Date: Tue, 8 Sep 1998 01:09:05 -0700 (PDT) From: M.Indlekofer@fz-juelich.de To: freebsd-gnats-submit@FreeBSD.ORG Subject: i386/7859: fatal trap 12 in midi_synth_input Message-ID: <199809080809.BAA21046@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 7859
>Category: i386
>Synopsis: fatal trap 12 in midi_synth_input
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Sep 8 01:10:00 PDT 1998
>Last-Modified:
>Originator: Michael Indlekofer
>Organization:
Forschungszentrum Juelich GmbH
>Release: 2.2.7-RELEASE
>Environment:
FreeBSD deanna.isi.kfa-juelich.de 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE
#0: Wed Aug 19:04:43 GMT 1998
root@deanna.isi.kfa-juelich.de:/usr/src/sys/compile/MYKERNEL.1 i386
>Description:
* MIDI-keyboard connected to MIDI-In of SB16-Card
sb0 at 0x220 irq 5 drq 1 on isa
sb0: <SoundBlaster 16 4.16>
sbvxi0 at 0x0 drq 5 on isa
sbvxi0: <SoundBlaster 16 4.16>
sbmidi0 at 0x330 on isa
<SoundBlaster MPU-401>
opl0 at 0x388 on isa
opl0: <Yamaha OPL3 FM>
* as non-root: "od /dev/music | less"
* press any key on keyboard
=> immediately fatal trap 12
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x8c
fault code = supervisor read, page not present
instruction pointer = 0x8: 0xf01dd8c5
stack pointer = 0x10:0xf01f6f80
frame pointer = 0x10:0xf01f6f88
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL=0
current process = idle
interrupt mask =
panic: page fault
>How-To-Repeat:
you only need to open and read /dev/music and any incoming MIDI-event
causes the crash
(note that /dev/sequencer works well)
>Fix:
gdb -k kernel vmcrash.0 shows:
page fault appears in i386/isa/sound/midi_synth.c: midi_synth_input
line 164 "switch (inc->mstate) {...}"
&(inc->mstate) == 0x8c !!!
0x8c == 0x78 (offset &(inc->in_info) to &inc) + 0x14 (offset mstate)
therefore &(midi_devs[orig_dev]) must be NULL!!
Explanation: the argument dev to midi_synth_input is already an index
to midi_devs as can be seen in sb16_midi.c and gus_midi.c
where this interrupt handler is called with mydev!
(in my case dev==0 and midi2synth provided orig_dev==1
which is the wrong index for midi_devs)
How to fix the problem: rename the parameter dev of midi_synth_input
to orig_dev and remove line 161 in midi_synth.c
If this was the solution midi2synth would be superfluous.
Thanks,
Michael
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809080809.BAA21046>