Bug 595757

Summary: radeon : unable to handle kernel NULL pointer dereference
Product: [Fedora] Fedora Reporter: Ari Tilli <ari.tilli>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 12CC: anton, dougsland, gansalmon, itamar, jonathan, kernel-maint
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-12-03 14:23:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ari Tilli 2010-05-25 14:49:37 UTC 
Description of problem:
X-freeses on kernel error.

Version-Release number of selected component (if applicable):
kernel-2.6.32.12-115.fc12.i686

How reproducible:
Always with the newest kernel, though could be also libdrm etc. related. 

Steps to Reproduce:
1. In KDE screen saver goes on.
2. Try to wakeup..
  
Actual results:
X has frozen , I could though still SSH to machine.

Additional info:

May 25 17:08:25 ari-fedora9 kernel: [drm:radeon_cs_ioctl] *ERROR* Failed to parse relocation -12!
May 25 17:08:25 ari-fedora9 kernel: BUG: unable to handle kernel NULL pointer dereference at (null)
May 25 17:08:25 ari-fedora9 kernel: IP: [<e09163b9>] radeon_cs_parser_fini+0x35/0xd7 [radeon]
May 25 17:08:25 ari-fedora9 kernel: *pde = 1f289067 *pte = 00000000 
May 25 17:08:25 ari-fedora9 kernel: Oops: 0000 [#1] SMP 
May 25 17:08:25 ari-fedora9 kernel: last sysfs file: /sys/devices/pci0000:00/0000:00:1f.1/host0/target0:0:0/0:0:0:0/block/sda/uevent
May 25 17:08:25 ari-fedora9 kernel: Modules linked in: ipt_MASQUERADE iptable_nat nf_nat bridge stp llc sunrpc p4_clockmod xt_physdev nf_conntrack_netbios_ns ip6t_REJECT nf_conntrack_ipv6 ip6table_filter ip6_tables ipv6 dm_multipath uinput snd_intel8x0 snd_ac97_codec ac97_bus snd_seq snd_seq_device snd_pcm ppdev parport_pc snd_timer parport snd iTCO_wdt e1000 dcdbas iTCO_vendor_support i2c_i801 soundcore snd_page_alloc radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core [last unloaded: microcode]
May 25 17:08:25 ari-fedora9 kernel:
May 25 17:08:25 ari-fedora9 kernel: Pid: 1637, comm: X Not tainted (2.6.32.12-115.fc12.i686 #1) OptiPlex GX270               
May 25 17:08:25 ari-fedora9 kernel: EIP: 0060:[<e09163b9>] EFLAGS: 00013246 CPU: 0
May 25 17:08:25 ari-fedora9 kernel: EIP is at radeon_cs_parser_fini+0x35/0xd7 [radeon]
May 25 17:08:25 ari-fedora9 kernel: EAX: 00000000 EBX: de821e08 ECX: c0a7ae38 EDX: fffffff4
May 25 17:08:25 ari-fedora9 kernel: ESI: 00000000 EDI: 00000000 EBP: de821df8 ESP: de821dec
May 25 17:08:25 ari-fedora9 kernel: DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
May 25 17:08:25 ari-fedora9 kernel: Process X (pid: 1637, ti=de820000 task=dd8c2640 task.ti=de820000)
May 25 17:08:25 ari-fedora9 kernel: Stack:
May 25 17:08:25 ari-fedora9 kernel: dd2d1000 fffffff4 de821e50 de821e5c e0916a33 de821e78 dd2d19c8 df10885c
May 25 17:08:25 ari-fedora9 kernel: <0> dd2d1000 df245680 00000002 d188f4e0 c9902690 00000000 00000302 00000000
May 25 17:08:25 ari-fedora9 kernel: <0> df6b0000 de821e30 de821e30 00000000 00000001 dd2d1844 00000000 00000000
May 25 17:08:25 ari-fedora9 kernel: Call Trace:
May 25 17:08:25 ari-fedora9 kernel: [<e0916a33>] ? radeon_cs_ioctl+0x169/0x17e [radeon]
May 25 17:08:25 ari-fedora9 kernel: [<e07e894f>] ? drm_ioctl+0x251/0x2fa [drm]
May 25 17:08:25 ari-fedora9 kernel: [<e09168ca>] ? radeon_cs_ioctl+0x0/0x17e [radeon]
May 25 17:08:25 ari-fedora9 kernel: [<e083e76c>] ? ttm_bo_vm_fault+0x1e3/0x1ed [ttm]
May 25 17:08:25 ari-fedora9 kernel: [<e0907788>] ? radeon_ttm_fault+0x1c/0x22 [radeon]
May 25 17:08:25 ari-fedora9 kernel: [<c0587420>] ? file_has_perm+0x89/0xa3
May 25 17:08:25 ari-fedora9 kernel: [<e07e86fe>] ? drm_ioctl+0x0/0x2fa [drm]
May 25 17:08:25 ari-fedora9 kernel: [<c04e5c8a>] ? vfs_ioctl+0x1d/0x76
May 25 17:08:25 ari-fedora9 kernel: [<c04e6224>] ? do_vfs_ioctl+0x493/0x4d1
May 25 17:08:25 ari-fedora9 kernel: [<c05876c4>] ? selinux_file_ioctl+0x43/0x46
May 25 17:08:25 ari-fedora9 kernel: [<c04e62a8>] ? sys_ioctl+0x46/0x66
May 25 17:08:25 ari-fedora9 kernel: [<c040365c>] ? syscall_call+0x7/0xb
May 25 17:08:25 ari-fedora9 kernel: Code: 00 85 d2 89 c3 75 12 8b 40 38 85 c0 74 0b 8b 50 14 8d 43 28 e8 5c 23 ff ff 8d 43 28 31 f6 e8 70 21 ff ff eb 3d 6b fe 30 8b 43 20 <83> 3c 38 00 74 30 8b 43 04 8b 40 04 83 c0 14 e8 46 ca e7 df 8b 
May 25 17:08:25 ari-fedora9 kernel: EIP: [<e09163b9>] radeon_cs_parser_fini+0x35/0xd7 [radeon] SS:ESP 0068:de821dec
May 25 17:08:25 ari-fedora9 kernel: CR2: 0000000000000000
May 25 17:08:25 ari-fedora9 kernel: ---[ end trace dab8623b50e36e27 ]---
May 25 17:08:25 ari-fedora9 kernel: [drm:drm_release] *ERROR* Device busy: 1
May 25 17:08:26 ari-fedora9 kdm[1597]: X server for display :0 terminated unexpectedly

