Bug 61470 - mga driver dereferences null pointer
mga driver dereferences null pointer
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
7.1
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-03-19 23:49 EST by Need Real Name
Modified: 2008-08-01 12:22 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-30 11:39:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-03-19 23:49:46 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.8) Gecko/20020212

Description of problem:
While running the bubble3d program, the kernel mga driver dereferenced a null
pointer and crashed.  The kernel traceback is included in the "Additional
Information" section.

Version-Release number of selected component (if applicable):
2.4.9-31

How reproducible:
Sometimes

Steps to Reproduce:
1.Run X11 4.1 on a Matrox G450 with DRI enabled and 2 screens.  xinerama is
  disabled.
2.Run bubble3d screen saver.
3.After a random time (typically 3-7 days), the crash will occur.
	

Additional info:

Unable to handle kernel NULL pointer dereference at virtual address 00000004
 printing eip:
e09c6444
*pde = 00000000
Oops: 0002
Kernel 2.4.9-31
CPU:    0
EIP:    0010:[3c59x:__insmod_3c59x_S.bss_L40+822500/107766540]    Tainted: P 
EIP:    0010:[<e09c6444>]    Tainted: P 
EFLAGS: 00010293
EIP is at mga_freelist_put [mga] 0x74 
eax: db285de0   ebx: dbef3aa0   ecx: db285740   edx: 00000000
esi: de80d7a0   edi: 00000001   ebp: de008000   esp: c7dd7f0c
ds: 0018   es: 0018   ss: 0018
Process bubble3d (pid: 528, stackpage=c7dd7000)
Stack: de80d7a0 00000001 e09c7e66 de008000 db280f70 f8448000 e091f898 dbef3aa0 
       dbef3aa0 db280f70 c7dd7f5c de80d7a0 e09c87ad de008000 db280f70 de008800 
       de008000 00000034 00000c60 00000001 00000000 de008000 cfd3b7a0 bfffedf0 
Call Trace: [3c59x:__insmod_3c59x_S.bss_L40+829190/107759850] mga_dma_buffers
[mga] 0x1136 
Call Trace: [<e09c7e66>] mga_dma_buffers [mga] 0x1136 
[3c59x:__insmod_3c59x_S.bss_L40+831565/107757475] mga_dma_vertex [mga] 0x18d 
[<e09c87ad>] mga_dma_vertex [mga] 0x18d 
[3c59x:__insmod_3c59x_S.bss_L40+806308/107782732] mga_ioctl [mga] 0xe4 
[<e09c2504>] mga_ioctl [mga] 0xe4 
[sys_ioctl+535/560] sys_ioctl [kernel] 0x217 
[<c0143c87>] sys_ioctl [kernel] 0x217 
[system_call+51/56] system_call [kernel] 0x33 
[<c0106f3b>] system_call [kernel] 0x33 


Code: 89 42 04 89 48 04 89 10 5b 31 c0 5e c3 eb 0d 90 90 90 90 90
Comment 1 Bugzilla owner 2004-09-30 11:39:27 EDT
Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem
persists.

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.