Bug#699470: crystalhd-dkms: Kernel null pointer BUG in crystalhd_dioq_fetch_wait()
Package: crystalhd-dkms Version: 1:0.0~git20110715.fdd2f19-7 Severity: critical Tags: patch Justification: breaks the whole system Reproducible NULL pointer BUG at crystalhd-0.0~git20110715.fdd2f19/driver/linux/crystalhd_misc.c:515, triggered by adobe flash plugin from dmo repo, ffmpeg, mplayer, bino or other, mostly on heavy ioq usage or after FETCH_TIMEOUT and/or unclosed driver HANDLEs. Your package is affected, reproducible on all 3.x kernel.org stable kernel versions. Subsequent driver access without reboot or after rmmod -f modprobe again will trigger kernel freeze by kernel unhandled paging request. This patch has fixed this bug for me until now. Upstream maintainer/owner of codebase host git.linuxtv.org or Broadcom authors have not responded yet, but affected BCM70015 chip hardware is still in production state and wholeselling as mini-PCI-E card. Signed-off-by: Thomas Schorpp thomas.scho...@gmail.com y tom 8043-Jan 24 18:33:14 tom3 kernel: [ 457.636878] BUG: unable to handle kernel NULL pointer dereference at 002c 8044:Jan 24 18:33:14 tom3 kernel: [ 457.637016] IP: [a043a14c] crystalhd_dioq_fetch_wait+0x25c/0x410 [crystalhd] 8045-Jan 24 18:33:14 tom3 kernel: [ 457.637150] PGD 631fe067 PUD 57474067 PMD 0 8046-Jan 24 18:33:14 tom3 kernel: [ 457.637238] Oops: [#1] PREEMPT SMP 8047-Jan 24 18:33:14 tom3 kernel: [ 457.637326] CPU 0 8048-Jan 24 18:33:14 tom3 kernel: [ 457.637361] Modules linked in: uinput parport_pc ppdev lp parport bluetooth nfsd lockd nfs_acl auth_rpcgss sunrpc exportfs acpi_cpufreq mperf cpufreq_powersave cpufreq_stats cpufreq_conservative cpufreq_performance cpufreq_ondemand freq_table fuse dm_mod ext3 jbd pciehp arc4 ath5k ath snd_hda_codec_analog mac80211 cfg80211 snd_hda_intel snd_hda_codec snd_usb_audio thinkpad_acpi snd_pcm_oss snd_mixer_oss snd_hwdep rfkill snd_pcm snd_usbmidi_lib snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device gspca_zc3xx gspca_main snd videodev pcmcia usb_storage v4l2_compat_ioctl32 psmouse yenta_socket tpm_tis pcmcia_rsrc crystalhd(O) snd_page_alloc soundcore tpm pcmcia_core tpm_bios pcspkr serio_raw i2c_i801 nvram wmi rtc_cmos battery ac evdev processor nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack xt_limit xt_tcpudp iptable_filter ip _tables x _tables ext4 mbcache jbd2 crc16 8049-Jan 24 18:33:14 tom3 kernel: usbhid hid sg sd_mod crc_t10dif ata_generic uhci_hcd ahci libahci ata_piix atkbd libata thermal xhci_hcd ehci_hcd usbcore e1000e usb_common [last unloaded: scsi_wait_scan] 8050-Jan 24 18:33:14 tom3 kernel: [ 457.637841] 8051-Jan 24 18:33:14 tom3 kernel: [ 457.637841] Pid: 6318, comm: ffmpeg Tainted: G O 3.2.36-dirty #7 LENOVO 7735Y1T/7735Y1T 8052:Jan 24 18:33:14 tom3 kernel: [ 457.637841] RIP: 0010:[a043a14c] [a043a14c] crystalhd_dioq_fetch_wait+0x25c/0x410 [crystalhd] 8053-Jan 24 18:33:14 tom3 kernel: [ 457.637841] RSP: 0018:88006300dd48 EFLAGS: 00010246 8054-Jan 24 18:33:14 tom3 kernel: [ 457.637841] RAX: RBX: 88007b1cde50 RCX: 8055-Jan 24 18:33:14 tom3 kernel: [ 457.637841] RDX: 0046 RSI: a04395c3 RDI: 81493e82 8056-Jan 24 18:33:14 tom3 kernel: [ 457.637841] RBP: 88006300ddf8 R08: R09: 8057-Jan 24 18:33:14 tom3 kernel: [ 457.637841] R10: R11: 88007b1ce510 R12: 88007a855d80 8058-Jan 24 18:33:14 tom3 kernel: [ 457.637841] R13: R14: 88007a855da8 R15: 88007b1cde50 8059-Jan 24 18:33:14 tom3 kernel: [ 457.637841] FS: 7f559fa7b760() GS:88007f40() knlGS: 8060-Jan 24 18:33:14 tom3 kernel: [ 457.637841] CS: 0010 DS: ES: CR0: 80050033 8061-Jan 24 18:33:14 tom3 kernel: [ 457.637841] CR2: 002c CR3: 5747 CR4: 06f0 8062-Jan 24 18:33:14 tom3 kernel: [ 457.637841] DR0: DR1: DR2: 8063-Jan 24 18:33:14 tom3 kernel: [ 457.637841] DR3: DR6: 0ff0 DR7: 0400 8064-Jan 24 18:33:14 tom3 kernel: [ 457.637841] Process ffmpeg (pid: 6318, threadinfo 88006300c000, task 88007b1cde50) 8065-Jan 24 18:33:14 tom3 kernel: [ 457.637841] Stack: 8066-Jan 24 18:33:14 tom3 kernel: [ 457.637841] 0327 88007b1ce510 88006b199400 88007c1b1090 8067-Jan 24 18:33:14 tom3 kernel: [ 457.637841] 88006300de14 8800594145b0 880059414400 88007b1cde50 8068-Jan 24 18:33:14 tom3 kernel: [ 457.637841] 88007a855de0 000100026d5c 88007b1cde50 8069-Jan 24 18:33:14 tom3 kernel: [ 457.637841] Call Trace: 8070-Jan 24 18:33:14 tom3 kernel: [ 457.637841] [810497e0] ? try_to_wake_up+0x260/0x260 8071-Jan 24 18:33:14 tom3 kernel: [ 457.637841]
