Bug 82975

Summary: Regression: NULL pointer dereference in nouveau_fence_wait after upgrading to 10.2.6
Product: xorg Reporter: scott
Component: Driver/nouveauAssignee: Nouveau Project <nouveau>
Status: RESOLVED DUPLICATE QA Contact: Xorg Project Team <xorg-team>
Severity: major    
Priority: medium    
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Attachments:
Description Flags
dmesg none

Description scott 2014-08-22 22:02:40 UTC
Created attachment 105126 [details]
dmesg

After updating to 10.2.6 I have encountered the following twice in an 8 hour period. I have not found any means of reproducing as of yet. This was under 2D operation with firefox and a terminal emulator open, nothing more.

Kernel: 3.16
Xorg: 1.16
xf86-video-nouveau: 1.0.10
libdrm: 2.4.55
mesa: 10.2.5


[25635.210586] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
[25635.212110] IP: [<ffffffffa012ed78>] nouveau_fence_wait_uevent+0x38/0x3f0 [nouveau]
[25635.213142] PGD 21f123067 PUD 222926067 PMD 0 
[25635.214184] Oops: 0000 [#1] PREEMPT SMP 
[25635.215222] Modules linked in: tun ext4 crc16 mbcache jbd2 uvcvideo arc4 coretemp iwldvm videobuf2_vmalloc videobuf2_memops videobuf2_core v4l2_common videodev mac80211 iwlwifi media intel_powerclamp kvm_intel hid_generic joydev kvm mousedev cfg80211 ppdev dell_laptop rfkill crct10dif_pclmul crc32_pclmul iTCO_wdt iTCO_vendor_support pcmcia yenta_socket pcmcia_rsrc pcmcia_core crc32c_intel ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper dell_wmi cryptd sparse_keymap snd_hda_codec_hdmi dcdbas shpchp psmouse serio_raw microcode e1000e snd_hda_codec_idt snd_hda_codec_generic parport_pc parport intel_ips ptp pps_core snd_hda_intel snd_hda_controller snd_hda_codec evdev snd_hwdep snd_pcm dell_smo8800 snd_timer snd soundcore mac_hid tpm_tis tpm battery ac acpi_cpufreq intel_agp
[25635.218707]  i2c_i801 intel_gtt lpc_ich processor vboxnetflt(O) vboxnetadp(O) vboxdrv(O) usbhid hid jfs dm_mod sd_mod sr_mod crc_t10dif cdrom crct10dif_common atkbd libps2 ahci libahci libata scsi_mod ehci_pci sdhci_pci ehci_hcd sdhci firewire_ohci led_class firewire_core usbcore mmc_core crc_itu_t usb_common i8042 serio nouveau button video mxm_wmi wmi i2c_algo_bit hwmon drm_kms_helper ttm drm i2c_core
[25635.222492] CPU: 1 PID: 620 Comm: Xorg.bin Tainted: G           O  3.16.1-1-ARCH #1
[25635.223809] Hardware name: Dell Inc. Latitude E6510/0N5KHN, BIOS A09 05/26/2011
[25635.225085] task: ffff8800cb1f7010 ti: ffff8802233d8000 task.ti: ffff8802233d8000
[25635.226375] RIP: 0010:[<ffffffffa012ed78>]  [<ffffffffa012ed78>] nouveau_fence_wait_uevent+0x38/0x3f0 [nouveau]
[25635.227670] RSP: 0018:ffff8802233dbc48  EFLAGS: 00010246
[25635.228957] RAX: 0000000000000000 RBX: ffff8800b51df100 RCX: 000000000000005d
[25635.230248] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8800b51df100
[25635.231549] RBP: ffff8802233dbcb0 R08: 0000000000000202 R09: ffff8802233dbc50
[25635.232841] R10: ffffffffa017bc40 R11: ffff8802233dbde8 R12: ffff8800b51df100
[25635.234149] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88003783dd80
[25635.235449] FS:  00007f3f41bee8c0(0000) GS:ffff88022fc40000(0000) knlGS:0000000000000000
[25635.236740] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[25635.238032] CR2: 0000000000000008 CR3: 000000021f037000 CR4: 00000000000007e0
[25635.239322] Stack:
[25635.240602]  00000000031178e0 0000000000000202 0000000000000000 000000000000005d
[25635.241888]  0000000000000001 0000000000000001 ffff8800b51df100 0000000025d2e153
[25635.243173]  ffff8800b51df100 0000000000000000 0000000000000001 0000000000000001
[25635.244456] Call Trace:
[25635.245746]  [<ffffffffa012f1a9>] nouveau_fence_wait+0x79/0x200 [nouveau]
[25635.247021]  [<ffffffffa0131175>] nouveau_bo_fence_wait+0x15/0x20 [nouveau]
[25635.248292]  [<ffffffffa0074a91>] ttm_bo_wait+0xb1/0x1c0 [ttm]
[25635.249572]  [<ffffffffa013629b>] nouveau_gem_ioctl_cpu_prep+0x5b/0x100 [nouveau]
[25635.250845]  [<ffffffffa0019b9f>] drm_ioctl+0x1df/0x680 [drm]
[25635.252130]  [<ffffffff811d79cf>] ? __d_free+0x3f/0x60
[25635.253414]  [<ffffffffa012c145>] nouveau_drm_ioctl+0x65/0xa0 [nouveau]
[25635.254676]  [<ffffffff811d4a70>] do_vfs_ioctl+0x2d0/0x4b0
[25635.255950]  [<ffffffff811c3d8e>] ? ____fput+0xe/0x10
[25635.257212]  [<ffffffff8108ec24>] ? task_work_run+0xa4/0xe0
[25635.258462]  [<ffffffff811d4cd1>] SyS_ioctl+0x81/0xa0
[25635.259705]  [<ffffffff81530be9>] system_call_fastpath+0x16/0x1b
[25635.260945] Code: 41 55 41 54 49 89 fc 53 4c 8d 4d a0 41 89 f6 be 01 00 00 00 48 83 ec 40 65 48 8b 04 25 28 00 00 00 48 89 45 d0 31 c0 48 8b 47 28 <48> 8b 48 08 48 8b 91 f0 00 00 00 4c 8b a9 68 07 00 00 48 c7 c1 
[25635.262274] RIP  [<ffffffffa012ed78>] nouveau_fence_wait_uevent+0x38/0x3f0 [nouveau]
[25635.263549]  RSP <ffff8802233dbc48>
[25635.264786] CR2: 0000000000000008
[25635.272244] ---[ end trace 410e979c45384bde ]---
Comment 1 Ilia Mirkin 2014-08-22 22:06:34 UTC

*** This bug has been marked as a duplicate of bug 71620 ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.