Most recent kernel where this bug did *NOT* occur: No info Distribution: Ubuntu 7.04 amd64 Hardware Environment: Acer Aspire 5101 AWLMi Software Environment: Ubuntu Linux 7.04 AMD64 Problem Description: Probably this bug is a dublicate of #7711, but the dmesg output differs somehow. So when inserting pcmcia cf reader with a cf card in it I get the following dmesg output: [ 267.670692] pccard: PCMCIA card inserted into slot 0 [ 267.670698] cs: memory probe 0x0c0000-0x0fffff: excluding 0xc0000-0xcffff 0xe0000-0xfffff [ 267.675119] cs: memory probe 0x30000000-0x33ffffff: excluding 0x30000000- 0x33ffffff [ 267.675137] cs: memory probe 0x60000000-0x60ffffff: clean. [ 267.683202] cs: memory probe 0xa0000000-0xa0ffffff: clean. [ 267.691279] cs: memory probe 0xd0200000-0xd02fffff: excluding 0xd0200000- 0xd021ffff [ 267.698541] pcmcia: registering new device pcmcia0.0 [ 267.913779] Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: [ 267.913784] [<ffffffff80222ef2>] dma_alloc_coherent+0x52/0x240 [ 267.913792] PGD 18c12067 PUD 18c16067 PMD 0 [ 267.913795] Oops: 0000 [1] SMP [ 267.913798] CPU 0 [ 267.913799] Modules linked in: pata_pcmcia wlan_tkip ipv6 binfmt_misc rfcomm l2cap bluetooth fglrx(P) ppdev powernow_k8 cpufreq_conservative cpufreq_stats cpufreq_ondemand freq_table cpufreq_userspace cpufreq_powersave dev_acpi tc1100_wmi sony_acpi pcc_acpi sbs i2c_ec dock container asus_acpi button video batt ery ac backlight parport_pc lp parport fuse joydev pcmcia snd_hda_intel snd_hda_codec snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_mid i snd_rawmidi snd_seq_midi_event snd_seq yenta_socket rsrc_nonstatic pcmcia_core snd_timer snd_seq_device wlan_scan_sta sdhci ath_rate_sample pcspkr psmouse k8temp mmc_core serio_raw i2c_piix4 ath_pci wlan snd soundcore i2c_core shpchp pci_hotplug snd_page_alloc ath_hal(P) af_packet tsdev evdev ext3 jbd mbcache 8 139cp ide_cd cdrom ide_disk atiixp generic 8139too mii ehci_hcd ata_generic libata scsi_mod ohci_hcd usbcore thermal processor fan fbcon tileblit font bitbli t softcursor vesafb cfbcopyarea cfbimgblt cfbfillrect capability commoncap [ 267.913850] Pid: 5809, comm: modprobe Tainted: P 2.6.20-15-generic #2 [ 267.913853] RIP: 0010:[<ffffffff80222ef2>] [<ffffffff80222ef2>] dma_alloc_coherent+0x52/0x240 [ 267.913860] RSP: 0000:ffff810001869748 EFLAGS: 00010206 [ 267.913862] RAX: 0000000000000000 RBX: 00000000000010d0 RCX: 00000000000010d4 [ 267.913865] RDX: 00000000ffffffff RSI: 0000000000000800 RDI: ffff810005c9a0c0 [ 267.913868] RBP: 00000000000000d0 R08: 0000000000000000 R09: ffff810005f9bc80 [ 267.913871] R10: 00000000fffffffc R11: 0000000000000001 R12: 00000000000007ff [ 267.913874] R13: 00000000ffffffff R14: ffff810005c9a0c0 R15: 0000000000000800 [ 267.913878] FS: 00002b2ea423a6f0(0000) GS:ffffffff8054e000(0000) knlGS:0000000000000000 [ 267.913881] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 267.913883] CR2: 0000000000000000 CR3: 0000000018d2a000 CR4: 00000000000006e0 [ 267.913887] Process modprobe (pid: 5809, threadinfo ffff810001868000, task ffff81001bc93040) [ 267.913889] Stack: