Bug 474255
Summary: | Oops on NULL dereference in i915_kernel_lost_context and X hard lockup | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Eric Rannaud <eric.rannaud> | ||||||||
Component: | kernel | Assignee: | Dave Airlie <airlied> | ||||||||
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | low | ||||||||||
Version: | 10 | CC: | eric.rannaud, fdc, james, kernel-maint, me, nhruby, sullivanshea | ||||||||
Target Milestone: | --- | Keywords: | Triaged | ||||||||
Target Release: | --- | ||||||||||
Hardware: | x86_64 | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2009-12-18 07:06:37 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Eric Rannaud
2008-12-02 23:38:20 UTC
I've just seen pretty much the exact same thing happen: BUG: unable to handle kernel NULL pointer dereference at 00000000000000a0 IP: [<ffffffffa0403101>] i915_kernel_lost_context+0x19/0x77 [i915] PGD 0 Oops: 0000 [1] SMP CPU 1 Modules linked in: lp fuse i915 drm i2c_core rfcomm sco bridge stp bnep l2cap vmnet vmblock vmci vmmon sunrpc ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 cpufreq_ondemand acpi_cpufreq freq_table dm_multipath sha256_generic aes_x86_64 aes_generic cbc dm_crypt uinput pata_pcmcia btusb bluetooth arc4 ecb ppdev crypto_blkcipher snd_hda_intel snd_seq_dummy snd_seq_oss iwlagn snd_seq_midi_event snd_seq video iwlcore snd_seq_device output snd_pcm_oss snd_mixer_oss sdhci_pci sdhci ricoh_mmc snd_pcm yenta_socket rfkill joydev pcspkr snd_timer snd_page_alloc snd_hwdep snd rsrc_nonstatic firewire_ohci serio_raw mac80211 mmc_core e1000e tpm_infineon firewire_core cfg80211 wmi tpm tpm_bios soundcore crc_itu_t battery parport_pc parport ac [last unloaded: microcode] Pid: 7945, comm: scalc.bin Not tainted 2.6.27.9-159.fc10.x86_64 #1 RIP: 0010:[<ffffffffa0403101>] [<ffffffffa0403101>] i915_kernel_lost_context+0x19/0x77 [i915] RSP: 0018:ffff8800058b9a68 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff88012f164000 RCX: ffff88012f164000 RDX: 0000000000000000 RSI: ffff8800058b9a68 RDI: ffff880131e27000 RBP: ffff8800058b9a68 R08: 0000000000000000 R09: ffffffff8156ce98 R10: ffffffff810d003c R11: ffff8800058b9b18 R12: ffff880131e27000 R13: ffff8800bb4eea80 R14: ffff88013b1fc3e8 R15: ffff880131e27000 FS: 00007f7c94d06950(0000) GS:ffff88013fc04980(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000a0 CR3: 0000000000201000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process scalc.bin (pid: 7945, threadinfo ffff8800058b8000, task ffff880103c54530) Stack: ffff8800058b9ab8 ffffffffa04096de ffff880131e27000 ffff880129c63dd0 ffff880131e27020 ffff88012f164000 ffff880131e27000 ffff8800bb4eea80 ffff88013b1fc3e8 ffff880131e27138 ffff8800058b9ac8 ffffffffa04099b8 Call Trace: [<ffffffffa04096de>] i915_gem_idle+0x7c/0x34d [i915] [<ffffffffa04099b8>] i915_gem_lastclose+0x9/0x26 [i915] [<ffffffffa04037be>] i915_driver_lastclose+0x1b/0x3e [i915] [<ffffffffa03d3e97>] drm_lastclose+0x48/0x2a7 [drm] [<ffffffffa03d4766>] drm_release+0x454/0x475 [drm] [<ffffffff810c1047>] __fput+0xca/0x16d [<ffffffff810c10ff>] fput+0x15/0x17 [<ffffffff810be5a9>] filp_close+0x67/0x72 [<ffffffff810432dc>] put_files_struct+0x74/0xc8 [<ffffffff81043378>] exit_files+0x48/0x51 [<ffffffff81044cd9>] do_exit+0x26a/0x8a0 [<ffffffff81332aba>] ? _spin_lock+0x9/0xc [<ffffffff81045391>] do_group_exit+0x82/0xaf [<ffffffff8104e75e>] get_signal_to_deliver+0x2b0/0x2dc [<ffffffff8100f42f>] do_notify_resume+0x90/0x93f [<ffffffff81031033>] ? need_resched+0x1e/0x28 [<ffffffff81331302>] ? _cond_resched+0x9/0x38 [<ffffffff8133188e>] ? mutex_lock+0x22/0x33 [<ffffffff810eba1b>] ? inotify_dev_queue_event+0x118/0x129 [<ffffffff810eaab6>] ? inotify_inode_queue_event+0xca/0xd9 [<ffffffff810eb04b>] ? inotify_dentry_parent_queue_event+0x79/0x92 [<ffffffff810bfc2a>] ? fsnotify_modify+0x62/0x6a [<ffffffff810c749b>] ? path_put+0x1d/0x21 [<ffffffff81010b13>] retint_signal+0x65/0xc2 Code: be 03 00 00 00 e8 ba 4b d7 e0 31 c0 5b 41 5c c9 c3 90 48 8b 87 18 04 00 00 55 48 8b 8f d8 03 00 00 48 89 e5 48 8b 80 68 02 00 00 <48> 8b b0 a0 00 00 00 48 8b 41 08 48 05 34 20 00 00 8b 00 25 fc RIP [<ffffffffa0403101>] i915_kernel_lost_context+0x19/0x77 [i915] RSP <ffff8800058b9a68> CR2: 00000000000000a0 ---[ end trace 3d7b0ec2372cb639 ]--- Fixing recursive fault but reboot is needed! Eric or Chris, Could you add full dmesg and /var/log/Xorg.0.log as uncompressed plain text attachments to this bug ? Thanks Created attachment 333671 [details]
dmesg-eric
Created attachment 333672 [details]
/var/log/Xorg.0.log.old-Eric (a session that crashed)
Similar crash was witnessed again with the following versions (no stacktrace this time, but the same symptoms and apparent causes): Linux nc050 2.6.27.12-170.2.5.fc10.x86_64 #1 SMP Wed Jan 21 01:33:24 EST 2009 x86_64 x86_64 x86_64 GNU/Linux X.Org X Server 1.5.3 Release Date: 5 November 2008 X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.18-92.1.18.el5 x86_64 Current Operating System: Linux nc050 2.6.27.12-170.2.5.fc10.x86_64 #1 SMP Wed J an 21 01:33:24 EST 2009 x86_64 Build Date: 11 December 2008 05:27:30PM Build ID: xorg-x11-server 1.5.3-6.fc10 (I see this crash every week or two) Eric, Thank you for the information. Could you add the output of : rpm -q xorg-x11-server-Xorg xorg-x11-drv-intel as well, and try to run with a xorg.conf containing Option "DRI" "off" The following lines are of interest : (WW) intel(0): ESR is 0x00000001, instruction error (WW) intel(0): PRB0_CTL (0x0001f001) indicates ring buffer enabled (WW) intel(0): Existing errors found in hardware state. --- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers $ rpm -q xorg-x11-server-Xorg xorg-x11-drv-intel xorg-x11-server-Xorg-1.5.3-13.fc10.x86_64 package xorg-x11-drv-intel is not installed Will try Option "DRI" "off", thanks. Apparently it's xorg-x11-drv-i810 in F10, sorry... could you post rpm -q xorg-x11-drv-i810 please Switching to assigned. --- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers $ rpm -q xorg-x11-drv-i810 xorg-x11-drv-i810-2.5.0-4.fc10.x86_64 With the DRI set to "False", X crashes on start-up. (/var/log/Xorg.0.log attached) When GDM comes up, the screen freezes (except for the mouse) before the entire login screen is rendered (the background is there but not the login dialog is not drawn completely). The keyboard is unresponsive. I could log in through SSH and reboot; killing Xorg didn't seem effective. Xorg.0.log contains a bunch of extra warnings of the form: (WW) intel(0): Register 0x70024 (PIPEASTAT) changed from 0x80000203 to 0x00000000 (WW) intel(0): PIPEASTAT before: status: FIFO_UNDERRUN VSYNC_INT_STATUS VBLANK_INT_STATUS OREG_UPDATE_STATUS (WW) intel(0): PIPEASTAT after: status: Thanks. Created attachment 333923 [details]
/var/log/Xorg.0.log-eric DRI=False
This message is a reminder that Fedora 10 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 10. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '10'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 10's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 10 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Fedora 10 changed to end-of-life (EOL) status on 2009-12-17. Fedora 10 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed. |