Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 187822 - app-misc/lirc-0.8.2 + kernel-2.6.22 + PVR-150, lirc_i2c fails with segfault
Summary: app-misc/lirc-0.8.2 + kernel-2.6.22 + PVR-150, lirc_i2c fails with segfault
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Television related Applications in Gentoo's Portage
URL: http://forums.gentoo.org/viewtopic-t-...
Whiteboard:
Keywords: STABLEREQ
Depends on:
Blocks: kernel-2.6.22
  Show dependency tree
 
Reported: 2007-08-05 15:48 UTC by Torsten Tetteroo
Modified: 2007-09-01 11:59 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
thedopefishlives' lirc-0.8.2 patch (lirc-0.8.2-kernel-2.6.22.patch,550 bytes, patch)
2007-08-06 18:17 UTC, Torsten Tetteroo
Details | Diff
thedopefishlives' modified lirc-0.8.2.ebuild file (lirc-0.8.2.ebuild.modified,7.64 KB, text/plain)
2007-08-06 18:19 UTC, Torsten Tetteroo
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Torsten Tetteroo 2007-08-05 15:48:55 UTC
lirc modprobe fails with segfault on kernel-2.6.22, 
see http://forums.gentoo.org/viewtopic-t-571712-highlight-lirc.html

Accoring to the thread, this is a bug in lirc, not in the ebuild. The thread contains a patch, that will be part of the next lirc release. But maybe it could be used for a 0.8.2-r1 ebuild before 0.8.3 is released.

Reproducible: Always
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2007-08-05 16:10:50 UTC
Please, don't refer to forums.g.o. for bugs description. Reopen once you've posted all relevant info here.
Comment 2 Torsten Tetteroo 2007-08-06 18:15:58 UTC
Using PVR-150 and kernel-2.6.22, modprobe lirc_i2c fails as follows (dmesg output). This is taken as reported in the forum, but the same log occured on my system, too:

lirc_dev: IR Remote Control driver registered, at major 61
lirc_i2c: no version for "lirc_unregister_plugin" found: kernel tainted.
bttv: driver version 0.9.17 loaded
bttv: using 8 buffers with 2080k (520 pages) each for capture
cx2388x v4l2 driver version 0.0.6 loaded
lirc_i2c: chip found @ 0x71 (Hauppauge IR (PVR150))
BUG: unable to handle kernel NULL pointer dereference at virtual address 0000000
0
 printing eip:
c03b7f9a
*pde = 00000000
Oops: 0002 [#1]
PREEMPT
Modules linked in: cx8800 cx88xx bttv video_buf ir_common compat_ioctl32 btcx_ri
sc lirc_i2c(F) lirc_dev realtime wm8775 cx25840 tuner nvidia(P) i2c_viapro snd_e
mu10k1 snd_rawmidi snd_ac97_codec ac97_bus snd_pcm snd_seq_device snd_timer snd_
page_alloc snd_util_mem snd_hwdep snd ohci1394 ieee1394 amd64_agp agpgart emu10k
1_gp gameport ivtv firmware_class cx2341x tveeprom videodev v4l2_common v4l1_com
pat joydev
CPU:    0
EIP:    0060:[<c03b7f9a>]    Tainted: PF      VLI
EFLAGS: 00010202   (2.6.22-gentoo-r1 #2)
EIP is at __mutex_lock_slowpath+0x2a/0xc0
eax: ffffffff   ebx: dfa60055   ecx: ffffffff   edx: 00000000
esi: de522460   edi: c17eea00   ebp: dfa60059   esp: db46ac4c
ds: 007b   es: 007b   fs: 0000  gs: 0033  ss: 0068
Process modprobe (pid: 3829, ti=db46a000 task=c17eea00 task.ti=db46a000)
Stack: dfa60059 00000000 00000001 de522400 de522460 dfa60029 fffffff0 c03b7de9
       c0340a39 00000001 db46ae9f 00000282 de522400 e17c512c de52247a dfa60055
       de522400 e17c512c de52247a de522460 e17c41e5 e17c5220 00000071 de522464
Call Trace:
 [<c03b7de9>] mutex_lock+0x9/0x10
 [<c0340a39>] i2c_attach_client+0x29/0x190
 [<e17c41e5>] cleanup_module+0x1d5/0x570 [lirc_i2c]
 [<e17c4696>] init_module+0x116/0x984 [lirc_i2c]
 [<c01bd7dc>] journal_cancel_revoke+0xbc/0xe0
 [<c03412b5>] i2c_register_driver+0xd5/0x120
 [<e17c45c2>] init_module+0x42/0x984 [lirc_i2c]
 [<c0137c55>] sys_init_module+0x145/0x1740
 [<c0149a12>] __alloc_pages+0x62/0x300
 [<e17bf6d0>] lirc_register_plugin+0x0/0x4e0 [lirc_dev]
 [<c01028ce>] sysenter_past_esp+0x5f/0x85
 =======================
Code: 90 55 57 56 53 89 c3 83 ec 0c 89 e0 25 00 f0 ff ff 8b 3d 00 e0 45 c0 ff 40
 14 8d 6b 04 b8 ff ff ff ff 8b 55 04 89 2c 24 89 65 04 <89> 22 89 54 24 04 89 7c
 24 08 87 03 48 74 34 be ff ff ff ff 89
EIP: [<c03b7f9a>] __mutex_lock_slowpath+0x2a/0xc0 SS:ESP 0068:db46ac4c
note: modprobe[3829] exited with preempt_count 1 




The user thedopefishlives examined the problem. The reported result is: "The culprit is a change in the kernel from 2.6.21 to 2.6.22, where they modified the length of the "name" field in one of the i2c structures. This causes a buffer overflow in the LIRC driver."
The user has modified the lirc-0.8.2 ebuild file and created a patch for lirc, that works for me and other users. I'll attach these patches to this issue.
According to the lirc mailing list, this patch has been sent and applied.


Comment 3 Torsten Tetteroo 2007-08-06 18:17:20 UTC
Created attachment 127090 [details, diff]
thedopefishlives' lirc-0.8.2 patch
Comment 4 Torsten Tetteroo 2007-08-06 18:19:13 UTC
Created attachment 127092 [details]
thedopefishlives' modified lirc-0.8.2.ebuild file
Comment 5 Steve Dibb (RETIRED) gentoo-dev 2007-08-12 22:26:59 UTC
In CVS, thanks for the patch. :)
Comment 6 Matthias Schwarzott gentoo-dev 2007-08-13 13:55:51 UTC
Reopening, as lirc-0.8.2-r1 did not yet hit stable.
@Arch teams:
Please stable this version to solve this segfault.
It still has Bug 187418 open, but even upstream did not solve this, and we cannot do much about it. And 0.8.2-r1 has no known regressions compared to stable 0.8.1
Comment 7 Doug Goldstein (RETIRED) gentoo-dev 2007-08-13 18:47:40 UTC
amd64 stable
Comment 8 Christian Faulhammer (RETIRED) gentoo-dev 2007-08-14 08:24:01 UTC
x86 stable
Comment 9 Markus Rothe (RETIRED) gentoo-dev 2007-08-14 18:47:33 UTC
ppc64 stable
Comment 10 Joe Jezak (RETIRED) gentoo-dev 2007-09-01 11:59:44 UTC
Works on ppc with ati_usb, marked ppc stable.  Closing since we're the last arch.