Ubuntu
linux package

Bug #659449
Comment #5

Comment 5 for bug 659449

Revision history for this message

Peter Struhar (struhlo) wrote on 2010-11-30:

hello All,

same for me with Asus EeeBox 1501 with ubuntu 10.10 i386.

lirc_dev crashes after ioctl is called, see strace and related kernel crash ooops.

lircd strace :
( run as # strace -s 256 -f -v -t -o /tmp/lirc.trace.out -p 2202 )
2202 21:54:18 select(5, [4], NULL, NULL, NULL) = 1 (in [4])
2202 21:54:23 gettimeofday({1291150463, 142991}, NULL) = 0
2202 21:54:23 accept(4, {sa_family=AF_FILE, NULL}, [2]) = 5
2202 21:54:23 setsockopt(5, SOL_SOCKET, SO_LINGER, {onoff=0, linger=0}, 8) = 0
2202 21:54:23 fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR)
2202 21:54:23 fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0
2202 21:54:23 time(NULL) = 1291150463
2202 21:54:23 send(6, "<29>Nov 30 21:54:23 lircd-0.8.7[2202]: accepted new client on /var/run/lirc/lircd", 81, MSG_NOSIGNAL) = 81
2202 21:54:23 stat64("/dev/lirc0", {st_dev=makedev(0, 5), st_ino=7983, st_mode=S_IFCHR|0600, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=0, st_rdev=makedev(61, 0), st_atime=2010/11/30-21:16:42, st_mtime=2010/11/30-21:16:42, st_ctime=2010/11/30-21:16:42}) = 0
2202 21:54:23 open("/dev/lirc0", O_RDWR) = 7
2202 21:54:23 ioctl(7, I2OGETIOPS <unfinished ...>
2202 21:54:23 +++ killed by SIGKILL +++

kernel oops :
[ 2285.164593] BUG: unable to handle kernel NULL pointer dereference at 0000005c
[ 2285.164609] IP: [<fcd9e48b>] irctl_ioctl+0x2b/0x310 [lirc_dev]
[ 2285.164625] *pdpt = 0000000033a0d001 *pde = 0000000000000000
[ 2285.164635] Oops: 0000 [#7] SMP
[ 2285.164641] last sysfs file: /sys/devices/pci0000:00/0000:00:16.0/0000:04:00.0/irq
[ 2285.164649] Modules linked in: ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack xt_tcpudp xt_multiport iptable_filter ip_tables x_tables lirc_it87 lirc_dev nvidia(P) snd_hda_codec_nvhdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi arc4 snd_seq_midi_event snd_seq ath9k snd_timer snd_seq_device ath9k_common snd psmouse ath9k_hw eeepc_wmi i2c_nforce2 ath mac80211 soundcore serio_raw agpgart lp sparse_keymap cfg80211 snd_page_alloc xhci_hcd asus_atk0110 shpchp led_class parport r8169 ahci libahci mii usb_storage
[ 2285.164734]
[ 2285.164743] Pid: 2202, comm: lircd Tainted: P D 2.6.35-23-generic-pae #41-Ubuntu EB1501/EB1501
[ 2285.164750] EIP: 0060:[<fcd9e48b>] EFLAGS: 00010246 CPU: 0
[ 2285.164758] EIP is at irctl_ioctl+0x2b/0x310 [lirc_dev]
[ 2285.164764] EAX: 00000000 EBX: 80046900 ECX: 08062368 EDX: 80046900
[ 2285.164770] ESI: f3236f80 EDI: 00000000 EBP: f3159f50 ESP: f3159f2c
[ 2285.164777] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 2285.164783] Process lircd (pid: 2202, ti=f3158000 task=f6ad1960 task.ti=f3158000)
[ 2285.164788] Stack:
[ 2285.164792] 00000000 00000000 00000000 00000000 08062368 00000000 f3236f80 08062368
[ 2285.164806] <0> 80046900 f3159f6c c02309c2 00000000 fcd9e460 f3236f80 00000007 08062368
[ 2285.164820] <0> f3159f8c c0231259 00000000 f3159fb4 f6ad1960 f3236f80 00000007 08062368
[ 2285.164837] Call Trace:
[ 2285.164852] [<c02309c2>] ? vfs_ioctl+0x32/0xb0
[ 2285.164861] [<fcd9e460>] ? irctl_ioctl+0x0/0x310 [lirc_dev]
[ 2285.164870] [<c0231259>] ? do_vfs_ioctl+0x79/0x2d0
[ 2285.164879] [<c0231517>] ? sys_ioctl+0x67/0x80
[ 2285.164889] [<c0112818>] ? syscall_trace_leave+0x48/0xc0
[ 2285.164899] [<c05f0a14>] ? syscall_call+0x7/0xb
[ 2285.164903] Code: 55 89 e5 83 ec 24 89 5d f4 89 75 f8 89 7d fc 0f 1f 44 00 00 89 c6 89 d3 89 4d ec 8b 78 70 a1 94 00 da fc 85 c0 0f 85 ab 02 00 00 <8b> 47 5c 85 c0 74 2e 8b 40 24 85 c0 89 45 f0 74 24 8b 4d ec 89
[ 2285.164981] EIP: [<fcd9e48b>] irctl_ioctl+0x2b/0x310 [lirc_dev] SS:ESP 0068:f3159f2c
[ 2285.164993] CR2: 000000000000005c
[ 2285.165000] ---[ end trace 7967f874d921bfbc ]---

