Bug 426669 - paging request and NULL pointer errors when switching between hardware/software MPEG2 decoders
paging request and NULL pointer errors when switching between hardware/softwa...
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
8
i386 Linux
low Severity high
: ---
: ---
Assigned To: Kernel Maintainer List
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-12-23 22:49 EST by Simon Baxter
Modified: 2009-01-09 00:36 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-09 00:36:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Simon Baxter 2007-12-23 22:49:23 EST
Description of problem:
BUG: unable to handle kernel paging request at virtual address 01d401ce
and
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000084

Version-Release number of selected component (if applicable):
2.6.23.9-85.fc8

How reproducible:
using a DVB-C Full Feature card with MPEG Decoder hardware (such as TechnoTrend
TT-2300C

Steps to Reproduce:
1. load vdr-xine or vdr-xineliboutput plugins
2. run vdr and switch between the hardware MPEG2 deoder and the xine soft MPEG2
decoder device
3. BELL and kernel errors immediately
  
Actual results:
2 different errors, depending on whether running vdr-xine or vdr-xineliboutput

Expected results:
For vdr-xine:
BUG: unable to handle kernel paging request at virtual address 01d401ce
printing eip: c047e19d *pde = 00000000
Oops: 0000 [#6] SMP
Modules linked in: via drm rfcomm l2cap bluetooth autofs4 nfs lockd nfs_acl
sunrpc ipv6 dm_mirror dm_multipath dm_mod snd_via82xx gameport stv0297
snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq
snd_pcm_oss snd_mixer_oss snd_pcm parport_pc dvb_ttpci parport dvb_core
snd_timer snd_page_alloc saa7146_vv snd_mpu401_uart video_buf saa7146
snd_rawmidi videodev snd_seq_device v4l2_common button via_rhine snd v4l1_compat
pcspkr soundcore mii ttpci_eeprom i2c_viapro firewire_ohci i2c_core
firewire_core crc_itu_t sg sr_mod cdrom pata_via ata_generic sata_via libata
sd_mod scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd
CPU:    0
EIP:    0060:[<c047e19d>]    Tainted: G      D VLI
EFLAGS: 00210002   (2.6.23.9-85.fc8 #1)
EIP is at __kmalloc_track_caller+0x68/0xa9
eax: 00000000   ebx: 01d401ce   ecx: c0735230   edx: c1032a00
esi: c0735230   edi: 00200282   ebp: 000000d0   esp: ed303d88
ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
Process gdm-binary (pid: 3472, ti=ed303000 task=ecb54000 task.ti=ed303000)
Stack: f7f68cc0 ed303dbe 000000d0 eee7547c 00000000 00000006 c046af40 ed303dd6
       eee7547c 00000000 eee7547c 00000000 00000002 c04b9668 41ed3f30 c0630e62
       eee75478 eee75478 eee7547c f7f990a8 c04b9aec 000000d0 c0700380 c0700400
Call Trace:
 [<c046af40>] kstrdup+0x2f/0x50
 [<c04b9668>] sysfs_new_dirent+0x23/0xde
 [<c04b9aec>] create_dir+0x1e/0x8c
 [<c04b9b9e>] sysfs_create_dir+0x44/0x5e
 [<c04f2c6e>] kobject_shadow_add+0xe4/0x18b
 [<c04f2fca>] kobject_set_name+0x2b/0x92
 [<c0565130>] device_add+0x87/0x51a
 [<c04f2d53>] kobject_init+0x2f/0x3f
 [<c0565b40>] device_create+0x77/0x97
 [<c0548f08>] vcs_make_sysfs+0x34/0x6e
 [<c054df14>] con_open+0x6f/0x7c
 [<c05446ba>] tty_open+0x167/0x2b6
 [<c048377e>] chrdev_open+0x111/0x14e
 [<c048366d>] chrdev_open+0x0/0x14e
 [<c047fa31>] __dentry_open+0xd5/0x18c
 [<c047fb62>] nameidata_to_filp+0x24/0x33
 [<c047fba8>] do_filp_open+0x37/0x3e
 [<c047f8e2>] get_unused_fd_flags+0x52/0xc5
 [<c047fbf7>] do_sys_open+0x48/0xca
 [<c047fcb2>] sys_open+0x1c/0x1e
 [<c040518a>] syscall_call+0x7/0xb
 =======================
Code: 00 00 00 85 d2 74 06 83 7a 0c 00 75 17 89 54 24 04 83 c9 ff 89 ea 89 f0 89
1c 24 e8 60 f0 ff ff 89 c3 eb 0d 8b 5a 0c 0f b7 42 0a <8b> 04 83 89 42 0c 89 f8
50 9d 90 8d b4 26 00 00 00 00 66 85 ed
EIP: [<c047e19d>] __kmalloc_track_caller+0x68/0xa9 SS:ESP 0068:ed303d88



