Bug 3073

Summary: (IRDA) oops when trying to modprobe nsc-ircc irda driver
Product: Drivers Reporter: the_nihilant
Component: NetworkAssignee: Jeff Garzik (jgarzik)
Status: REJECTED INSUFFICIENT_DATA    
Severity: normal CC: bunk, jt
Priority: P2    
Hardware: i386   
OS: Linux   
Kernel Version: 2.6.7-bk20+isa Subsystem:
Regression: --- Bisected commit-id:

Description the_nihilant 2004-07-15 08:53:06 UTC 
Distribution: debian unstable (amd64)
Hardware Environment: acer aspire 1501lce 
Software Environment: 
Problem Description: 
kernel oops

nsc-ircc, Found chip at base=0x02e
nsc-ircc, driver loaded (Dag Brattli)
Unable to handle kernel NULL pointer dereference at 00000000000000b0 RIP:
<ffffffffa01a1263>{:nsc_ircc:nsc_ircc_open+355}
PML4 16a2c067 PGD 16ad7067 PMD 0
Oops: 0000 [1] PREEMPT
CPU 0
Modules linked in: nsc_ircc irda crc16 ipv6 parport_pc lp parport
usb_storage snd_via82xx snd_ac97_codec snd_mpu401_uart snd_rawmidi
snd_seq_device ehci_hcd eth1394 uhci_hcd tg3 ohci1394 ieee1394 snd_pcm_oss
snd_pcm snd_page_alloc snd_timer snd_mixer_oss snd
Pid: 2582, comm: modprobe Not tainted 2.6.7-bk20+isa
RIP: 0010:[<ffffffffa01a1263>]
<ffffffffa01a1263>{:nsc_ircc:nsc_ircc_open+355}
RSP: 0018:0000010016a75ea8  EFLAGS: 00010212
RAX: 0000000000000000 RBX: 000001001dee5638 RCX: 0000000000000008
RDX: 000001001dee5730 RSI: 0000000000000007 RDI: 00000000000000ff
RBP: 000001001dee54a0 R08: 000000000000000c R09: 000001001dee5670
R10: 0000000000000001 R11: 0000000000000001 R12: 000001001dee5140
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  0000002a958fd380(0000) GS:ffffffff80548d40(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00000000000000b0 CR3: 0000000000101000 CR4: 00000000000006e0
Process modprobe (pid: 2582, threadinfo 0000010016a74000, task
000001001f68b290)
Stack: 0000000000000000 ffffffffa019f970 0000010016a75ed8 0000000000000000
       00000000ffffffed ffffffffa01a10b9 000000000000002e 00000000000002f8
       0000000000000000 0000000000000003
Call Trace:<ffffffffa01a10b9>{:nsc_ircc:nsc_ircc_init+185}
<ffffffff8014e351>{sys_init_module+321}
       <ffffffff801118aa>{system_call+126}

Code: 48 81 3c 25 b0 00 00 00 c0 5d 3f 80 74 0f 0f 0b de d0 19 a0
RIP <ffffffffa01a1263>{:nsc_ircc:nsc_ircc_open+355} RSP <0000010016a75ea8>
CR2: 00000000000000b0

on an x86_64 system. (I had to modify Kconfig in arch/x86_64 to be able to
compile this module, since it depends on ISA support)

I tried to locate where the bug could be(via MESSAGE()), and it seems here:
        self->rx_buff.head =
                dma_alloc_coherent(NULL, self->rx_buff.truesize,
                                   &self->rx_buff_dma, GFP_KERNEL);
(line 331)

the driver in plain 2.6.7 used kmalloc there and it worked fine

Steps to reproduce:

modprobe nsc-ircc
Comment 1 the_nihilant 2004-07-15 09:02:15 UTC 
*** Bug 3074 has been marked as a duplicate of this bug. ***
Comment 2 the_nihilant 2004-07-15 09:03:47 UTC 
*** Bug 3075 has been marked as a duplicate of this bug. ***
Comment 3 the_nihilant 2004-07-15 09:05:09 UTC 
*** Bug 3076 has been marked as a duplicate of this bug. ***
Comment 4 Adrian Bunk 2006-01-01 04:37:11 UTC 
Is this issue still present in kernel 2.6.14?
Comment 5 Adrian Bunk 2006-04-15 02:28:47 UTC 
I'm assuming this issue is already fixed in recent 2.6 kernels.

Please reopen this bug if it's still present iin 2.6.16.5.