[Nouveau] [Bug 105173] [MCP79][Regression] Unhandled NULL pointer dereference in nvkm_object_unmap since kernel 4.15

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Thu Mar 1 13:32:26 UTC 2018 

https://bugs.freedesktop.org/show_bug.cgi?id=105173

--- Comment #12 from Nick Lee <nvlbox at gmail.com> ---
> The NULL pointer dereference, or the “trapped read at 0080000000 on channel 1 
> [0fbb0000 DRM] engine 00 [PGRAPH] client 03 [DISPATCH] subclient 04 [M2M_IN] 
> reason 00000006 [NULL_DMAOBJ]” one?

"NULL pointer dereference" AND "trapped read" after launtching supertuxkart

kernel-4.16.0-0.rc3.git2.1.vanilla.knurd.1.fc27.x86_64
mesa-17.3.6
wayland session

[   63.992917] nouveau 0000:03:00.0: imem: OOM: 0004b000 00000000 -28
[   63.992930] BUG: unable to handle kernel NULL pointer dereference at
0000000000000000
[   63.993014] IP: nvkm_object_unmap+0x5/0x20 [nouveau]
[   63.993020] PGD 0 P4D 0 
[   63.993027] Oops: 0000 [#1] SMP PTI
[   63.993034] Modules linked in: fuse xt_CHECKSUM ipt_MASQUERADE
nf_nat_masquerade_ipv4 tun nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT
ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink
ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6
nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security
iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack
iptable_mangle iptable_raw iptable_security ebtable_filter ebtables
ip6table_filter ip6_tables snd_hda_codec_hdmi sunrpc xfs libcrc32c
snd_hda_codec_realtek snd_hda_codec_generic coretemp snd_hda_intel
snd_hda_codec wmi_bmof pcspkr snd_hda_core snd_hwdep snd_seq snd_seq_device
snd_pcm snd_timer shpchp snd nv_tco soundcore i2c_nforce2 acpi_cpufreq
binfmt_misc nouveau
[   63.993122]  mxm_wmi i2c_algo_bit drm_kms_helper ttm drm serio_raw forcedeth
video wmi
[   63.993144] CPU: 0 PID: 2867 Comm: supertuxkart Not tainted
4.16.0-0.rc3.git2.1.vanilla.knurd.1.fc27.x86_64 #1
[   63.993153] Hardware name: NVIDIA MCP7A/MCP7A, BIOS 6.00 PG 04/22/2009
[   63.993182] RIP: 0010:nvkm_object_unmap+0x5/0x20 [nouveau]
[   63.993188] RSP: 0018:ffffad338456fc98 EFLAGS: 00010282
[   63.993194] RAX: ffffffffc036d400 RBX: ffff94b4cdf513d8 RCX:
0000000000000018
[   63.993201] RDX: ffffffffc028a9e0 RSI: ffff94b4cdf513f8 RDI:
0000000000000000
[   63.993207] RBP: ffff94b4cdf513c8 R08: 00000000000250c0 R09:
ffffffffc0287ca3
[   63.993213] R10: fffff9754294c340 R11: ffffffffaa9440cd R12:
ffff94b4cdf513f8
[   63.993219] R13: 0000000ecba0cfdc R14: ffff94b55c8e7020 R15:
0000000000000020
[   63.993226] FS:  00007f77ac70d840(0000) GS:ffff94b56fc00000(0000)
knlGS:0000000000000000
[   63.993233] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.993238] CR2: 0000000000000000 CR3: 000000006d418000 CR4:
00000000000406f0
[   63.993244] Call Trace:
[   63.993276]  nvkm_object_dtor+0x9a/0x160 [nouveau]
[   63.993304]  nvkm_object_del+0x24/0xa0 [nouveau]
[   63.993331]  nvkm_ioctl_new+0x260/0x2b0 [nouveau]
[   63.993371]  ? nvkm_fifo_chan_dtor+0x100/0x100 [nouveau]
[   63.993398]  ? nvkm_object_new_+0x60/0x60 [nouveau]
[   63.993425]  nvkm_ioctl+0x10a/0x240 [nouveau]
[   63.993464]  usif_ioctl+0x62e/0x740 [nouveau]
[   63.993504]  nouveau_drm_ioctl+0xad/0xc0 [nouveau]
[   63.993514]  do_vfs_ioctl+0xa4/0x620
[   63.993521]  SyS_ioctl+0x74/0x80
[   63.993529]  do_syscall_64+0x74/0x180
[   63.993536]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   63.993543] RIP: 0033:0x7f77a89bf8e7
[   63.993547] RSP: 002b:00007ffc62fbfd28 EFLAGS: 00000246 ORIG_RAX:
0000000000000010
[   63.993554] RAX: ffffffffffffffda RBX: 0000000000000038 RCX:
00007f77a89bf8e7
[   63.993561] RDX: 000055a3912a7d70 RSI: 00000000c0386447 RDI:
0000000000000007
[   63.993566] RBP: 000055a3912a7d70 R08: 000055a39129f910 R09:
00007f77a8a14708
[   63.993572] R10: ffffffffffffff90 R11: 0000000000000246 R12:
00000000c0386447
[   63.993579] R13: 0000000000000007 R14: 000055a3912a7da8 R15:
0000000000000000
[   63.993585] Code: ff c3 0f 1f 40 00 66 66 66 66 90 48 8b 07 48 8b 40 28 48
85 c0 74 05 e9 6a 8f 97 e9 b8 ed ff ff ff c3 0f 1f 40 00 66 66 66 66 90 <48> 8b
07 48 8b 40 30 48 85 c0 74 05 e9 4a 8f 97 e9 b8 ed ff ff 
[   63.993651] RIP: nvkm_object_unmap+0x5/0x20 [nouveau] RSP: ffffad338456fc98
[   63.993657] CR2: 0000000000000000
[   63.997842] ---[ end trace a49568284ce09eb6 ]---
[   79.659127] nouveau 0000:03:00.0: imem: OOM: 00100000 00001000 -28
[   79.659723] nouveau 0000:03:00.0: gr: TRAP_M2MF 00000002 [IN]
[   79.659729] nouveau 0000:03:00.0: gr: TRAP_M2MF 00320951 206f1fc0 00000000
04000430
[   79.659733] nouveau 0000:03:00.0: gr: 00200000 [] ch 1 [000fbb0000 DRM] subc
4 class 5039 mthd 0100 data 00000000
[   79.659746] nouveau 0000:03:00.0: fb: trapped read at 00206f0000 on channel
1 [0fbb0000 DRM] engine 00 [PGRAPH] client 03 [DISPATCH] subclient 04 [M2M_IN]
reason 00000002 [PAGE_NOT_PRESENT]

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/nouveau/attachments/20180301/8741430a/attachment.html>

More information about the Nouveau mailing list