bugzilla-daemon at freedesktop.org
2018-Mar-01 13:32 UTC
[Nouveau] [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15
https://bugs.freedesktop.org/show_bug.cgi?id=105173 --- Comment #12 from Nick Lee <nvlbox at gmail.com> ---> The NULL pointer dereference, or the “trapped read at 0080000000 on channel 1 > [0fbb0000 DRM] engine 00 [PGRAPH] client 03 [DISPATCH] subclient 04 [M2M_IN] > reason 00000006 [NULL_DMAOBJ]” one?"NULL pointer dereference" AND "trapped read" after launtching supertuxkart kernel-4.16.0-0.rc3.git2.1.vanilla.knurd.1.fc27.x86_64 mesa-17.3.6 wayland session [ 63.992917] nouveau 0000:03:00.0: imem: OOM: 0004b000 00000000 -28 [ 63.992930] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 [ 63.993014] IP: nvkm_object_unmap+0x5/0x20 [nouveau] [ 63.993020] PGD 0 P4D 0 [ 63.993027] Oops: 0000 [#1] SMP PTI [ 63.993034] Modules linked in: fuse xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 tun nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables snd_hda_codec_hdmi sunrpc xfs libcrc32c snd_hda_codec_realtek snd_hda_codec_generic coretemp snd_hda_intel snd_hda_codec wmi_bmof pcspkr snd_hda_core snd_hwdep snd_seq snd_seq_device snd_pcm snd_timer shpchp snd nv_tco soundcore i2c_nforce2 acpi_cpufreq binfmt_misc nouveau [ 63.993122] mxm_wmi i2c_algo_bit drm_kms_helper ttm drm serio_raw forcedeth video wmi [ 63.993144] CPU: 0 PID: 2867 Comm: supertuxkart Not tainted 4.16.0-0.rc3.git2.1.vanilla.knurd.1.fc27.x86_64 #1 [ 63.993153] Hardware name: NVIDIA MCP7A/MCP7A, BIOS 6.00 PG 04/22/2009 [ 63.993182] RIP: 0010:nvkm_object_unmap+0x5/0x20 [nouveau] [ 63.993188] RSP: 0018:ffffad338456fc98 EFLAGS: 00010282 [ 63.993194] RAX: ffffffffc036d400 RBX: ffff94b4cdf513d8 RCX: 0000000000000018 [ 63.993201] RDX: ffffffffc028a9e0 RSI: ffff94b4cdf513f8 RDI: 0000000000000000 [ 63.993207] RBP: ffff94b4cdf513c8 R08: 00000000000250c0 R09: ffffffffc0287ca3 [ 63.993213] R10: fffff9754294c340 R11: ffffffffaa9440cd R12: ffff94b4cdf513f8 [ 63.993219] R13: 0000000ecba0cfdc R14: ffff94b55c8e7020 R15: 0000000000000020 [ 63.993226] FS: 00007f77ac70d840(0000) GS:ffff94b56fc00000(0000) knlGS:0000000000000000 [ 63.993233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.993238] CR2: 0000000000000000 CR3: 000000006d418000 CR4: 00000000000406f0 [ 63.993244] Call Trace: [ 63.993276] nvkm_object_dtor+0x9a/0x160 [nouveau] [ 63.993304] nvkm_object_del+0x24/0xa0 [nouveau] [ 63.993331] nvkm_ioctl_new+0x260/0x2b0 [nouveau] [ 63.993371] ? nvkm_fifo_chan_dtor+0x100/0x100 [nouveau] [ 63.993398] ? nvkm_object_new_+0x60/0x60 [nouveau] [ 63.993425] nvkm_ioctl+0x10a/0x240 [nouveau] [ 63.993464] usif_ioctl+0x62e/0x740 [nouveau] [ 63.993504] nouveau_drm_ioctl+0xad/0xc0 [nouveau] [ 63.993514] do_vfs_ioctl+0xa4/0x620 [ 63.993521] SyS_ioctl+0x74/0x80 [ 63.993529] do_syscall_64+0x74/0x180 [ 63.993536] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 63.993543] RIP: 0033:0x7f77a89bf8e7 [ 63.993547] RSP: 002b:00007ffc62fbfd28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.993554] RAX: ffffffffffffffda RBX: 0000000000000038 RCX: 00007f77a89bf8e7 [ 63.993561] RDX: 000055a3912a7d70 RSI: 00000000c0386447 RDI: 0000000000000007 [ 63.993566] RBP: 000055a3912a7d70 R08: 000055a39129f910 R09: 00007f77a8a14708 [ 63.993572] R10: ffffffffffffff90 R11: 0000000000000246 R12: 00000000c0386447 [ 63.993579] R13: 0000000000000007 R14: 000055a3912a7da8 R15: 0000000000000000 [ 63.993585] Code: ff c3 0f 1f 40 00 66 66 66 66 90 48 8b 07 48 8b 40 28 48 85 c0 74 05 e9 6a 8f 97 e9 b8 ed ff ff ff c3 0f 1f 40 00 66 66 66 66 90 <48> 8b 07 48 8b 40 30 48 85 c0 74 05 e9 4a 8f 97 e9 b8 ed ff ff [ 63.993651] RIP: nvkm_object_unmap+0x5/0x20 [nouveau] RSP: ffffad338456fc98 [ 63.993657] CR2: 0000000000000000 [ 63.997842] ---[ end trace a49568284ce09eb6 ]--- [ 79.659127] nouveau 0000:03:00.0: imem: OOM: 00100000 00001000 -28 [ 79.659723] nouveau 0000:03:00.0: gr: TRAP_M2MF 00000002 [IN] [ 79.659729] nouveau 0000:03:00.0: gr: TRAP_M2MF 00320951 206f1fc0 00000000 04000430 [ 79.659733] nouveau 0000:03:00.0: gr: 00200000 [] ch 1 [000fbb0000 DRM] subc 4 class 5039 mthd 0100 data 00000000 [ 79.659746] nouveau 0000:03:00.0: fb: trapped read at 00206f0000 on channel 1 [0fbb0000 DRM] engine 00 [PGRAPH] client 03 [DISPATCH] subclient 04 [M2M_IN] reason 00000002 [PAGE_NOT_PRESENT] -- You are receiving this mail because: You are the assignee for the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.freedesktop.org/archives/nouveau/attachments/20180301/8741430a/attachment.html>
Apparently Analagous Threads
- [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15
- [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15
- [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15
- [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15
- [PATCH] mmu: ALIGN_DOWN correct variable