Kernel Bug Tracker – Bug 16243
firedtv: NULL pointer dereference in fw_iso_context_stop, dvb_frontend_thread context
Last modified: 2013-12-10 21:46:43 UTC
Created attachment 26831 [details]
syslog with the NULL pointer dereference
A FireDTV somehow vanished from the bus for no apparent reason (PHY lock-up perhaps; plug-out/ plug-in was necessary to get it back). When doing so, the firedtv driver crashed in fw_iso_context_stop.
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffffa0208d74>] fw_iso_context_stop+0x0/0xd [firewire_core]
RIP: 0010:[<ffffffffa0208d74>] [<ffffffffa0208d74>] fw_iso_context_stop+0x0/0xd [firewire_core]
? stop_iso+0x19/0x41 [firedtv]
? fdtv_sleep+0x15/0x36 [firedtv]
? dvb_frontend_thread+0x5ac/0x63c [dvb_core]
? dvb_frontend_thread+0x0/0x63c [dvb_core]
Complete trace follows as attachment. Is firedtv perhaps not prepared for a kernel thread to stop the context (instead of user context)?
ffffffffa0208d74: 48 8b 07 mov (%rdi),%rax <-- crash here
ffffffffa0208d77: 48 8b 00 mov (%rax),%rax
ffffffffa0208d7a: 4c 8b 58 68 mov 0x68(%rax),%r11
ffffffffa0208d7e: 41 ff e3 jmpq *%r11
The parameter to fw_iso_context_stop() is NULL.
I recently had another panic on kernel version 3.6 which looked like this one. Didn't take a screenshot because it appeared to be identical.