Bug#502538: 2.6.24-6~etchnhalf.5-6: FATAL: modules.dep not found - kernel panic: init not found
Package: linux-image-2.6.24-etchnhalf.1-686 Version: 2.6.24-6~etchnhalf.6 Severity: critical Justification: breaks the whole system Silent upgrade error on modules.dep/ramdisk-creation make kernel ubootable, fails bevor root mount. Maybe depends on newer yaird/initramfs-tools? y tom -- Package-specific info: ** Version: Linux version 2.6.24-etchnhalf.1-686 (Debian 2.6.24-6~etchnhalf.5) ([EMAIL PROTECTED]) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP Mon Sep 8 06:19:11 UTC 2008 (running on restored old kernel now). ** Command line: root=/dev/hda2 ro snip...not relevant -- System Information: Debian Release: lenny/sid APT prefers stable APT policy: (990, 'stable'), (99, 'testing'), (98, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-etchnhalf.1-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages linux-image-2.6.24-etchnhalf.1-686 depends on: ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy ii initramfs-tools [linux-initra 0.92e tools for generating an initramfs - ? too old? ii module-init-tools 3.3-pre4-2 tools for managing Linux kernel mo Versions of packages linux-image-2.6.24-etchnhalf.1-686 recommends: ii libc6-i6862.7-3 GNU C Library: Shared libraries [i -- debconf information: linux-image-2.6.24-etchnhalf.1-686/postinst/depmod-error-2.6.24-etchnhalf.1-686: false linux-image-2.6.24-etchnhalf.1-686/postinst/old-dir-initrd-link-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/initrd-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/postinst/kimage-is-a-directory: linux-image-2.6.24-etchnhalf.1-686/preinst/abort-install-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/prerm/removing-running-kernel-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/lilo-has-ramdisk: linux-image-2.6.24-etchnhalf.1-686/postinst/bootloader-error-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/postinst/old-initrd-link-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/bootloader-initrd-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/elilo-initrd-2.6.24-etchnhalf.1-686: true shared/kernel-image/really-run-bootloader: true linux-image-2.6.24-etchnhalf.1-686/preinst/abort-overwrite-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/prerm/would-invalidate-boot-loader-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/overwriting-modules-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/postinst/old-system-map-link-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/postinst/depmod-error-initrd-2.6.24-etchnhalf.1-686: false linux-image-2.6.24-etchnhalf.1-686/preinst/lilo-initrd-2.6.24-etchnhalf.1-686: true linux-image-2.6.24-etchnhalf.1-686/preinst/failed-to-move-modules-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/postinst/bootloader-test-error-2.6.24-etchnhalf.1-686: linux-image-2.6.24-etchnhalf.1-686/postinst/create-kimage-link-2.6.24-etchnhalf.1-686: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#415864: aic7xxx: aic7892(B): BUG: soft lockup detected on CPU#0
