| Summary: | DAHLIN-00020: Kernel oops from NULL pointer dereference in ioctl_echocancel | ||
| Reporter: | Jeff Peeler (jpeeler) | Labels: | |
| Date Opened: | 2008-07-10 00:20:43 | Date Closed: | 2008-08-01 08:44:54 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | dahdi (the module) |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 13044-1.patch | |
| Description: | I set up the MG2 echo canceller module for use with my FXO device. I was attempting to test echo using the Echo application. After dialing the extension for Echo the line goes dead and DAHDI becomes unusable. Below is the dmesg output. Running on Fedora 9 using SVN r4593 from /dahdi/linux/trunk. system.conf: loadzone=us defaultzone=us echocanceler=MG2,3 fxsks=2 fxoks=3 ****** ADDITIONAL INFORMATION ****** dahdi_echocan_mg2: Registered echo canceler 'MG2' BUG: unable to handle kernel NULL pointer dereference at 00000008 IP: [<f8992277>] :dahdi:ioctl_echocancel+0x255/0x3e3 *pde = 62ce5067 Oops: 0000 [#1] SMP Modules linked in: dahdi_echocan_mg2 bridge bnep rfcomm l2cap bluetooth vmnet(P) vmmon(P) fuse sunrpc nf_conntrack_ipv4 ipt_REJECT iptable_filter ip_tables nf_conntrack_ipv6 xt_state nf_conntrack xt_tcpudp ip6t_ipv6header ip6t_REJECT ip6table_filter ip6_tables x_tables cpufreq_ondemand acpi_cpufreq loop dm_multipath ipv6 snd_hda_intel snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device button snd_pcm_oss snd_mixer_oss i2c_i801 ppdev snd_pcm nvidia(P) parport_pc parport sr_mod cdrom snd_timer iTCO_wdt iTCO_vendor_support i2c_core wctdm24xxp dahdi crc_ccitt r8169 snd_page_alloc snd_hwdep snd pata_jmicron soundcore sg pcspkr dm_snapshot dm_zero dm_mirror dm_mod ata_piix pata_acpi ata_generic libata sd_mod scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd [last unloaded: microcode] Pid: 6288, comm: asterisk Tainted: P (2.6.25.9-76.fc9.i686 #1) EIP: 0060:[<f8992277>] EFLAGS: 00210286 CPU: 1 EIP is at ioctl_echocancel+0x255/0x3e3 [dahdi] EAX: f5b1ff28 EBX: 00000000 ECX: f5b1ff00 EDX: f5b9b000 ESI: f6cf3000 EDI: ffffffed EBP: f5b1ff10 ESP: f5b1fef0 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 Process asterisk (pid: 6288, ti=f5b1f000 task=f4998e70 task.ti=f5b1f000) Stack: f5b1ff28 f5b9b000 00000008 f5b1ff10 00000000 f899eaa0 f6cf3000 09555568 f5b1ff3c f8996bd4 f5bcde40 f5b1ff74 f5b1ff80 c04cff75 00000080 00000000 f899eaa0 f5bcde40 f739d5a0 f5b1ff58 f89985c4 09555568 00000003 f899eaa0 Call Trace: [<f8996bd4>] ? dahdi_chan_ioctl+0x431/0x75a [dahdi] [<c04cff75>] ? file_has_perm+0x7c/0x85 [<f89985c4>] ? dahdi_ioctl+0x213/0x228 [dahdi] [<c048c5e4>] ? vfs_ioctl+0x50/0x69 [<c048c836>] ? do_vfs_ioctl+0x239/0x24c [<c04d010b>] ? selinux_file_ioctl+0xa8/0xab [<c048c889>] ? sys_ioctl+0x40/0x5b [<c0405bf2>] ? syscall_call+0x7/0xb [<c0620000>] ? agp_amd64_probe+0x240/0x3ee ======================= Code: d2 74 19 64 a1 04 e0 78 c0 83 3a 02 0f 84 91 01 00 00 c1 e0 07 ff 84 02 00 01 00 00 8b 9e a8 07 00 00 8d 4d f0 8b 55 e4 8b 45 e0 <ff> 53 08 85 c0 89 c7 74 0d 8b 43 04 e8 66 27 ab c7 e9 4c 01 00 EIP: [<f8992277>] ioctl_echocancel+0x255/0x3e3 [dahdi] SS:ESP 0068:f5b1fef0 ---[ end trace 826a32ac5425fa3f ]--- | ||
| Comments: | By: Shaun Ruffell (sruffell) 2008-07-10 09:23:53 Although to make sure it's clear, DAHDI isn't yet released and therefore has not gone through any release testing. But this is an oops that I've not run into yet in my informal testing while I integrate, so I'll take a look at it. By: Shaun Ruffell (sruffell) 2008-07-10 15:32:09 jpeeler, could you try applying patch 13044-1.patch and see if there is any additional debug information. When I tried a quick run on my setup with the mg2 echocanceller, I didn't see any problems. You will need to rename 'echocanceler' to 'echocanceller' in /etc/dahdi/system.conf when you update to at least revision 4590 of https://svn.digium.com/svn/dahdi/linux/trunk. By: Shaun Ruffell (sruffell) 2008-07-10 15:33:49 eh...actually, as long as you don't update dahdi/tools, you should not need to make that change to /etc/dahdi/system.conf. By: Jeff Peeler (jpeeler) 2008-07-10 21:49:54 That fixed the problem. I assume you don't need any more information. By: Shaun Ruffell (sruffell) 2008-07-10 22:06:42 Were there any of those warning backtraces in your dmesg? Or it "just worked"? By: Jeff Peeler (jpeeler) 2008-07-10 22:26:51 There were no warning messages in dmesg. I am embarrassed to admit I tested rather hastily and did not see this output at the console: -- Starting simple switch on 'DAHDI/3-1' [Jul 10 22:30:18] WARNING[5856]: chan_dahdi.c:1648 dahdi_enable_ec: Unable to enable echo cancellation on channel 3 (No such device) -- Executing [2222@phone:1] Echo("DAHDI/3-1", "") in new stack == Spawn extension (phone, 2222, 1) exited non-zero on 'DAHDI/3-1' -- Hungup 'DAHDI/3-1' By: Kevin P. Fleming (kpfleming) 2008-08-01 08:44:51 This has been corrected; jpeeler ran into it again yesterday and I tracked down the problem in ioctl_echocancel(). | ||