sc_wsel = {sel_klist = {slh_first = 0x0}, sel_cluster = 0xfffffe8137dab040,
sel_lwp = 0x0, sel_fdinfo = 18446742425518308688, sel_chain = {
sle_next = 0xfffffe8136666838}, sel_collision = 0, sel_reserved = {0, 0,
0}}, sc_rsel = {sel_klist = {slh_first = 0x0}, sel_cluster = 0x0,
sel_lwp = 0x0, sel_fdinfo = 0, sel_chain = {sle_next = 0x0},
sel_collision = 0, sel_reserved = {0, 0, 0}}, sc_async_audio = 0,
sc_sih_rd = 0x540, sc_sih_wr = 0x568, sc_async_mixer = 0x0,
sc_intr_lock = 0xfffffe81071c3018, sc_lock = 0xfffffe81071c3010, sc_rchan = {
cv_opaque = {0x0, 0xfffffe81070df8e0, 0xffffffff80f0a615}}, sc_wchan = {
cv_opaque = {0x0, 0xfffffe81070df8f8, 0xffffffff80f0a61d}}, sc_lchan = {
cv_opaque = {0x0, 0xfffffe81070df910, 0xffffffff80f0a625}},
sc_trigger_started = true, sc_rec_started = true, sc_writeme = true,
sc_ready = true, sc_opens = 1, sc_recopens = -4, sc_dying = false, sc_pr = {
s = {bufsize = 65536, start = 0xffff800007bff000 "",
end = 0xffff800007c0f000 "", inp = 0xffff800007c01000 "",
outp = 0xffff800007c01000 "", used = 0, param = {sample_rate = 0,
encoding = 0, precision = 0, validbits = 0, channels = 0},
loop = false}, blksize = 8192, maxblks = 8, usedlow = 0, usedhigh = 0,
stamp = 0, stamp_last = 0, fstamp = 0, drops = 0, pdrops = 0,
pause = false, copying = false, needfill = false, mmapped = false},
sc_rr = {s = {bufsize = 65536, start = 0xffff800007c0f000 "",
end = 0xffff800007c1f000 "", inp = 0xffff800007c17000 "",
outp = 0xffff800007c15000 "", used = 8192, param = {sample_rate = 0,
encoding = 0, precision = 0, validbits = 0, channels = 0},
loop = false}, blksize = 8192, maxblks = 8, usedlow = 0, usedhigh = 0,
stamp = 0, stamp_last = 0, fstamp = 0, drops = 0, pdrops = 0,
pause = false, copying = false, needfill = false, mmapped = false},
sc_eof = 0, sc_inports = {index = 46, master = -1, nports = 0,
isenum = false, allports = 0, aumask = {0, 0, 0, 0}, misel = {0, 0, 0, 0},
miport = {0, 0, 0, 0}, isdual = false, mixerout = -1, cur_port = -1},
sc_outports = {index = -1, master = 3, nports = 0, isenum = false,
allports = 0, aumask = {0, 0, 0, 0}, misel = {0, 0, 0, 0}, miport = {0, 0,
0, 0}, isdual = false, mixerout = -1, cur_port = -1},
sc_monitor_port = -1, sc_lastgain = 128,
sc_mixer_state = 0xfffffe81249ae808, sc_nmixer_states = 50,
sc_static_nmixer_states = 48, schedule_wih = true, schedule_rih = false,
sc_playthread = 0xfffffe81072079e0, sc_condvar = {cv_opaque = {0x0,
0xfffffe81070dfb18, 0xffffffff80f56b8d}},
sc_recthread = 0xfffffe81071d0180, sc_rcondvar = {cv_opaque = {0x0,
0xfffffe81070dfb38, 0xffffffff80ec1f4c}}, sc_log = 0xfffffe8137281f18,
sc_channels = 2, sc_precision = 16, sc_iffreq = 48000, sc_saturate = true,
sc_ai = {play = {sample_rate = 0, channels = 0, precision = 0, encoding = 0,
gain = 0, port = 0, seek = 0, avail_ports = 0, buffer_size = 0,
_ispare = {0}, samples = 0, eof = 0, pause = 0 '\000', error = 0 '\000',
waiting = 0 '\000', balance = 0 '\000', cspare = "\000",
open = 0 '\000', active = 0 '\000'}, record = {sample_rate = 0,
channels = 0, precision = 0, encoding = 0, gain = 0, port = 0, seek = 0,
avail_ports = 0, buffer_size = 0, _ispare = {0}, samples = 0, eof = 0,
pause = 0 '\000', error = 0 '\000', waiting = 0 '\000',
balance = 0 '\000', cspare = "\000", open = 0 '\000',
active = 0 '\000'}, monitor_gain = 0, blocksize = 0, hiwat = 0,
lowat = 0, _ispare1 = 0, mode = 0}, sc_aivalid = false, sc_format = {{
driver_data = 0x0, mode = 3, encoding = 6, validbits = 16,
precision = 16, channels = 2, channel_mask = 3, frequency_type = 1,
frequency = {48000, 0 <repeats 15 times>}}}, sc_vchan_params = {
sample_rate = 48000, encoding = 6, precision = 16, validbits = 16,
channels = 2}, sc_multiuser = false, sc_credentials = 0xfffffe812a7af300}
(gdb) p *vc
$3 = {sc_open = 3 '\003', sc_mode = 7 '\a', sc_blkset = false,
sc_sil_start = 0x0, sc_sil_count = 0, sc_pbus = true, sc_pparams = {