Package: linux-image-2.6.18-4-amd64 Version: 2.6.18.dfsg.1-11 Severity: critical Justification: breaks the whole system + netinstall iso lo, well, ive several live cd systems 2.6.19.5i386 that oops and hang boot in aic7xxx init, only one booting here is knoppix 5.2, the latest unofficial debian stable 2.6.8-12-amd64-generic, which says ACPI: PCI interrupt :00:06.0[A] - GSI 17 (level, low) - IRQ 17 aic7xxx: PCI0:6:0 MEM region 0x0 unavailable. Cannot memory map device. but works ok, a debian etch 2.6.18-4-amd64 which says: SCSI subsystem initialized GSI 16 sharing vector 0xA9 and IRQ 16 ACPI: PCI Interrupt :00:06.0[A] - GSI 17 (level, low) - IRQ 169 BUG: soft lockup detected on CPU#0! Call Trace: IRQ [802a3fec] softlockup_tick+0xdb/0xed [802881df] update_process_times+0x42/0x68 [8026cbd8] smp_local_timer_interrupt+0x23/0x47 [8026d2cc] smp_apic_timer_interrupt+0x41/0x47 [8025904a] apic_timer_interrupt+0x66/0x6c EOI [8038a412] pci_conf1_write+0x0/0xc9 [88053718] :aic7xxx:ahc_pci_test_register_access+0xc2/0x391 [880536a5] :aic7xxx:ahc_pci_test_register_access+0x4f/0x391 [88059416] :aic7xxx:ahc_pci_map_registers+0x1bb/0x239 [880523d2] :aic7xxx:ahc_pci_config+0x4c/0x12d0 [80389fb7] pcibios_set_master+0x1e/0x84 [88059186] :aic7xxx:ahc_linux_pci_dev_probe+0x13e/0x213 [80317eea] pci_device_probe+0xdf/0x147 [8036b9db] driver_probe_device+0x52/0xa8 [8036ba96] __driver_attach+0x0/0x9a [8036bae6] __driver_attach+0x50/0x9a [8036ba96] __driver_attach+0x0/0x9a [8036b458] bus_for_each_dev+0x43/0x6e [8036b09a] bus_add_driver+0x7e/0x130 [803180c4] __pci_register_driver+0x57/0x7d [8805903e] :aic7xxx:ahc_linux_pci_init+0x17/0x21 [8806e325] :aic7xxx:ahc_linux_init+0x325/0x336 [8027d27d] default_wake_function+0x0/0xe [8025e2e5] __down_read+0x12/0x9a [80294fa1] __link_module+0x0/0x25 [802200e5] __up_read+0x13/0x8a [80297695] sys_init_module+0x16cc/0x1882 [802584d6] system_call+0x7e/0x83 BUG: soft lockup detected on CPU#0! a kernel.org 2.6.20 with K8 config set but built in a 32Bit debian sid environment, but works ok, and finally the latest kernel.org 2.6.20.3 AMD K8 built on debian amd64 etch userland that hangs boot on aic7xxx init without magic sysreq keys functionality: Loading iSCSI transport class v2.0-724. ACPI: PCI Interrupt :00:06.0[A] - GSI 17 (level, low) - IRQ 17 ... Kernel alive - Kernel direct mapping tables up to 1 @ 8000-d000 according to the stack above this should be a pci adaptor mem resources prob. tweaking boot parameters did not fix. now trying latest scsi git and be on ##kernel at freenode if Q. update: no fix so far in kernel.org scsi-rc-fixes.git, just on building a scsi dev git kernel with change from K8-x86_64 generic Kconfig and full debug, examining driver code and will report if i find the cause. y tom SysRq : Resetting Linux version 2.6.20.3amd64 ([EMAIL PROTECTED]) (gcc version 4.1.2 20061115 (prerelease7 Command line: root=/dev/sda1 ro single console=ttyS0,115200n8 aic7xxx=debug=255 BIOS-provided physical RAM map: BIOS-e820: - 0009fc00 (usable) BIOS-e820: 0009fc00 - 000a (reserved) BIOS-e820: 000e4000 - 0010 (reserved) BIOS-e820: 0010 - 1ffd (usable) BIOS-e820: 1ffd - 1ffde000 (ACPI data) BIOS-e820: 1ffde000 - 2000 (ACPI NVS) BIOS-e820: fec0 - fec01000 (reserved) BIOS-e820: ff78 - 0001 (reserved) end_pfn_map = 1048576 DMI 2.3 present. Zone PFN ranges: DMA 0 - 4096 DMA324096 - 1048576 Normal1048576 - 1048576 early_node_map[2] active PFN ranges 0:0 - 159 0: 256 - 131024 ACPI: PM-Timer IO Port: 0x808 ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] enabled) Processor #0 (Bootup-CPU) ACPI: LAPIC (acpi_id[0x02] lapic_id[0x81] disabled) ACPI: IOAPIC (id[0x01] address[0xfec0] gsi_base[0]) IOAPIC[0]: apic_id 1, address 0xfec0, GSI 0-23 ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level) Setting APIC routing to flat Using ACPI (MADT) for SMP configuration information Nosave address range: 0009f000 - 000a Nosave address range: 000a - 000e4000 Nosave address range: 000e4000 - 0010 Allocating PCI resources starting at 3000 (gap: 2000:dec0) Built 1 zonelists. Total pages: 127672 Kernel command line: root=/dev/sda1 ro single console=ttyS0,115200n8 aic7xxx=de5 Initializing CPU#0 PID hash table entries: 2048 (order: 11, 16384 bytes) time.c: Using 3.579545 MHz WALL PM GTOD PIT/TSC timer. time.c: Detected 2000.164 MHz processor. Console: colour VGA+ 80x25 Dentry cache hash table
Bug#384571: hylafax-server: DOS Vulnerabilty, Phone Call to line modems with voice triggers getty-link which hangs 4E4 blocks further faxing
