Bug 713942

Summary: [abrt] kernel: BUG: unable to handle kernel NULL pointer dereference at 00000001: TAINTED Die
Product: [Fedora] Fedora Reporter: Christian Fillion <cfillion30>
Component: xorg-x11-drv-nouveauAssignee: Ben Skeggs <bskeggs>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 15CC: airlied, ajax, bskeggs, bugzilla, drjones, gansalmon, itamar, jlennox, jonathan, kernel-maint, madhu.chinakonda
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Unspecified   
Whiteboard: abrt_hash:5dd563ada76a03fb50e65c835912bf4345fdcb5b
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-07 15:36:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Christian Fillion 2011-06-16 20:21:17 UTC 
abrt version: 2.0.1
architecture:   i686
cmdline:        ro root=/dev/mapper/vg_cfillionlaptop-lv_root rd_LVM_LV=vg_cfillionlaptop/lv_root rd_LVM_LV=vg_cfillionlaptop/lv_swap rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=fr_FR.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=cf rhgb quiet
component:      kernel
kernel:         2.6.38.7-30.fc15.i686.PAE
kernel_tainted: 128
os_release:     Fedora release 15 (Lovelock)
package:        kernel
reason:         BUG: unable to handle kernel NULL pointer dereference at 00000001
reported_to:    kerneloops: URL=http://submit.kerneloops.org/submitoops.php
time:           Thu Jun 16 15:58:54 2011

backtrace:
:BUG: unable to handle kernel NULL pointer dereference at 00000001
:IP: [<f7c06c65>] nouveau_fence_update+0xe/0xa5 [nouveau]
:*pdpt = 0000000036c05001 *pde = 000000011f45a067 
:Oops: 0000 [#1] SMP 
:last sysfs file: /sys/devices/system/cpu/cpu3/cache/index2/shared_cpu_map
:Modules linked in: tcp_lp fuse sunrpc cpufreq_ondemand acpi_cpufreq mperf ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables nf_conntrack_ftp nf_conntrack_netbios_ns snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm microcode uvcvideo videodev intel_ips joydev sky2 iTCO_wdt snd_timer i2c_i801 iTCO_vendor_support snd soundcore snd_page_alloc ipv6 nouveau ttm drm_kms_helper drm i2c_algo_bit i2c_core video [last unloaded: scsi_wait_scan]
:Pid: 1546, comm: gnome-shell Not tainted 2.6.38.7-30.fc15.i686.PAE #1 SAMSUNG ELECTRONICS CO., LTD. R580/R590                  /R580/R590                  
:EIP: 0060:[<f7c06c65>] EFLAGS: 00010286 CPU: 2
:EIP is at nouveau_fence_update+0xe/0xa5 [nouveau]
:EAX: 00000001 EBX: d3c63280 ECX: f3f040c0 EDX: 00000001
:ESI: edac3ed0 EDI: edac3ed0 EBP: f6cedd14 ESP: f6cedd00
: DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
:Process gnome-shell (pid: 1546, ti=f6cec000 task=edac3ed0 task.ti=f6cec000)
:Stack:
: 001e8480 edac3ed0 d3c63280 edac3ed0 edac3ed0 f6cedd20 f7c06f08 000f4240
: f6cedd4c f7c06f53 00000000 d3c63280 011be22b 00010010 000f4240 00000000
: edad0400 f6d80000 00000010 f6cedd80 f7c07152 00000000 0000052f d3c63280
:Call Trace:
: [<f7c06f08>] __nouveau_fence_signalled+0x1a/0x22 [nouveau]
: [<f7c06f53>] __nouveau_fence_wait+0x43/0xc0 [nouveau]
: [<f7c07152>] nouveau_fence_sync+0x182/0x492 [nouveau]
: [<f7c07871>] validate_list+0x4a/0x279 [nouveau]
: [<f7b5b0c4>] ? ttm_bo_reserve+0x63/0x6d [ttm]
: [<f7c0895d>] nouveau_gem_ioctl_pushbuf+0xb7c/0xb9c [nouveau]
: [<c059bb62>] ? avc_has_perm_noaudit+0x8e/0x346
: [<f7afe45f>] drm_ioctl+0x2a4/0x38a [drm]
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<f7c07de1>] ? nouveau_gem_ioctl_pushbuf+0x0/0xb9c [nouveau]
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<c059cf44>] ? file_has_perm+0x9a/0xb3
: [<f7afe1bb>] ? drm_ioctl+0x0/0x38a [drm]
: [<c04f9f31>] do_vfs_ioctl+0x451/0x482
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<c059d1b5>] ? selinux_file_ioctl+0x39/0x3c
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<c04f9faa>] sys_ioctl+0x48/0x6a
: [<c040969f>] sysenter_do_call+0x12/0x28
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<c0406481>] ? xen_timer_interrupt+0xf0/0x200
: [<c07e0000>] ? cpuid+0x6/0x2a
:Code: 31 db c7 00 00 00 00 00 85 d2 74 0b 8d 45 f8 89 55 f8 e8 24 3a f5 ff 89 d8 5a 5b 5d c3 55 89 e5 57 56 53 83 ec 08 3e 8d 74 26 00 <8b> 30 89 c3 8d 40 38 e8 1e 23 be c8 8d 43 3c 39 43 3c 89 45 f0 
:EIP: [<f7c06c65>] nouveau_fence_update+0xe/0xa5 [nouveau] SS:ESP 0068:f6cedd00
:CR2: 0000000000000001