for xineliboutput:
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000084
printing eip: c05b46eb *pde = 225c2067 *pte = 00000000
Oops: 0000 [#1] SMP
Modules linked in: via drm ledxmit_serial(U) ledxmit_dev(U) rfcomm l2cap
bluetooth autofs4 nfs lockd nfs_acl sunrpc ipv6 dm_mirror dm_multipath dm_mod
stv0297 snd_via82xx gameport snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss
snd_seq_midi_event snd_seq snd_pcm_oss snd_mixer_oss snd_pcm dvb_ttpci dvb_core
parport_pc saa7146_vv snd_timer parport video_buf snd_page_alloc saa7146
snd_mpu401_uart videodev snd_rawmidi v4l2_common snd_seq_device v4l1_compat snd
via_rhine button ttpci_eeprom pcspkr soundcore i2c_viapro mii firewire_ohci
i2c_core firewire_core crc_itu_t sg sr_mod cdrom pata_via ata_generic sata_via
libata sd_mod scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd
CPU:    0
EIP:    0060:[<c05b46eb>]    Not tainted VLI
EFLAGS: 00210246   (2.6.23.9-85.fc8 #1)
EIP is at sk_free+0x15/0xc7
eax: 00000000   ebx: ea86f5d8   ecx: 07fc136a   edx: 00000000
esi: 000000d0   edi: f7bfe0c0   ebp: 0000006c   esp: e20dbd54
ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
Process exe (pid: 5972, ti=e20db000 task=e20fc000 task.ti=e20db000)
Stack: 00000000 00200282 c1888000 ea86f5d8 000000d0 c05d061d c04f6b28 e20dbf60
       00000000 e135f200 7fffffff f7bfe0c0 00000000 e20dbf58 e135f200 c05d0dc7
       00000000 e1d6f320 e20dbf3c d9291900 00000000 00000000 e20dbe68 00001754
Call Trace:
 [<c05d061d>] netlink_unicast+0x159/0x1b4
 [<c04f6b28>] copy_from_user+0x32/0x5e
 [<c05d0dc7>] netlink_sendmsg+0x274/0x280
 [<c05b242d>] sock_sendmsg+0xd0/0xeb
 [<c0427c6f>] default_wake_function+0x0/0xc
 [<c043d495>] autoremove_wake_function+0x0/0x35
 [<c04264a6>] __wake_up+0x32/0x43
 [<c05cffe6>] netlink_insert+0x10f/0x119
 [<c04f6b28>] copy_from_user+0x32/0x5e
 [<c05b2d90>] sys_sendto+0x115/0x135
 [<c05b342b>] sys_getsockname+0x9f/0xb0
 [<c05b4ce1>] sock_init_data+0x83/0x187
 [<c04a4316>] inotify_d_instantiate+0x4a/0x70
 [<c048ff1a>] d_alloc+0x141/0x16f
 [<c048fdd5>] d_instantiate+0x5c/0x60
 [<c05b2129>] sock_attach_fd+0x53/0xb2
 [<c05b3788>] sys_socketcall+0x17b/0x261
 [<c040518a>] syscall_call+0x7/0xb
 =======================
Code: ec ff eb 07 89 f0 e8 8d 8f ec ff 31 f6 5f 89 f0 5d 5b 5e 5f 5d c3 56 53 89
c3 83 ec 0c 8b 93 68 01 00 00 8b 80 cc 00 00 00 85 d2 <8b> b0 84 00 00 00 74 04
89 d8 ff d2 8b 93 f8 00 00 00 85 d2 74
EIP: [<c05b46eb>] sk_free+0x15/0xc7 SS:ESP 0068:e20dbd54


Additional info:
EPIA SP-1300 motherboard
Comment 1 Bug Zapper 2008-11-26 04:09:02 EST
This message is a reminder that Fedora 8 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 8.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '8'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 8's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 8 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 2 Bug Zapper 2009-01-09 00:36:20 EST
Fedora 8 changed to end-of-life (EOL) status on 2009-01-07. Fedora 8 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.