Package: hylafax-server Version: 1:4.2.1-5sarge3 Severity: grave Tags: security Justification: renders package unusable Some line modems misinterpret human voice as V.9x, etc, connection requests. This makes the server spawn getty-link with attach to the line modem device which locks the device 4E4 even after OnHook. System cant fax and receive anymore until administrative action is taken by killing getty-link and so removing device lock. Then faxgetty recovers and reclaimes device automatically and faxes can be send and received again. Affected line modem devices so far: Old US Robotics Sportster 33.6 y tom -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (501, 'testing'), (101, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.17-2-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages hylafax-server depends on: ii debconf 1.4.30.11 Debian configuration management sy ii gawk [awk] 1:3.1.4-2 GNU awk, a pattern scanning and pr ii gs 8.01-5 Transitional package ii gs-afpl [gs] 8.14-3 The AFPL Ghostscript PostScript in ii gs-esp [gs] 7.07.1-9The Ghostscript PostScript interpr ii gs-gpl [gs] 8.01-5 The GPL Ghostscript PostScript int ii hylafax-client 1:4.2.1-5sarge3 Flexible client/server fax softwar ii libc62.3.6-7 GNU C Library: Shared libraries ii libgcc1 1:4.1.1-5 GCC support library ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libstdc++5 1:3.3.6-7 The GNU Standard C++ Library v3 ii libtiff-tools3.7.2-7 TIFF manipulation and conversion t ii libtiff4 3.6.1-5 Tag Image File Format library ii mailx1:8.1.2-0.20040524cvs-4 A simple mail user agent ii mawk [awk] 1.3.3-11a pattern scanning and text proces ii mime-codecs 7.19-2 Fast Quoted-Printable and BASE64 M ii psmisc 21.5-1 Utilities that use the proc filesy ii sed 4.1.2-8 The GNU sed stream editor ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime -- debconf information: * hylafax-server/configure_note: hylafax-server/attachment: hylafax-server/start_now: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#285371: exim4-daemon-heavy: gnutls-parms not recreated on startup, takes 20min after first tls conn
Package: exim4-daemon-heavy Version: 4.52-1 Followup-For: Bug #285371 was all fine with 4.51, problems are back with this version. maybe my p2 machine is too slow or does not deliver enough valid random data. 1. send a message from mozilla with tls 2. connection establishes and hangs on for ~20min 3. params-file appears and message is processed 4. log shows tls-packet with unexpected length received error 5. tls traffic ok then until next restart of daemon and deletion of params file. maybe params creation takes too long at tls-connection, better recreate at startup of daemon. pls provide 4.51 + security patches again until this is fixed. -- Package-specific info: Exim version 4.52 #1 built 02-Jul-2005 06:14:22 Copyright (c) University of Cambridge 2005 Berkeley DB: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003) Support for: iconv() IPv6 PAM Perl GnuTLS Content_Scanning Old_Demime Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql Authenticators: cram_md5 cyrus_sasl plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Configuration file is /var/lib/exim4/config.autogenerated -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (800, 'testing'), (700, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.12-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages exim4-daemon-heavy depends on: ii exim4-base 4.52-1 support files for all exim MTA (v4 ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libdb4.24.2.52-17Berkeley v4.2 Database Libraries [ ii libgnutls11 1.0.16-13.1 GNU TLS library - runtime library ii libldap22.1.30-3 OpenLDAP libraries ii libmysqlclient124.0.23-3 mysql database client library ii libpam0g0.76-22 Pluggable Authentication Modules l ii libpcre34.5-1.1 Perl 5 Compatible Regular Expressi ii libperl5.8 5.8.7-3 Shared Perl library ii libpq4 8.0.3-7 PostgreSQL C client library ii libsasl22.1.19-1.5 Authentication abstraction library -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]