lirc modprobe fails with segfault on kernel-2.6.22, see http://forums.gentoo.org/viewtopic-t-571712-highlight-lirc.html Accoring to the thread, this is a bug in lirc, not in the ebuild. The thread contains a patch, that will be part of the next lirc release. But maybe it could be used for a 0.8.2-r1 ebuild before 0.8.3 is released. Reproducible: Always
Please, don't refer to forums.g.o. for bugs description. Reopen once you've posted all relevant info here.
Using PVR-150 and kernel-2.6.22, modprobe lirc_i2c fails as follows (dmesg output). This is taken as reported in the forum, but the same log occured on my system, too: lirc_dev: IR Remote Control driver registered, at major 61 lirc_i2c: no version for "lirc_unregister_plugin" found: kernel tainted. bttv: driver version 0.9.17 loaded bttv: using 8 buffers with 2080k (520 pages) each for capture cx2388x v4l2 driver version 0.0.6 loaded lirc_i2c: chip found @ 0x71 (Hauppauge IR (PVR150)) BUG: unable to handle kernel NULL pointer dereference at virtual address 0000000 0 printing eip: c03b7f9a *pde = 00000000 Oops: 0002 [#1] PREEMPT Modules linked in: cx8800 cx88xx bttv video_buf ir_common compat_ioctl32 btcx_ri sc lirc_i2c(F) lirc_dev realtime wm8775 cx25840 tuner nvidia(P) i2c_viapro snd_e mu10k1 snd_rawmidi snd_ac97_codec ac97_bus snd_pcm snd_seq_device snd_timer snd_ page_alloc snd_util_mem snd_hwdep snd ohci1394 ieee1394 amd64_agp agpgart emu10k 1_gp gameport ivtv firmware_class cx2341x tveeprom videodev v4l2_common v4l1_com pat joydev CPU: 0 EIP: 0060:[<c03b7f9a>] Tainted: PF VLI EFLAGS: 00010202 (2.6.22-gentoo-r1 #2) EIP is at __mutex_lock_slowpath+0x2a/0xc0 eax: ffffffff ebx: dfa60055 ecx: ffffffff edx: 00000000 esi: de522460 edi: c17eea00 ebp: dfa60059 esp: db46ac4c ds: 007b es: 007b fs: 0000 gs: 0033 ss: 0068 Process modprobe (pid: 3829, ti=db46a000 task=c17eea00 task.ti=db46a000) Stack: dfa60059 00000000 00000001 de522400 de522460 dfa60029 fffffff0 c03b7de9 c0340a39 00000001 db46ae9f 00000282 de522400 e17c512c de52247a dfa60055 de522400 e17c512c de52247a de522460 e17c41e5 e17c5220 00000071 de522464 Call Trace: [<c03b7de9>] mutex_lock+0x9/0x10 [<c0340a39>] i2c_attach_client+0x29/0x190 [<e17c41e5>] cleanup_module+0x1d5/0x570 [lirc_i2c] [<e17c4696>] init_module+0x116/0x984 [lirc_i2c] [<c01bd7dc>] journal_cancel_revoke+0xbc/0xe0 [<c03412b5>] i2c_register_driver+0xd5/0x120 [<e17c45c2>] init_module+0x42/0x984 [lirc_i2c] [<c0137c55>] sys_init_module+0x145/0x1740 [<c0149a12>] __alloc_pages+0x62/0x300 [<e17bf6d0>] lirc_register_plugin+0x0/0x4e0 [lirc_dev] [<c01028ce>] sysenter_past_esp+0x5f/0x85 ======================= Code: 90 55 57 56 53 89 c3 83 ec 0c 89 e0 25 00 f0 ff ff 8b 3d 00 e0 45 c0 ff 40 14 8d 6b 04 b8 ff ff ff ff 8b 55 04 89 2c 24 89 65 04 <89> 22 89 54 24 04 89 7c 24 08 87 03 48 74 34 be ff ff ff ff 89 EIP: [<c03b7f9a>] __mutex_lock_slowpath+0x2a/0xc0 SS:ESP 0068:db46ac4c note: modprobe[3829] exited with preempt_count 1 The user thedopefishlives examined the problem. The reported result is: "The culprit is a change in the kernel from 2.6.21 to 2.6.22, where they modified the length of the "name" field in one of the i2c structures. This causes a buffer overflow in the LIRC driver." The user has modified the lirc-0.8.2 ebuild file and created a patch for lirc, that works for me and other users. I'll attach these patches to this issue. According to the lirc mailing list, this patch has been sent and applied.
Created attachment 127090 [details, diff] thedopefishlives' lirc-0.8.2 patch
Created attachment 127092 [details] thedopefishlives' modified lirc-0.8.2.ebuild file
In CVS, thanks for the patch. :)
Reopening, as lirc-0.8.2-r1 did not yet hit stable. @Arch teams: Please stable this version to solve this segfault. It still has Bug 187418 open, but even upstream did not solve this, and we cannot do much about it. And 0.8.2-r1 has no known regressions compared to stable 0.8.1
amd64 stable
x86 stable
ppc64 stable
Works on ppc with ati_usb, marked ppc stable. Closing since we're the last arch.