Project

General

Profile

Actions
Copy link

Bug #5394

open

Kernel Oops when loading com_on_air_cs (unable to handle kernel NULL pointer dereference)

Added by kaber almost 12 years ago. Updated about 1 year ago.

Status:
New
Priority:
High
Assignee:
kaber
Category:
com-on-air drivers
Target version:
-
Start date:
01/09/2022
Due date:
% Done:

0%

Description

When loading the com_on_air_cs module, either auto loaded in-kernel or using modprobe, the loading doesn't succeed and dmesg shows the following:

[ 22.718941] com_on_air_cs 0.0: DOSCH-AMAND MMAP PCMCIA MXM500 V1.00
[ 22.758791] com_on_air_cs 0.0: Radio type LMX3161
[ 22.766869] com_on_air_cs 0.0: Loading firmware ...
[ 22.767483] BUG: unable to handle kernel NULL pointer dereference at (null)
[ 22.767599] IP: [< (null)>] (null)
[ 22.767653] *pde = 00000000
[ 22.767700] Oops: 0000 #1 SMP
[ 22.767749] last sysfs file: /sys/module/pcmcia/initstate
[ 22.767821] Modules linked in: com_on_air_cs(+) com_on_air dect_csf dect snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_seq_midi snd_rawmidi i915 snd_seq_midi_even
t pcmcia snd_seq drm_kms_helper snd_timer snd_seq_device drm snd ppdev yenta_socket parport_pc pcmcia_rsrc i2c_algo_bit soundcore intel_agp lp intel_gtt psmouse pcmcia_
core joydev video parport serio_raw dcdbas agpgart snd_page_alloc tg3 usbhid hid
[ 22.768006]
[ 22.768006] Pid: 746, comm: modprobe Not tainted 2.6.38+ #2 Dell Inc. OptiPlex? GX620 /0FH884
[ 22.768006] EIP: 0060:[<00000000>] EFLAGS: 00010246 CPU: 1
[ 22.768006] EIP is at 0x0
[ 22.768006] EAX: dd0fdddc EBX: dd0fdddc ECX: e005d39c EDX: 00000100
[ 22.768006] ESI: 00000001 EDI: 00000100 EBP: dc6c3d74 ESP: dc6c3d34
[ 22.768006] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 22.768006] Process modprobe (pid: 746, ti=dc6c2000 task=dc82cbc0 task.ti=dc6c2000)
[ 22.768006] Stack:
[ 22.768006] e005c77a ddaa9470 e005d3e7 c0406ced c0774660 c072d916 e0063534 07fd86b0
[ 22.768006] dc6c3d68 ddaa9400 0700dddc 00000004 00000020 ddaa9400 dd0fdddc 0df519bb
[ 22.768006] dc6c3dc0 e006338d ddaa9470 e00634c3 e005d422 dc5f63b0 dd7b86e0 dd7b86b8
[ 22.768006] Call Trace:
[ 22.768006] [<e005c77a>] ? sc1442x_init_device+0x35a/0x3d0 [com_on_air]
[ 22.768006] [<c0406ced>] ? dev_printk+0x3d/0x80
[ 22.768006] [<e006338d>] com_on_air_probe+0x29d/0x360 [com_on_air_cs]
[ 22.768006] [<dff2097b>] pcmcia_device_probe+0xab/0x1a0 [pcmcia]
[ 22.768006] [<c040a700>] ? driver_sysfs_add+0x20/0x90
[ 22.768006] [<c040a85f>] driver_probe_device+0x7f/0x190
[ 22.768006] [<dff21646>] ? pcmcia_bus_match+0x226/0x460 [pcmcia]
[ 22.768006] [<c040a9f1>] driver_attach+0x81/0x90
[ 22.768006] [<c0409e73>] bus_for_each_dev+0x53/0x80
[ 22.768006] [<c040a6de>] driver_attach+0x1e/0x20
[ 22.768006] [<c040a970>] ? driver_attach+0x0/0x90
[ 22.768006] [<c040a0f0>] bus_add_driver+0xc0/0x240
[ 22.768006] [<dff20780>] ? pcmcia_device_remove+0x0/0x150 [pcmcia]
[ 22.768006] [<c040acea>] driver_register+0x6a/0x130
[ 22.768006] [<c01b3ffa>] ? ftrace_process_locs+0x16a/0x270
[ 22.768006] [<dff2121e>] pcmcia_register_driver+0xae/0x130 [pcmcia]
[ 22.768006] [<c01b0c34>] ? tracepoint_module_notify+0x24/0x30
[ 22.768006] [<c05de5a3>] ? notifier_call_chain+0x43/0x60
[ 22.768006] [<e006b00d>] init_com_on_air_cs+0xd/0xf [com_on_air_cs]
[ 22.768006] [<c0101135>] do_one_initcall+0x35/0x170
[ 22.768006] [<e006b000>] ? init_com_on_air_cs+0x0/0xf [com_on_air_cs]
[ 22.768006] [<c0180da6>] sys_init_module+0x116/0x1090
[ 22.768006] [<c010301f>] sysenter_do_call+0x12/0x28
[ 22.768006] Code: Bad EIP value.
[ 22.768006] EIP: [<00000000>] 0x0 SS:ESP 0068:dc6c3d34
[ 22.768006] CR2: 0000000000000000
[ 22.814676] ---[ end trace a76f7fec01412f5e ]---

I'm using a desktop P4 with pci-to-pcmcia:
03:00.0 CardBus? bridge: ENE Technology Inc CB1410 Cardbus Controller (rev 01)

root@persephone:/usr/src/linux-2.6# lspcmcia
Socket 0 Bridge: [yenta_cardbus] (bus ID: 0000:03:00.0)
Socket 0 Device 0: [com_on_air_cs] (bus ID: 0.0)

root@persephone:/usr/src/linux-2.6# pccardctl info
PRODID_1="DOSCH-AMAND" 
PRODID_2="MMAP PCMCIA" 
PRODID_3="MXM500" 
PRODID_4="V1.00" 
MANFID=0204,0000
FUNCID=254

Modules which com_on_air_cs requested internally loaded successfully, but I'm not sure if I'm missing something here.

Actions
Copy link
 #1

Updated by kaber about 1 year ago

The LMX3161 is not supported yet. I have an unfinished patch, but didn't get it working so far.

Actions
Copy link
 #2

Updated by kaber about 1 year ago

Whoops, my bad :)

Is there a way for me to help out/getting started in testing this?
Although I'm not used to develop and debug in Linux, I should be able to find my way around in C(++) and/or navigating the data sheets

cheers,
::xopr

Actions
Copy link
 #3

Updated by kaber about 1 year ago

Well, I could send you the unfinish patch, the problem is most likely either in the radio settings or in the driver firmware. Unfortunately both are hard to debug.

Actions
Copy link
 #4

Updated by kaber about 1 year ago

I'm sure interested in seeing the patch. I'm still connecting the dots on how the code is supposed to drive the LMX3161, but I guess I have to understand the working of the SC1442x dect chip before tinkering with the radio.
My bet on testing would be a spectrum analyser, but since it's a bit expensive to buy one, and hard to find a DIY on the 1.8-1.9GHz, I'm kinda stuck there too :)
I do however have the hardware to build a second setup (unfortunately with the same chipset).

I still haven't figured out the firmware part, but then again, I haven't mapped out the whole com-on-air yet, I guess.

So if you have a patch for me to look in to, I would be pleased.
Also, if you have valuable remarks about your progress with the LMX3161, I would be grateful.

Cheers,
::xopr

Actions
Copy link

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)