lirc_itdev and lirc_it87 and lircd were used from distro lircd modules/bins and also tried latest 0.8.7 sources from lirc project page.

root@babylon9:/opt/lirc/sbin# grep lirc /proc/interrupts
5: 4316 0 0 0 IO-APIC-edge lirc_it87

modules loaded via :
/etc/modprobe.d/lirc.conf
alias char-major-61 lirc_dev
options lirc_it87 irq=05 io=0x2f8 digimatrix=1
install lirc_it87 echo activate > /sys/devices/pnp0/00:09/resources ; modprobe --ignore-install lirc_it87 $CMDLINE_OPTS

hello All,

same for me with Asus EeeBox 1501 with ubuntu 10.10 i386.

lirc_dev crashes after ioctl is called, see strace and related kernel crash ooops.

lircd strace :
( run as # strace -s 256 -f -v -t -o /tmp/lirc.trace.out -p 2202 )
2202  21:54:18 select(5, [4], NULL, NULL, NULL) = 1 (in [4])
2202  21:54:23 gettimeofday({1291150463, 142991}, NULL) = 0
2202  21:54:23 accept(4, {sa_family=AF_FILE, NULL}, [2]) = 5
2202  21:54:23 setsockopt(5, SOL_SOCKET, SO_LINGER, {onoff=0, linger=0}, 8) = 0
2202  21:54:23 fcntl64(5, F_GETFL)      = 0x2 (flags O_RDWR)
2202  21:54:23 fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0
2202  21:54:23 time(NULL)               = 1291150463
2202  21:54:23 send(6, "<29>Nov 30 21:54:23 lircd-0.8.7[2202]: accepted new client on /var/run/lirc/lircd", 81, MSG_NOSIGNAL) = 81
2202  21:54:23 stat64("/dev/lirc0", {st_dev=makedev(0, 5), st_ino=7983, st_mode=S_IFCHR|0600, st_nlink=1, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=0, st_rdev=makedev(61, 0), st_atime=2010/11/30-21:16:42, st_mtime=2010/11/30-21:16:42, st_ctime=2010/11/30-21:16:42}) = 0
2202  21:54:23 open("/dev/lirc0", O_RDWR) = 7
2202  21:54:23 ioctl(7, I2OGETIOPS <unfinished ...>
2202  21:54:23 +++ killed by SIGKILL +++