ffff810018ce0558 ffff810005f9bc98 00000000000000d0 0000000000000000 [ 267.913895] ffff810018ce0558 0000000000000800 ffff810005c9a0c0 ffffffff803aa35b [ 267.913899] 0000000000000002 ffff810018ce0520 ffff810005c9a0c0 000000000001a10e [ 267.913903] Call Trace: [ 267.913915] [<ffffffff803aa35b>] dmam_alloc_coherent+0x5b/0xb0 [ 267.913940] [<ffffffff8809ab46>] :libata:ata_port_start+0x26/0x70 [ 267.913957] [<ffffffff8809f70b>] :libata:ata_device_add+0x23b/0x540 [ 267.913974] [<ffffffff884be4dc>] :pata_pcmcia:pcmcia_init_one+0x47c/0x4f0 [ 267.914093] [<ffffffff80309ff9>] sysfs_make_dirent+0x29/0xb0 [ 267.914106] [<ffffffff88314936>] :pcmcia:pcmcia_device_probe+0xd6/0x150 [ 267.914118] [<ffffffff803a6ad5>] really_probe+0xe5/0x190 [ 267.914126] [<ffffffff803a6dac>] __driver_attach+0x7c/0xd0 [ 267.914132] [<ffffffff803a6d30>] __driver_attach+0x0/0xd0 [ 267.914136] [<ffffffff803a5d29>] bus_for_each_dev+0x49/0x80 [ 267.914147] [<ffffffff803a612e>] bus_add_driver+0x7e/0x1e0 [ 267.914156] [<ffffffff802ac395>] sys_init_module+0x1905/0x1ab0 [ 267.914176] [<ffffffff802315a1>] __up_write+0x21/0x130 [ 267.914193] [<ffffffff8026111e>] system_call+0x7e/0x83 [ 267.914206] [ 267.914207] [ 267.914208] Code: 4c 23 28 49 39 d5 0f 46 d9 49 c1 ec 0b 90 4c 89 e0 ba ff ff [ 267.914216] RIP [<ffffffff80222ef2>] dma_alloc_coherent+0x52/0x240 [ 267.914221] RSP <ffff810001869748> [ 267.914223] CR2: 0000000000000000 [ 267.914225] Please fix it. Steps to reproduce: plug a pcmcia compact flash reader in a pcmcia slot, and inspect dmesg.
Created attachment 11384 [details] HW info of my laptop
Could you please verify that the same thing happens if the fglrx driver has never been loaded (it surely will, but stranger things have happened) Thanks.
Created attachment 11386 [details] dmesg of i386 system Yes the bug is there if no fglrx loaded. I've booted from ubuntu's livecd (there is bo fglrx by default) and could not mount CF either. Dmesg is the same. I can post it if needed. Nevertheless I've just tried i386 version of Ubuntu 7.04 and CF mounts perfectly in it. I've attached the corresponding part of dmesg - it seems that everything is fine in 32bit kernel.
Created attachment 11387 [details] dmesg of i386 system Yes the bug is there if no fglrx loaded. I've booted from ubuntu's livecd (there is bo fglrx by default) and could not mount CF either. Dmesg is the same. I can post it if needed. Nevertheless I've just tried i386 version of Ubuntu 7.04 and CF mounts perfectly in it. I've attached the corresponding part of dmesg - it seems that everything is fine in 32bit kernel.
Hmm... It seems to be a bug in x86_64 dma_alloc_coherent() not in libata. Cc'ing Andi. Andi, what do you think?
x86_64 seems to object to the DMA API's being used with a platform device. I don't see why onr eading the code so maybe its misleading. Can you remove the line which says .port_start = ata_port_start recompile and see what happens ?
Alan, where should I change this line (which file)? Thank you.
drivers/ata/pata_pcmcia.c
Any updates on this problem? Andrey, did you get chance to test according to #6? Thanks.
