f00f ok, a sbpcd cdda-patch and a sound oops

Jarno Paananen (jpaana@s2.org)
Fri, 14 Nov 1997 01:37:47 +0200

Now running 2.1.63 with Linus' pre-2.1.64 f00f-patch, happily trying
to crash without success. So congratulations there!

Here's a patch I received for 2.0.20 with some people in between
from Heiko Eissfeldt <heiko@colossus.escape.de> (I guess). It makes
the sbpcd-driver cdda-reading work reliably from longer than 1 sector
reads and enables normal cdda2wav to work just fine. I hope it gets
to the mainstream kernel as there has been some discussion about
where to get this one. It's against my current pre-2.1.64, but should
apply nearly everywhere.

--- linux/drivers/cdrom/sbpcd.c.orig Fri Nov 14 01:08:46 1997
+++ linux/drivers/cdrom/sbpcd.c Fri Nov 14 01:12:23 1997
@@ -4418,8 +4415,26 @@
error_flag=0;
p = D_S[d].aud_buf;
if (sbpro_type==1) OUT(CDo_sel_i_d,1);
- if (do_16bit) insw(CDi_data, p, read_audio.nframes*(CD_FRAMESIZE_RAW>>1));
- else insb(CDi_data, p, read_audio.nframes*CD_FRAMESIZE_RAW);
+ { int ii, ij;
+
+ for ( ii = 0; ii < read_audio.nframes; ii++)
+ {
+ for ( ij = CD_FRAMESIZE_RAW >> 2; ij > 0;)
+ {
+ u_char jj;
+
+ jj = inb_p(CDi_status);
+ if ( (jj & s_not_data_ready) ) continue;
+
+ /* get one sample */
+ *p++ = inb_p(CDi_data);
+ *p++ = inb_p(CDi_data);
+ *p++ = inb_p(CDi_data);
+ *p++ = inb_p(CDi_data);
+ ij--;
+ }
+ }
+ }
if (sbpro_type==1) OUT(CDo_sel_i_d,0);
data_retrying = 0;
}

Then... Quake (both squake and qwcl) started to oops when exiting.
This didn't happen with 2.1.62 and other audio apps still work fine.

This was interesting:

Nov 13 22:20:06 kalahari kernel: Negative d_count (-1) for dev/dsp0

And the oops:

(for some reason, my klogd has stopped decoding the addresses, ksymoops
follows)

Nov 13 22:20:06 kalahari kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000
Nov 13 22:20:06 kalahari kernel: current->tss.cr3 = 00101000, r3 = 00101000
Nov 13 22:20:06 kalahari kernel: *pde = 00000000
Nov 13 22:20:06 kalahari kernel: Oops: 0002
Nov 13 22:20:06 kalahari kernel: CPU: 0
Nov 13 22:20:06 kalahari kernel: EIP: 0010:[<c012e2da>]
Nov 13 22:20:06 kalahari kernel: EFLAGS: 00010286
Nov 13 22:20:06 kalahari kernel: eax: 00000023 ebx: c5f7be00 ecx: c01df140 edx: c5a92000
Nov 13 22:20:06 kalahari kernel: esi: ffffffff edi: 00010000 ebp: c53361c0 esp: c284bf60
Nov 13 22:20:06 kalahari kernel: ds: 0018 es: 0018 ss: 0018
Nov 13 22:20:06 kalahari kernel: Process squake (pid: 3968, process nr: 51, stackpage=c284b000)
Nov 13 22:20:06 kalahari kernel: Stack: c01c0444 ffffffff c009b7a0 c4484220 c52af1e0 4091d000 c011a3cd c5f7be00
Nov 13 22:20:06 kalahari kernel: c53361c0 ffffffff fffffffc 00000000 c5ff1e20 c0110411 c53361c0 c284a000
Nov 13 22:20:06 kalahari kernel: c01153c6 c53361c0 c284a000 ffffffff fffffffc 00000000 c011552e 00000000
Nov 13 22:20:06 kalahari kernel: Call Trace: [<c01c0444>] [<c011a3cd>] [<c0110411>] [<c01153c6>] [<c011552e>] [<c0109242>]
Nov 13 22:20:06 kalahari kernel: Code: c7 05 00 00 00 00 00 00 00 00 83 c4 10 5b 5e c3 89 f6 53 8b

Using `/System.map' to map addresses to symbols.

>>EIP: c012e2da <dput+e2/f4>
Trace: c01c0444 <tvecs+20c0/8739>
Trace: c011a3cd <exit_mmap+b1/d8>
Trace: c0110411 <mmput+19/30>
Trace: c01153c6 <do_exit+96/1f0>
Trace: c011552e <sys_exit+e/10>
Trace: c0109242 <system_call+3a/40>
Code: c012e2da <dput+e2/f4>
Code: c012e2da <dput+e2/f4> c7 05 00 00 00 movl $0x0,0x0
Code: c012e2df <dput+e7/f4> 00 00 00 00 00
Code: c012e2ea <dput+f2/f4> 83 c4 10 addl $0x10,%esp
Code: c012e2ed <d_invalidate+1/2c> 5b popl %ebx
Code: c012e2ee <d_invalidate+2/2c> 5e popl %esi
Code: c012e2ef <d_invalidate+3/2c> c3 ret
Code: c012e2f0 <d_invalidate+4/2c> 89 f6 movl %esi,%esi
Code: c012e2f2 <d_invalidate+6/2c> 53 pushl %ebx
Code: c012e2f3 <d_invalidate+7/2c> 8b 00 movl (%eax),%eax
Code: c012e2fb <d_invalidate+f/2c> 90 nop
Code: c012e2fc <d_invalidate+10/2c> 90 nop
Code: c012e2fd <d_invalidate+11/2c> 90 nop