Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Jan 2006 18:00:49 +0900 (JST)
From:      HASHI Hiroaki <hashiz@tomba.cskk-sv.co.jp>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   kern/91992: [sound] kernel panic at playing sound while recording.
Message-ID:  <200601190900.k0J90ngs010022@tomba.cskk-sv.co.jp>
Resent-Message-ID: <200601190910.k0J9A4v5075134@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         91992
>Category:       kern
>Synopsis:       [sound] kernel panic at playing sound while recording.
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 19 09:10:03 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     HASHI Hiroaki
>Release:        FreeBSD 6.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD tomba.cskk-sv.co.jp 6.0-STABLE FreeBSD 6.0-STABLE #8: Wed Jan 18 22:42:14 JST 2006 hashiz@tomba.cskk-sv.co.jp:/usr/obj/home/sources/current/src/sys/TOMBA i386

tomba% cat /dev/sndstat
FreeBSD Audio Driver (newpcm)
Installed devices:
pcm0: <ESS Solo-1E> at io 0xa800,0xa400,0xa000 irq 5 kld snd_solo (1p/1r/0v channels default)

>Description:

kernel panic at palaying sound while recoding a sound.

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x24
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0814247
stack pointer           = 0x28:0xdb00dbcc
frame pointer           = 0x28:0xdb00dbe4
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 966 (esd)
trap number             = 12
panic: page fault