event_log:
:2011-06-16-16:21:04> Submitting oops report to http://submit.kerneloops.org/submitoops.php
:2011-06-16-16:21:10  Kernel oops report was uploaded
Comment 1 Christian Fillion 2011-06-16 20:26:21 UTC 
Package: kernel
Architecture: i686
OS Release: Fedora release 15 (Lovelock)


Comment
-----
Visit ro.me with Google Chrome
Move your mouse in the clouds
It crash after sometime
Comment 2 Jamie Lennox 2011-07-07 00:53:52 UTC 
Me too. 

Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136110] BUG: unable to handle kernel NULL pointer dereference at 00000001
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136144] IP: [<f7ba5c65>] nouveau_fence_update+0xe/0xa5 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136190] *pdpt = 000000002d4f7001 *pde = 000000012e361067 
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136203] Oops: 0000 [#1] SMP 
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136212] last sysfs file: /sys/devices/system/cpu/cpu1/cache/index2/shared_cpu_map
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136227] Modules linked in: tcp_lp cdc_acm fuse sunrpc cpufreq_ondemand acpi_cpufreq mperf ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables nf_conntrack_netbios_ns snd_hda_codec_analog arc4 rt2800pci rt2800lib crc_ccitt rt2x00pci rt2x00lib mac80211 ir_lirc_codec lirc_dev ir_sony_decoder ir_jvc_decoder ir_rc6_decoder ir_rc5_decoder rc_rc6_mce ir_nec_decoder mceusb rc_core snd_hda_intel snd_hda_codec snd_hwdep snd_seq cfg80211 snd_seq_device microcode uvcvideo snd_pcm videodev joydev snd_timer snd r8169 i2c_i801 mii serio_raw btusb bluetooth soundcore snd_page_alloc iTCO_wdt eeprom_93cx6 iTCO_vendor_support rfkill ipv6 uas usb_storage firewire_ohci firewire_core crc_itu_t nouveau ttm drm_kms_helper drm i2c_algo_bit i2c_core video [last unloaded: scsi_wait_scan]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136440] 
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136445] Pid: 1765, comm: gnome-shell Not tainted 2.6.38.8-32.fc15.i686.PAE #1 HP-Pavilion FK936AA-ABG IQ518a/EVE
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136765] EIP: 0060:[<f7ba5c65>] EFLAGS: 00010286 CPU: 1
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136796] EIP is at nouveau_fence_update+0xe/0xa5 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136806] EAX: 00000001 EBX: ec5c0d40 ECX: f3d040c0 EDX: 00000001
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136816] ESI: f18c8c90 EDI: f18c8c90 EBP: ed465d14 ESP: ed465d00
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136824]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136833] Process gnome-shell (pid: 1765, ti=ed464000 task=f18c8c90 task.ti=ed464000)
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136842] Stack:
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136848]  000fa000 f18c8c90 ec5c0d40 f18c8c90 f18c8c90 ed465d20 f7ba5f08 000f4240
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136875]  ed465d4c f7ba5f53 00000000 ec5c0d40 001cb816 00010010 0007d000 00000000
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.136921]  ed443400 f6900000 00000010 ed465d80 f7ba6152 00000000 00000013 ec5c0d40
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143] Call Trace:
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba5f08>] __nouveau_fence_signalled+0x1a/0x22 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba5f53>] __nouveau_fence_wait+0x43/0xc0 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba6152>] nouveau_fence_sync+0x182/0x492 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba69c4>] validate_list+0x19d/0x279 [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7afa0c4>] ? ttm_bo_reserve+0x63/0x6d [ttm]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba795d>] nouveau_gem_ioctl_pushbuf+0xb7c/0xb9c [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c059bbc6>] ? avc_has_perm_noaudit+0x8e/0x346
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7a9d45f>] drm_ioctl+0x2a4/0x38a [drm]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7ba6de1>] ? nouveau_gem_ioctl_pushbuf+0x0/0xb9c [nouveau]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c059cfa8>] ? file_has_perm+0x9a/0xb3
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<f7a9d1bb>] ? drm_ioctl+0x0/0x38a [drm]
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c04f9f11>] do_vfs_ioctl+0x451/0x482
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c059d219>] ? selinux_file_ioctl+0x39/0x3c
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c04f9f8a>] sys_ioctl+0x48/0x6a
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c040969f>] sysenter_do_call+0x12/0x28
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143]  [<c0406481>] ? xen_timer_interrupt+0xe8/0x200
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143] Code: 31 db c7 00 00 00 00 00 85 d2 74 0b 8d 45 f8 89 55 f8 e8 24 3a f5 ff 89 d8 5a 5b 5d c3 55 89 e5 57 56 53 83 ec 08 3e 8d 74 26 00 <8b> 30 89 c3 8d 40 38 e8 2e 35 c4 c8 8d 43 3c 39 43 3c 89 45 f0 
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143] EIP: [<f7ba5c65>] nouveau_fence_update+0xe/0xa5 [nouveau] SS:ESP 0068:ed465d00
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.144143] CR2: 0000000000000001
Jul  7 10:14:54 jamie-desktop kernel: [ 2179.163236] ---[ end trace 2ea439d5b6109e0b ]---