I'm suffering from the same bug on my Lenovo thinkpad T61 running Fedora 7 x86_64, both with the current Fedora and vanilla 2.6.21.6 kernel. I tried the suggestion from #6 but still get an Oops, although in a slightly different place: Jul 22 11:06:15 thinkpad kernel: pccard: PCMCIA card inserted into slot 0 Jul 22 11:06:15 thinkpad kernel: cs: memory probe 0x0c0000-0x0fffff: excluding 0xc0000-0xd3fff 0xe0000-0xfffff Jul 22 11:06:15 thinkpad kernel: cs: memory probe 0x60000000-0x60ffffff: excluding 0x60000000-0x60ffffff Jul 22 11:06:15 thinkpad kernel: cs: memory probe 0xa0000000-0xa0ffffff: excluding 0xa0000000-0xa0ffffff Jul 22 11:06:15 thinkpad kernel: cs: memory probe 0xf4000000-0xf7ffffff: excluding 0xf4000000-0xf7ffffff Jul 22 11:06:15 thinkpad kernel: cs: memory probe 0xf8300000-0xfbffffff: excluding 0xf8300000-0xf86cffff 0xf8e70000-0xf923ffff 0xf9db0000-0xfa17ffff 0xfacf0000-0xfb0bffff Jul 22 11:06:15 thinkpad kernel: pcmcia: registering new device pcmcia0.0 Jul 22 11:06:15 thinkpad kernel: Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: Jul 22 11:06:15 thinkpad kernel: [<0000000000000000>] Jul 22 11:06:15 thinkpad kernel: PGD 1086b4067 PUD 1086b8067 PMD 0 Jul 22 11:06:15 thinkpad kernel: Oops: 0010 [1] SMP Jul 22 11:06:15 thinkpad kernel: CPU 1 Jul 22 11:06:15 thinkpad kernel: Modules linked in: pata_pcmcia i915 drm autofs4 hidp rfcomm l2cap nf_conntrack_netbios_ns nf_conntrack_ipv4 xt_state nf_conntrack nfnetlink ipt_REJECT iptable_filter ip_tables xt_tcpudp ip6t_REJECT ip6table_filter ip6_tables x_tables cpufreq_ondemand acpi_cpufreq dm_mirror dm_multipath dm_mod video sbs ibm_acpi i2c_ec button bay dock battery ac ipv6 parport_pc lp parport loop uinput arc4 ecb blkcipher snd_hda_intel snd_hda_codec snd_seq_dummy snd_seq_oss snd_seq_midi_event sdhci snd_seq snd_seq_device hci_usb snd_pcm_oss snd_mixer_oss serio_raw snd_pcm iwl4965 mmc_core snd_timer mac80211 cfg80211 bluetooth snd soundcore pcspkr i2c_i801 snd_page_alloc i2c_core e1000 shpchp sg usb_storage ata_piix ata_generic libata sd_mod scsi_mod ehci_hcd ohci_hcd uhci_hcd Jul 22 11:06:15 thinkpad kernel: Pid: 3010, comm: modprobe Not tainted 2.6.21.6 #5 Jul 22 11:06:15 thinkpad kernel: RIP: 0010:[<0000000000000000>] [<0000000000000000>] Jul 22 11:06:15 thinkpad kernel: RSP: 0000:ffff8101086b1800 EFLAGS: 00010246 Jul 22 11:06:15 thinkpad kernel: RAX: ffffffff8839f920 RBX: ffff810112e4c000 RCX: 0000000000000000 Jul 22 11:06:15 thinkpad kernel: RDX: 0000000000000000 RSI: ffff8101086b1928 RDI: ffff810112e4c538 Jul 22 11:06:15 thinkpad kernel: RBP: ffff810112e4c538 R08: 0000000000000000 R09: ffff810112e4cbc8 Jul 22 11:06:15 thinkpad kernel: R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 Jul 22 11:06:15 thinkpad kernel: R13: ffff810108732000 R14: ffff8101086b1888 R15: ffff81012b9731e8 Jul 22 11:06:15 thinkpad kernel: FS: 00002b1f9e059250(0000) GS:ffff81010388d740(0000) knlGS:0000000000000000 Jul 22 11:06:15 thinkpad kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b Jul 22 11:06:15 thinkpad kernel: CR2: 0000000000000000 CR3: 0000000108736000 CR4: 00000000000006e0 Jul 22 11:06:15 thinkpad kernel: Process modprobe (pid: 3010, threadinfo ffff8101086b0000, task ffff8101086b37c0) Jul 22 11:06:15 thinkpad