[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <484F5DB2.4050705@lwfinger.net>
Date: Wed, 11 Jun 2008 00:08:02 -0500
From: Larry Finger <Larry.Finger@...inger.net>
To: Miles Lane <miles.lane@...il.com>
CC: Michael Buesch <mb@...sch.de>,
Vegard Nossum <vegard.nossum@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-wireless <linux-wireless@...r.kernel.org>,
FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>
Subject: Re: BUG: NULL pointer dereference at 00000000 -- IP: [<f8e783d5>]
:b43:b43_dma_mapping_error+0x16/0x155
Miles Lane wrote:
> On Tue, Jun 10, 2008 at 7:15 PM, Larry Finger <Larry.Finger@...inger.net> wrote:
>> Miles Lane wrote:
>>> I got a slightly different BUG with this patch applied:
>>>
>>> BUG: unable to handle kernel NULL pointer dereference at 00000000
>>> IP: [<f89e3d41>] :b43:b43_dma_mapping_error+0x16/0x97
>>> *pde = 00000000
>>> Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
>>> last sysfs file:
>>>
>>> /sys/devices/pci0000:00/0000:00:08.0/0000:01:06.0/ssb0:0/firmware/ssb0:0/loading
>>> Modules linked in: sbs sbshc wmi battery iptable_filter ip_tables
>>> x_tables ac sbp2 rtc arc4 ecb crypto_blkcipher cryptomgr crypto_algapi
>>> b43 mac80211 cfg80211 led_class snd_intel8x0 snd_ac97_codec ac97_bus
>>> snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss
>>> snd_seq_midi_event snd_seq snd_timer snd_seq_device snd soundcore
>>> snd_page_alloc i2c_nforce2 i2c_core button ohci1394 3c59x ieee1394
>>> forcedeth ehci_hcd ohci_hcd usbcore thermal processor fan thermal_sys
>> Miles,
>>
>> If you have time, please cd to the kernel root directory and run the command
>> 'objdump -d -l drivers/net/wireless/b43/dma.o > dmadump'. You may have to
>> install the objdump package. In the file dmadump, find the line that
>> contains b43_dma_mapping_error. On my system it is 0000000000000085
>> <b43_dma_mapping_error>: Note, I use x86_64 and yours will likely be
>> different.
>>
>> Note the address (0x85 in my case), add the offset (0x16) and find the line
>> with the error. You can use KCalc in hexadecimal mode if you are not
>> comfortable with doing addition in base 16. Please report the source line
>> and instruction that failed.
>
> For me, the line is:
> "000000ab <b43_dma_mapping_error>:"
> so, 0xab + 0x16 = 0xc1
> and here's the dump giving some context around that line:
> b43_dma_mapping_error():
> ab: 55 push %ebp
> ac: 89 e5 mov %esp,%ebp
> ae: 57 push %edi
> af: 89 d7 mov %edx,%edi
> b1: 56 push %esi
> b2: 89 ce mov %ecx,%esi
> b4: 53 push %ebx
> b5: 83 ec 08 sub $0x8,%esp
> b8: 8a 55 08 mov 0x8(%ebp),%dl
> bb: 88 55 ef mov %dl,-0x11(%ebp)
> be: 8b 50 58 mov 0x58(%eax),%edx
> c1: 8b 12 mov (%edx),%edx
> c3: 8b 52 08 mov 0x8(%edx),%edx
> c6: 89 55 f0 mov %edx,-0x10(%ebp)
> c9: 8b 40 34 mov 0x34(%eax),%eax
> cc: 83 f8 1e cmp $0x1e,%eax
> cf: 74 07 je d8 <b43_dma_mapping_error+0x2d>
> d1: 83 f8 20 cmp $0x20,%eax
> d4: 75 5b jne 131 <b43_dma_mapping_error+0x86>
> d6: eb 15 jmp ed <b43_dma_mapping_error+0x42>
The line that fails is
if (unlikely(dma_mapping_error(ring->dev->dev->dma_dev, addr)))
The value at 0x58(%eax) is zero, which corresponds to the "struct
b43_wldev *dev" line in struct b43_dmaring. In other words, ring->dev
is NULL, which causes the error. I'll leave it to FUJITA Tomonori to
figure out why.
Larry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists