Description of problem: under certain conditions, ir-keytable causes one of the cx88* drivers to dereference a NULL pointer Version-Release number of selected component (if applicable): kernel-desktop-2.6.38.8-4.mga1 v4l-utils-0.8.3-1.mga1 How reproducible: happens occasionally BUG: unable to handle kernel NULL pointer dereference at 0000000000000050 IP: [<ffffffffa0659627>] show_protocols+0xf7/0x130 [rc_core] PGD 1e4b4067 PUD 5e1cc067 PMD 0 Oops: 0000 [#1] SMP last sysfs file: /sys/devices/pci0000:00/0000:00:1e.0/0000:01:02.2/rc/rc14/protocols CPU 0 Modules linked in: cx8802(+) videobuf_dvb lnbp21 stv0299 dvb_ttpci dvb_core saa7146_vv saa7146 ttpci_eeprom 8021q garp stp nfs fscache nfsd lockd nfs_acl auth_rpcgss sunrpc exportfs asus_atk0110 md4 blowfish cbc dm_crypt nls_utf8 isofs nls_iso8859_1 nls_cp437 vfat fat cx2341x fuse ipt_MASQUERADE ipt_LOG xt_time xt_connlimit xt_helper xt_realm xt_NFQUEUE xt_tcpmss xt_tcpudp ipt_addrtype xt_pkttype nfnetlink iptable_raw xt_TPROXY nf_tproxy_core ip6_tables nf_defrag_ipv6 xt_CLASSIFY xt_mark xt_hashlimit xt_comment ipt_REJECT xt_length xt_connmark xt_owner xt_recent xt_iprange xt_physdev xt_policy xt_multiport iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack iptable_filter ip_tables x_tables tun radeon ttm drm_kms_helper drm af_packet binfmt_misc loop dm_mod pcspkr lm85 i2c_floppy coretemp hwmon_vid wm8775 sr_mod snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_aw2 snd_hwdep snd_seq_dummy snd_seq_oss rc_rc5_hauppauge_new snd_seq_midi_event snd_seq snd_seq_device lirc_dev ir_sony_decoder ir_jvc_decoder ppdev cx88_alsa ir_rc6_decoder snd_pcm_oss ir_rc5_decoder snd_pcm ir_nec_decoder cx88xx ftdi_sio evdev rc_core parport_pc i2c_algo_bit tveeprom snd_timer uas snd_mixer_oss v4l2_common i2c_i801 usbserial videodev serio_raw snd v4l2_compat_ioctl32 sg iTCO_wdt iTCO_vendor_support parport videobuf_dma_sg i2c_core videobuf_core rng_core btcx_risc usb_storage r8169 soundcore snd_page_alloc button processor mii ata_piix ahci libahci libata sd_mod scsi_mod crc_t10dif raid1 ext3 jbd uhci_hcd ohci_hcd ehci_hcd usbhid hid usbcore [last unloaded: cx88_vp3054_i2c] Pid: 7726, comm: ir-keytable Not tainted 2.6.38.8-desktop-1.mga #1 System manufacturer System Product Name/P5GC RIP: 0010:[<ffffffffa0659627>] [<ffffffffa0659627>] show_protocols+0xf7/0x130 [rc_core] RSP: 0018:ffff880074f27e38 EFLAGS: 00010202 RAX: 0000000000000000 RBX: ffffffffa065c0c0 RCX: ffffffffa0659530 RDX: ffff88007a304000 RSI: ffffffffa065c0c0 RDI: ffff880044cc1000 RBP: ffff880074f27e68 R08: ffffffff814ac0c0 R09: 0000000000000000 R10: 0000000000000001 R11: dead000000100100 R12: ffff88007a304000 R13: ffff880074f27f48 R14: 0000000000001000 R15: 00007fb69f523000 FS: 00007fb69f50e700(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000050 CR3: 000000005762d000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process ir-keytable (pid: 7726, threadinfo ffff880074f26000, task ffff88006236c470) Stack: 0000000000000000 ffffffffa065c0c0 ffff88006dfe68c0 ffff880074f27f48 0000000000001000 00007fb69f523000 ffff880074f27e98 ffffffff812f4087 ffff880074f27e88 ffffffff81105e4e ffff880074f27e98 ffff88006dfe68a0 Call Trace: [<ffffffff812f4087>] dev_attr_show+0x27/0x50 [<ffffffff81105e4e>] ? __get_free_pages+0xe/0x50 [<ffffffff811cad47>] sysfs_read_file+0x107/0x1d0 [<ffffffff81158db3>] vfs_read+0xc3/0x180 [<ffffffff81158ec1>] sys_read+0x51/0x90 [<ffffffff8100be92>] system_call_fastpath+0x16/0x1b Code: 5c 41 5d 41 5e 41 5f c9 c3 eb 01 90 49 8b 96 68 b4 65 a0 48 c7 c6 a3 b5 65 a0 eb ac eb 06 90 90 90 90 90 90 48 8b 87 b0 02 00 00 <4c> 8b 68 50 e8 00 1a 00 00 48 89 c3 e9 3f ff ff ff 4c 89 e9 48 RIP [<ffffffffa0659627>] show_protocols+0xf7/0x130 [rc_core] RSP <ffff880074f27e38> CR2: 0000000000000050 ---[ end trace 742fd480f6785dd0 ]---
Assignee: bugsquad => thierry.vignaud
sorry :)
Assignee: thierry.vignaud => tmb
hmm .. about what?
I had assigned the bug to the wrong maintainer ;) https://bugs.mageia.org/show_activity.cgi?id=2460
Pinging, because nothing has happened with this report for more than 3 months, it still has the status NEW or REOPENED. @ Herbert Please close this bug if it isn't valid any more with latest kernel (2.6.38.8-10.mga1), but if it is, change version number in the RPM Package field @ Thomas Please set status to ASSIGNED if you think this bug was assigned correctly. If for work flow reasons you can't do that, then please put OK on the whiteboard instead. Don't change anything if you want to be pinged by me in this report again ;)
CC: (none) => marja11
Please look at the bottom of this mail to see whether you're the assignee of this bug, if you don't already know whether you are. If you're the assignee: We'd like to know for sure whether this bug was assigned correctly. Please change status to ASSIGNED if it is, or put OK on the whiteboard instead. If you don't have a clue and don't see a way to find out, then please put NEEDHELP on the whiteboard. Please assign back to Bug Squad or to the correct person to solve this bug if we were wrong to assign it to you, and explain why. Thanks :) **************************** @ the reporter and persons in the cc of this bug: If you have any new information that wasn't given before (like this bug being valid for another version of Mageia, too, or it being solved) please tell us. @ the reporter of this bug If you didn't reply yet to a request for more information, please do so within two weeks from now. Thanks all :-D
This message is a reminder that Mageia 1 is nearing its end of life. In approximately 25 days from now, Mageia will stop maintaining and issuing updates for Mageia 1. At that time this bug will be closed as WONTFIX (EOL) if it remains open with a Mageia 'version' of '1'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version prior to Mageia 1's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Mageia 1 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete. -- Mageia Bugsquad
Mageia 1 changed to end-of-life (EOL) status on ''1st December''. Mageia 1 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Mageia please feel free to click on "Version" change it against that version of Mageia and reopen this bug. Thank you for reporting this bug and we are sorry it could not be fixed. -- Mageia Bugsquad
Status: NEW => RESOLVEDResolution: (none) => WONTFIX