[jamie@jamie-desktop log]$ uname -a 
Linux jamie-desktop 2.6.38.8-32.fc15.i686.PAE #1 SMP Mon Jun 13 19:55:27 UTC 2011 i686 i686 i386 GNU/Linux

[jamie@jamie-desktop log]$ rpm -qa | grep nouv
xorg-x11-drv-nouveau-0.0.16-24.20110324git8378443.fc15.i686

[jamie@jamie-desktop log]$ rpm -qi xorg-x11-drv-nouveau-0.0.16-24.20110324git8378443.fc15.i686
Name        : xorg-x11-drv-nouveau
Epoch       : 1
Version     : 0.0.16
Release     : 24.20110324git8378443.fc15
Architecture: i686
Install Date: Thu 09 Jun 2011 12:47:22 PM EST
Group       : User Interface/X Hardware Support
Size        : 244701
License     : MIT
Signature   : RSA/SHA256, Thu 24 Mar 2011 10:11:16 AM EST, Key ID b4ebf579069c8460
Source RPM  : xorg-x11-drv-nouveau-0.0.16-24.20110324git8378443.fc15.src.rpm
Build Date  : Wed 23 Mar 2011 06:17:03 PM EST
Build Host  : x86-12.phx2.fedoraproject.org
Relocations : (not relocatable)
Packager    : Fedora Project
Vendor      : Fedora Project
URL         : http://www.x.org
Summary     : Xorg X11 nouveau video driver for NVIDIA graphics chipsets
Description :
X.Org X11 nouveau video driver.
Comment 3 Andrew Jones 2011-07-07 07:15:22 UTC 
I assume these are HVM guests (based on the module list). If so, then this is likely a xen hypervisor issue (an issue with cpuid emulation). What's the version of the hypervisor running on the host (the dom0 kernel version)?
Comment 4 Jamie Lennox 2011-07-07 23:34:51 UTC 
No, this is a stock F15 on a HP Touchsmart IQ518a.

This has happened multiple times (although just started recently). I'm working with clutter and thus opengl, but there is no pattern to it that i can see.
Comment 5 Fedora End Of Life 2012-08-07 15:36:45 UTC 
This message is a notice that Fedora 15 is now at end of life. Fedora
has stopped maintaining and issuing updates for Fedora 15. It is
Fedora's policy to close all bug reports from releases that are no
longer maintained. At this time, all open bugs with a Fedora 'version'
of '15' have been closed as WONTFIX.

(Please note: Our normal process is to give advanced warning of this
occurring, but we forgot to do that. A thousand apologies.)

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, feel free to reopen
this bug and simply change the 'version' to a later Fedora version.

Bug Reporter: Thank you for reporting this issue and we are sorry that
we were unable to fix it before Fedora 15 reached end of life. If you
would still like to see this bug fixed and are able to reproduce it
against a later version of Fedora, you are encouraged to click on
"Clone This Bug" (top right of this page) and open it against that
version of Fedora.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

The process we are following is described here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping