Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#251 oops premmpt rt3070 wrap_urb_complete

open
None
5
2014-10-18
2010-09-16
Anonymous
No

Using ndiswrapper 1-56 and a 2.6.29 kernel preempt rt, i have some oops kernel bug.
[14781.261608] BUG: unable to handle kernel NULL pointer dereference at 00000038
[14781.262018] IP: [<d04e3396>] wrap_urb_complete+0x7/0x53 [ndiswrapper]
[14781.262018] *pde = 00000000
[14781.262018] Oops: 0002 [#1] PREEMPT
[14781.262018] last sysfs file: /sys/class/i2c-adapter/i2c-1/1-004c/temp1_input
[14781.262018] Modules linked in: lxv4l2 ndiswrapper cdc_acm zd1211rw rfcomm l2cap cimarron lm90 scx200_acb i2c_serial
[14781.262018]
[14781.262018] Pid: 823, comm: IRQ-5 Tainted: P (2.6.29.6-rt24-aldebaran-rt #1) AMD "CM-iGLX" Geode LX/CS5536
[14781.262018] EIP: 0060:[<d04e3396>] EFLAGS: 00010246 CPU: 0
[14781.262018] EIP is at wrap_urb_complete+0x7/0x53 [ndiswrapper]
[14781.262018] EAX: 00000000 EBX: cd0c56a0 ECX: 00000000 EDX: 00000000
[14781.262018] ESI: 00000000 EDI: cdbcb000 EBP: 00000000 ESP: cdbafe78
[14781.262018] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 preempt:00000001
[14781.262018] Process IRQ-5 (pid: 823, ti=cdbae000 task=ce0c7030 task.ti=cdbae000)
[14781.262018] Stack:
[14781.262018] ce406bc0 c0225eb5 cdbcb0cc cdbcb000 cdbcb0bc c02305a9 ce406bc0 cdaaa240
[14781.262018] ffffff8d cdb77100 cdaaa240 c0230e7c cdbcb000 cdbcb0bc cdb7714c cdaaa3c0
[14781.262018] cdb7714c 00000000 00000000 01deef80 ce406bc0 c0383c80 ffffff8d cdb77100
[14781.262018] Call Trace:
[14781.262018] [<c0225eb5>] ? usb_hcd_giveback_urb+0x4a/0x78
[14781.262018] [<c02305a9>] ? ehci_urb_done+0xa1/0xad
[14781.262018] [<c0230e7c>] ? qh_completions+0x2e5/0x361
[14781.262018] [<c0232ca9>] ? ehci_work+0x9d/0x7c4
[14781.262018] [<c0142800>] ? perf_swcounter_event+0xc4/0xeb
[14781.262018] [<c0119cfe>] ? finish_task_switch+0x23/0x77
[14781.262018] [<c02d3b41>] ? __schedule+0x2d7/0x323
[14781.262018] [<c023414b>] ? ehci_irq+0x161/0x18a
[14781.262018] [<c02d3c92>] ? preempt_schedule_irq+0x3c/0x50
[14781.262018] [<c0225cef>] ? usb_hcd_irq+0x22/0x53
[14781.262018] [<c013d09a>] ? handle_IRQ_event+0x39/0xab
[14781.262018] [<c013d2e0>] ? thread_simple_irq+0x3a/0x72
[14781.262018] [<c013d3ba>] ? do_irqd+0xa2/0x24d
[14781.262018] [<c013d318>] ? do_irqd+0x0/0x24d
[14781.262018] [<c012b949>] ? kthread+0x36/0x5a
[14781.262018] [<c012b913>] ? kthread+0x0/0x5a
[14781.262018] [<c0102fb3>] ? kernel_thread_helper+0x7/0x10
[14781.262018] Code: 00 00 40 85 ed 74 18 89 f8 e8 bb f9 ff ff 8b 43 60 80 60 03 fe 89 e8 e8 5d f5 ff ff 89 46 04 5b 5e 5f 5d c3 53 8
[14781.262018] EIP: [<d04e3396>] wrap_urb_complete+0x7/0x53 [ndiswrapper] SS:ESP 0068:cdbafe78
[14781.262018] CR2: 0000000000000038
[14781.961007] ---[ end trace d4828e7fe6958560 ]---

It seems that in driver/usb.c function, wrap_urb_complete, a pointer is Null.

irp = wrap_urb->irp; <--irp is NULL (line 373 )

Regards,
Julien Massot

Related

Bugs: #1
Wiki: ndiswrapper

Discussion


  • Anonymous
    2010-09-16

     
    Attachments
  • Hi,

    if possible: could you please turn on debugging (make DEBUG=1 USB_DEBUG=1) and check, what the logs say? Probably it would be a good idea to put the DUMP_WRAP_URB in front of the offending line.

    I have no idea, why irp is zero and why a zero irp doesn't cause an oops when submitting the urb. I'm using a rt2870 and have not experienced such behavior until now.