(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc050e4c0 in boot (howto=260) at /home/sources/current/src/sys/kern/kern_shutdown.c:399
#2  0xc050e809 in panic (fmt=0xc06f48fc "%s") at /home/sources/current/src/sys/kern/kern_shutdown.c:555
#3  0xc06d03cc in trap_fatal (frame=0xdb00db8c, eva=0)
    at /home/sources/current/src/sys/i386/i386/trap.c:836
#4  0xc06d00a2 in trap_pfault (frame=0xdb00db8c, usermode=0, eva=36)
    at /home/sources/current/src/sys/i386/i386/trap.c:744
#5  0xc06cfc5f in trap (frame=
      {tf_fs = -1065287672, tf_es = 40, tf_ds = 268435496, tf_edi = -620700496, tf_esi = -1019254016, tf_ebp = -620700700, tf_isp = -620700744, tf_ebx = -1019254016, tf_edx = -1013862400, tf_ecx = 0, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1065270713, tf_cs = 32, tf_eflags = 66118, tf_esp = -620700712, tf_ss = 536870912}) at /home/sources/current/src/sys/i386/i386/trap.c:434
#6  0xc06bcd8a in calltrap () at /home/sources/current/src/sys/i386/i386/exception.s:139
#7  0xc0814247 in ?? ()
#8  0x00000000 in ?? ()
#9  0xc33f6b00 in ?? ()
#10 0x00001000 in ?? ()
#11 0xdb00dc04 in ?? ()
#12 0xc04da65a in giant_write (dev=0xc33f6b00, uio=0x0, ioflag=0)
    at /home/sources/current/src/sys/kern/kern_conf.c:312
Previous frame identical to this frame (corrupt stack?)
(kgdb) up
#1  0xc050e4c0 in boot (howto=260) at /home/sources/current/src/sys/kern/kern_shutdown.c:399
399                     doadump();
(kgdb) up
#2  0xc050e809 in panic (fmt=0xc06f48fc "%s") at /home/sources/current/src/sys/kern/kern_shutdown.c:555
555             boot(bootopt);
(kgdb) up
#3  0xc06d03cc in trap_fatal (frame=0xdb00db8c, eva=0)
    at /home/sources/current/src/sys/i386/i386/trap.c:836
836                     panic("%s", trap_msg[type]);
(kgdb) up
#4  0xc06d00a2 in trap_pfault (frame=0xdb00db8c, usermode=0, eva=36)
    at /home/sources/current/src/sys/i386/i386/trap.c:744
744                     trap_fatal(frame, eva);
(kgdb) up
#5  0xc06cfc5f in trap (frame=
      {tf_fs = -1065287672, tf_es = 40, tf_ds = 268435496, tf_edi = -620700496, tf_esi = -1019254016, tf_ebp = -620700700, tf_isp = -620700744, tf_ebx = -1019254016, tf_edx = -1013862400, tf_ecx = 0, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1065270713, tf_cs = 32, tf_eflags = 66118, tf_esp = -620700712, tf_ss = 536870912}) at /home/sources/current/src/sys/i386/i386/trap.c:434
434                             (void) trap_pfault(&frame, FALSE, eva);
(kgdb) up
#6  0xc06bcd8a in calltrap () at /home/sources/current/src/sys/i386/i386/exception.s:139
139             call    trap
Current language:  auto; currently asm
(kgdb) up
#7  0xc0814247 in ?? ()
(kgdb) up
#8  0x00000000 in ?? ()
(kgdb) up
#9  0xc33f6b00 in ?? ()
(kgdb) up
#10 0x00001000 in ?? ()
(kgdb) up
#11 0xdb00dc04 in ?? ()
(kgdb) up
#12 0xc04da65a in giant_write (dev=0xc33f6b00, uio=0x0, ioflag=0)
    at /home/sources/current/src/sys/kern/kern_conf.c:312
312             retval = dev->si_devsw->d_gianttrick->
Current language:  auto; currently c
(kgdb) l
307     giant_write(struct cdev *dev, struct uio *uio, int ioflag)
308     {
309             int retval;
310
311             mtx_lock(&Giant);
312             retval = dev->si_devsw->d_gianttrick->
313                     d_write(dev, uio, ioflag);
314             mtx_unlock(&Giant);
315             return (retval);
316     }
(kgdb) p dev
$1 = (struct cdev *) 0xc33f6b00
(kgdb) p *dev
$2 = {si_priv = 0xc33f6b00, si_flags = 4, si_atime = {tv_sec = 1137608748, tv_nsec = 821400000},
  si_ctime = {tv_sec = 1137608748, tv_nsec = 821400000}, si_mtime = {tv_sec = 1137608748,
    tv_nsec = 821400000}, si_uid = 0, si_gid = 0, si_mode = 438, si_cred = 0x0, si_drv0 = 3,
  si_refcount = 2, si_list = {le_next = 0x0, le_prev = 0xc33f6a38}, si_clone = {le_next = 0x0,
    le_prev = 0x0}, si_children = {lh_first = 0x0}, si_siblings = {le_next = 0x0, le_prev = 0x0},
  si_parent = 0x0, si_name = 0xc33f6b78 "dsp0.0", si_drv1 = 0x0, si_drv2 = 0x0, si_devsw = 0xc081fce0,
  si_iosize_max = 65536, si_usecount = 1, si_threadcount = 1, __si_u = {__sit_tty = 0x0,
    __sid_snapdata = 0x0}, __si_namebuf = "dsp0.0", '\0' <repeats 57 times>}
(kgdb) p *dev->si_devsw
$3 = {d_version = 386080773, d_flags = 2151677952, d_name = 0xc081e308 "dsp",
  d_open = 0xc04da130 <giant_open>, d_fdopen = 0, d_close = 0xc04da2d0 <giant_close>,
  d_read = 0xc04da530 <giant_read>, d_write = 0xc04da5f0 <giant_write>,
  d_ioctl = 0xc04da460 <giant_ioctl>, d_poll = 0xc04da6b0 <giant_poll>, d_mmap = 0xc04da830 <giant_mmap>,
  d_strategy = 0xc04da0e0 <no_strategy>, d_dump = 0xc04da0a0 <enodev>, d_kqfilter = 0xc04da0a0 <enodev>,
  d_purge = 0, d_spare2 = 0, d_uid = 0, d_gid = 0, d_mode = 0, d_kind = 0x0, d_list = {le_next = 0x0,
    le_prev = 0x0}, d_devs = {lh_first = 0xc33f6300}, d_spare3 = 0, d_gianttrick = 0xc3388b80}
(kgdb) p *dev->si_devsw->d_gianttrick
$4 = {d_version = 386080773, d_flags = 4194304, d_name = 0xc081e308 "dsp", d_open = 0xc0813a00,
  d_fdopen = 0, d_close = 0xc0813f00, d_read = 0xc0814190, d_write = 0xc0814220, d_ioctl = 0xc08142b0,
  d_poll = 0xc0815de0, d_mmap = 0xc0815ea0, d_strategy = 0, d_dump = 0, d_kqfilter = 0, d_purge = 0,
  d_spare2 = 0, d_uid = 0, d_gid = 0, d_mode = 0, d_kind = 0x0, d_list = {le_next = 0x0, le_prev = 0x0},
  d_devs = {lh_first = 0x0}, d_spare3 = 0, d_gianttrick = 0x0}
(kgdb) p *dev->si_devsw->d_gianttrick->d_write
$5 = {int (struct cdev *, struct uio *, int)} 0xc0814220
(kgdb) p uio
$6 = (struct uio *) 0x0
(kgdb) p ioflag
$7 = 0

>How-To-Repeat:

	sound recoding start by ffmpeg (ports/ffmpeg)
	    ffmpeg tv.avi

	play sound while recoding
	    esdplay /usr/X11R6/share/gnome/sounds/phone.wav

>Fix:

	


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200601190900.k0J90ngs010022>