Radeon info (grep radeon) from boot:

May 25 17:18:04 ari-fedora9 kernel: [drm] radeon defaulting to kernel modesetting.
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon kernel modesetting enabled.
May 25 17:18:04 ari-fedora9 kernel: radeon 0000:01:00.0: PCI INT A -> GSI 16 (level, low) -> IRQ 16
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: Initializing kernel modesetting.
May 25 17:18:04 ari-fedora9 kernel: radeon 0000:01:00.0: putting AGP V2 device into 4x mode
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: VRAM 64M
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: VRAM from 0x00000000 to 0x03FFFFFF
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: GTT 128M
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: GTT from 0xE8000000 to 0xEFFFFFFF
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: irq initialized.
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: 32M of VRAM memory ready
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: 128M of GTT memory ready.
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: cp idle (0x00008383)
May 25 17:18:04 ari-fedora9 kernel: platform radeon_cp.0: firmware: requesting radeon/R100_cp.bin
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: ring at 0x00000000E8000000
May 25 17:18:04 ari-fedora9 kernel: [drm] radeon: ib pool ready.
May 25 17:18:04 ari-fedora9 kernel: fbcon: radeondrmfb (fb0) is primary device
May 25 17:18:04 ari-fedora9 kernel: fb0: radeondrmfb frame buffer device
May 25 17:18:04 ari-fedora9 kernel: [drm] Initialized radeon 2.0.0 20080528 for 0000:01:00.0 on minor 0
Comment 1 Ari Tilli 2010-08-30 14:21:55 UTC 
Tested this today with current 2.6.32.19-163.fc12.i686 and the machine does not
crash anymore, so I marked this closed. 
( I don't know when fix was made, and to which package7module (drm-libs etc..) but since the use of screen saver does not lock the machine anymore I close this one.
Comment 2 Ari Tilli 2010-08-31 08:15:07 UTC 
Well it again crashed/hung X, now with different kernel error-string
("invalid framebuffer id") but with exactly same behavior.

Aug 31 10:30:14 ari-fedora9 kernel: [drm:drm_mode_getfb] *ERROR* invalid framebu                                                       ffer id
Aug 31 10:31:47 ari-fedora9 abrt: Kerneloops: Reported 1 kernel oopses to Abrt
Aug 31 10:31:47 ari-fedora9 abrtd: Directory 'kerneloops-1283239907-1422-1' crea                                                       tion detected
Aug 31 10:31:47 ari-fedora9 abrtd: Registered Database plugin 'SQLite3'
Aug 31 10:31:48 ari-fedora9 abrtd: New crash /var/spool/abrt/kerneloops-12832399                                                       07-1422-1, processing
Aug 31 10:31:48 ari-fedora9 abrtd: Can't load '/usr/lib/abrt/libRunApp.so': /usr                                                       /lib/abrt/libRunApp.so: cannot open shared object file: No such file or director                                                       y
Aug 31 10:31:48 ari-fedora9 abrtd: Activation of plugin 'RunApp' was not success                                                       ful: Plugin 'RunApp' is not registered
Aug 31 10:32:15 ari-fedora9 kdm: :0[5194]: Hung in XOpenDisplay(:0), aborting
Aug 31 10:32:15 ari-fedora9 kdm: :0[5194]: Cannot connect to :0, giving up
Aug 31 10:32:15 ari-fedora9 kdm[1594]: Display :0 cannot be opened
Comment 3 Bug Zapper 2010-11-03 14:14:20 UTC 
This message is a reminder that Fedora 12 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 12.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '12'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 12's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 12 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 4 Bug Zapper 2010-12-03 14:23:24 UTC 
Fedora 12 changed to end-of-life (EOL) status on 2010-12-02. Fedora 12 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.