kernel: Stack: ffffffff8805523c 000000000001710e ffffffff803af9d8 ffff81012c67b0c0 Jul 22 11:06:15 thinkpad kernel: 00000010394009a8 0000000000000000 000000000000710e 0000000000000282 Jul 22 11:06:15 thinkpad kernel: 00000000ffffffed ffff81012c67b000 000000000001710e ffff810108732000 Jul 22 11:06:15 thinkpad kernel: Call Trace: Jul 22 11:06:15 thinkpad kernel: [<ffffffff8805523c>] :libata:ata_device_add+0x20b/0x4bb Jul 22 11:06:15 thinkpad kernel: [<ffffffff803af9d8>] devres_add+0x32/0x45 Jul 22 11:06:15 thinkpad kernel: [<ffffffff8839d4c6>] :pata_pcmcia:pcmcia_init_one+0x47a/0x4e4 Jul 22 11:06:15 thinkpad kernel: [<ffffffff803b701e>] pcmcia_device_probe+0xc8/0x127 Jul 22 11:06:15 thinkpad kernel: [<ffffffff803ac5df>] really_probe+0xc5/0x14a Jul 22 11:06:15 thinkpad kernel: [<ffffffff803ac847>] __driver_attach+0x90/0xcd Jul 22 11:06:15 thinkpad kernel: [<ffffffff803ac7b7>] __driver_attach+0x0/0xcd Jul 22 11:06:15 thinkpad kernel: [<ffffffff803ac7b7>] __driver_attach+0x0/0xcd Jul 22 11:06:15 thinkpad kernel: [<ffffffff803aba7f>] bus_for_each_dev+0x43/0x6e Jul 22 11:06:15 thinkpad kernel: [<ffffffff803abdc1>] bus_add_driver+0x6b/0x18d Jul 22 11:06:15 thinkpad kernel: [<ffffffff8029b8ac>] sys_init_module+0x164a/0x17ac Jul 22 11:06:15 thinkpad kernel: [<ffffffff802ab5ac>] audit_syscall_entry+0x141/0x174 Jul 22 11:06:15 thinkpad kernel: [<ffffffff8025729c>] tracesys+0xdc/0xe1 Jul 22 11:06:15 thinkpad kernel: Jul 22 11:06:15 thinkpad kernel: Jul 22 11:06:15 thinkpad kernel: Code: Bad RIP value. Jul 22 11:06:15 thinkpad kernel: RIP [<0000000000000000>] Jul 22 11:06:15 thinkpad kernel: RSP <ffff8101086b1800> Jul 22 11:06:15 thinkpad kernel: CR2: 0000000000000000 Jul 22 11:06:19 thinkpad kernel: pccard: card ejected from slot 0
Created attachment 12094 [details] working patch I've taken a look at the sources, and not setting port_start clearly yields a NULL dereference since ata_device_add calls ap->ops->port_start(ap);. However, setting port_start/_stop to dummy functions does work, see the accompanying patch. With my pata_pcmcia.patch, plugging in my pcmcia compact flash reader works. I successfully read multiple GB of data from 2 different CF cards. Is this patch correct for other pcmcia pata devices? It always disables DMA. Now my pcmcia card reader never used DMA, so thats fine, but what about other devices?
From the oops it looks like dev->dma_mask is NULL u64 *dma_mask; /* dma mask (if dma'able device) */ Clearly passing a non DMA able device to dma_alloc_coherent doesn't make sense. Anyways I can add a check for that and fall back to ISA DMA in this caxe, but it might be better to fix the callers to pass a real device with a dma mask. If you want to do ISA DMA and don't know your device please pass NULL.
pcmcia no longer tries to do DMA allocs in this case. For the more general case it seems to be an issue for the pcmcia driver layer to fix not libata.
>>>Any updates on this problem? Andrey, did you get chance to test according to #6? >>>Thanks. Sorry for not answering for a long time. Yes, I've tried suggestions from the post #6 -> nothing changed. For some reasons I had to switch to 32-bit, but now I'm back to 64bit, so I'm at your srvice again.
Closing this bug - fixed in 2.6.22