kernel oops :
[ 2285.164593] BUG: unable to handle kernel NULL pointer dereference at 0000005c
[ 2285.164609] IP: [<fcd9e48b>] irctl_ioctl+0x2b/0x310 [lirc_dev]
[ 2285.164625] *pdpt = 0000000033a0d001 *pde = 0000000000000000 
[ 2285.164635] Oops: 0000 [#7] SMP 
[ 2285.164641] last sysfs file: /sys/devices/pci0000:00/0000:00:16.0/0000:04:00.0/irq
[ 2285.164649] Modules linked in: ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack xt_tcpudp xt_multiport iptable_filter ip_tables x_tables lirc_it87 lirc_dev nvidia(P) snd_hda_codec_nvhdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi arc4 snd_seq_midi_event snd_seq ath9k snd_timer snd_seq_device ath9k_common snd psmouse ath9k_hw eeepc_wmi i2c_nforce2 ath mac80211 soundcore serio_raw agpgart lp sparse_keymap cfg80211 snd_page_alloc xhci_hcd asus_atk0110 shpchp led_class parport r8169 ahci libahci mii usb_storage
[ 2285.164734] 
[ 2285.164743] Pid: 2202, comm: lircd Tainted: P      D     2.6.35-23-generic-pae #41-Ubuntu EB1501/EB1501
[ 2285.164750] EIP: 0060:[<fcd9e48b>] EFLAGS: 00010246 CPU: 0
[ 2285.164758] EIP is at irctl_ioctl+0x2b/0x310 [lirc_dev]
[ 2285.164764] EAX: 00000000 EBX: 80046900 ECX: 08062368 EDX: 80046900
[ 2285.164770] ESI: f3236f80 EDI: 00000000 EBP: f3159f50 ESP: f3159f2c
[ 2285.164777]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 2285.164783] Process lircd (pid: 2202, ti=f3158000 task=f6ad1960 task.ti=f3158000)
[ 2285.164788] Stack:
[ 2285.164792]  00000000 00000000 00000000 00000000 08062368 00000000 f3236f80 08062368
[ 2285.164806] <0> 80046900 f3159f6c c02309c2 00000000 fcd9e460 f3236f80 00000007 08062368
[ 2285.164820] <0> f3159f8c c0231259 00000000 f3159fb4 f6ad1960 f3236f80 00000007 08062368
[ 2285.164837] Call Trace:
[ 2285.164852]  [<c02309c2>] ? vfs_ioctl+0x32/0xb0
[ 2285.164861]  [<fcd9e460>] ? irctl_ioctl+0x0/0x310 [lirc_dev]
[ 2285.164870]  [<c0231259>] ? do_vfs_ioctl+0x79/0x2d0
[ 2285.164879]  [<c0231517>] ? sys_ioctl+0x67/0x80
[ 2285.164889]  [<c0112818>] ? syscall_trace_leave+0x48/0xc0
[ 2285.164899]  [<c05f0a14>] ? syscall_call+0x7/0xb
[ 2285.164903] Code: 55 89 e5 83 ec 24 89 5d f4 89 75 f8 89 7d fc 0f 1f 44 00 00 89 c6 89 d3 89 4d ec 8b 78 70 a1 94 00 da fc 85 c0 0f 85 ab 02 00 00 <8b> 47 5c 85 c0 74 2e 8b 40 24 85 c0 89 45 f0 74 24 8b 4d ec 89 
[ 2285.164981] EIP: [<fcd9e48b>] irctl_ioctl+0x2b/0x310 [lirc_dev] SS:ESP 0068:f3159f2c
[ 2285.164993] CR2: 000000000000005c
[ 2285.165000] ---[ end trace 7967f874d921bfbc ]---

lirc_itdev and lirc_it87 and lircd were used from distro lircd modules/bins and also tried latest 0.8.7 sources from lirc project page.

root@babylon9:/opt/lirc/sbin# grep lirc /proc/interrupts 
  5:       4316          0          0          0   IO-APIC-edge      lirc_it87

modules loaded via :
/etc/modprobe.d/lirc.conf 
alias char-major-61 lirc_dev
options lirc_it87 irq=05 io=0x2f8 digimatrix=1
install lirc_it87 echo activate > /sys/devices/pnp0/00:09/resources ; modprobe --ignore-install lirc_it87 $CMDLINE_OPTS

when tried ltrace :
2332 22:17:18 gettimeofday(0xbff4be20, NULL)                                                     = 0
2332 22:17:18 accept(4, 0xbff4bd1c, 0xbff4bd18, 0, 0xb75efd20)                                   = 5
2332 22:17:18 setsockopt(5, 1, 13, 0x8060470, 8)                                                 = 0
2332 22:17:18 fcntl(5, 3, 0, 0, 0xb75efd20)                                                      = 2
2332 22:17:18 fcntl(5, 4, 2050, 0, 0xb75efd20)                                                   = 0
2332 22:17:18 __errno_location()                                                                 = 0xb75e9898
2332 22:17:18 __vsyslog_chk(5, 1, 0x805acd1, 0xbff4bd08, 5)                                      = 8937
2332 22:17:18 __xstat(3, "/dev/lirc0", 0xbff4bc24)                                               = 0
2332 22:17:18 open("/dev/lirc0", 2, 027775136044)                                                = 7
2332 22:17:18 ioctl(7, -2147194624, 0x08062368 <unfinished ...>
2332 22:17:18 +++ killed by SIGKILL +++

Ubuntulinux package

Comment 5 for bug 659449

Ubuntu
linux package