sample_rate = 44100, encoding = 6, precision = 16, validbits = 16,
channels = 2}, sc_pustream = 0xfffffe810ab48848, sc_npfilters = 1,
sc_pstreams = {{bufsize = 65536, start = 0xffff800008b05000 "",
end = 0xffff800008b15000 <error: Cannot access memory at address 0xffff800008b15000>, inp = 0xffff800008b0f000 "", outp = 0xffff800008b0f000 "",
used = 0, param = {sample_rate = 44100, encoding = 6, precision = 16,
validbits = 16, channels = 2}, loop = false}, {bufsize = 0,
start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0, param = {
sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}}, sc_pfilters = {0xfffffe81369cd2c8, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, sc_mpr = {s = {bufsize = 65536,
start = 0xffff800008af5000 "", end = 0xffff800008b05000 "",
inp = 0xffff800008b04ac4 "", outp = 0xffff800008b03000 "", used = 6852,
param = {sample_rate = 48000, encoding = 6, precision = 16,
validbits = 16, channels = 2}, loop = false}, blksize = 8192,
maxblks = 8, usedlow = 8192, usedhigh = 65536, stamp = 22863872,
stamp_last = 0, fstamp = 21012480, drops = 0, pdrops = 0, pause = false,
copying = false, needfill = false, mmapped = false}, sc_wstamp = 0,
sc_playdrop = 0, sc_rbus = true, sc_mrr = {s = {bufsize = 65536,
start = 0xffff800008ad5000 "",
end = 0xffff800008ae5000 <error: Cannot access memory at address 0xffff800008ae5000>, inp = 0xffff800008ae3000 "", outp = 0xffff800008ae3000 "",
used = 0, param = {sample_rate = 48000, encoding = 6, precision = 16,
validbits = 16, channels = 2}, loop = false}, blksize = 8192,
maxblks = 8, usedlow = 0, usedhigh = 57344, stamp = 22863872,
stamp_last = 0, fstamp = 21006180, drops = 0, pdrops = 0, pause = false,
copying = false, needfill = false, mmapped = false}, sc_nrfilters = 1,
sc_rfilters = {0xfffffe811f418ac8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0},
sc_rstreams = {{bufsize = 65536, start = 0xffff800008b25000 "",
end = 0xffff800008b35000 <error: Cannot access memory at address 0xffff800008b35000>, inp = 0xffff800008b2d764 "", outp = 0xffff800008b2ec30 "",
used = 60212, param = {sample_rate = 44100, encoding = 6,
precision = 16, validbits = 16, channels = 2}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}, {bufsize = 0, start = 0x0, end = 0x0,
inp = 0x0, outp = 0x0, used = 0, param = {sample_rate = 0, encoding = 0,
precision = 0, validbits = 0, channels = 0}, loop = false}, {
bufsize = 0, start = 0x0, end = 0x0, inp = 0x0, outp = 0x0, used = 0,
param = {sample_rate = 0, encoding = 0, precision = 0, validbits = 0,
channels = 0}, loop = false}}, sc_rustream = 0xfffffe810ab48c38,
sc_rparams = {sample_rate = 44100, encoding = 6, precision = 16,
validbits = 16, channels = 2}, sc_full_duplex = 1, sc_lastinfo = {play = {
sample_rate = 44100, channels = 4294967295, precision = 4294967295,
encoding = 4294967295, gain = 4294967295, port = 4294967295,
seek = 4294967295, avail_ports = 4294967295, buffer_size = 4294967295,
_ispare = {4294967295}, samples = 4294967295, eof = 4294967295,
pause = 255 '\377', error = 255 '\377', waiting = 255 '\377',
balance = 255 '\377', cspare = "\377\377", open = 255 '\377',
active = 255 '\377'}, record = {sample_rate = 44100,
channels = 4294967295, precision = 4294967295, encoding = 4294967295,
gain = 4294967295, port = 4294967295, seek = 4294967295,
avail_ports = 4294967295, buffer_size = 4294967295, _ispare = {
4294967295}, samples = 4294967295, eof = 4294967295,
pause = 255 '\377', error = 255 '\377', waiting = 255 '\377',
balance = 255 '\377', cspare = "\377\377", open = 255 '\377',
active = 255 '\377'}, monitor_gain = 4294967295, blocksize = 4294967295,
hiwat = 4294967295, lowat = 4294967295, _ispare1 = 4294967295,
mode = 4294967295}, sc_lastinfovalid = true, sc_draining = true,
sc_swvol = 255 '\377', sc_recswvol = 255 '\377'}
>How-To-Repeat:
no idea
>Fix:
n/a
Home |
Main Index |
Thread Index |
Old Index