735868 – BUG: unable to handle kernel NULL pointer dereference at 00000002 in __list_del_entry() TAINTED -------D-W

Bug 735868 - BUG: unable to handle kernel NULL pointer dereference at 00000002 in __list_del_entry() TAINTED -------D-W

Summary: BUG: unable to handle kernel NULL pointer dereference at 00000002 in __list_d...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kernel
Sub Component:
Version:	15
Hardware:	i686
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Kernel Maintainer List
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:aa0fc8ea531a584a8db634e5ddc...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-09-05 20:33 UTC by Andrew Vagin
Modified:	2012-04-11 14:20 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-04-11 14:20:05 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Andrew Vagin 2011-09-05 20:33:17 UTC

abrt version: 2.0.3
architecture:   i686
cmdline:        ro root=UUID=e4f40d04-e69f-4b99-9d0c-464120ed626e rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us debug crashkernel=256M
comment:        I don't remember what I did in this moment. Probably It's occured after resume.
component:      kernel
kernel:         2.6.40.3-0.fc15.i686.PAE
kernel_tainted: 640
os_release:     Fedora release 15 (Lovelock)
package:        kernel
reason:         BUG: unable to handle kernel NULL pointer dereference at 00000002
time:           Tue Sep  6 00:25:39 2011

backtrace:
:BUG: unable to handle kernel NULL pointer dereference at 00000002
:IP: [<c05ef3d4>] __list_del_entry+0x58/0xb0
:*pdpt = 00000000304f1001 *pde = 0000000000000000 
:Oops: 0000 [#1] SMP 
:Modules linked in: fuse ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ip6_tables bnep bluetooth arc4 snd_hda_codec_realtek rt2800pci rt2800lib uvcvideo crc_ccitt rt2x00pci rt2x00lib snd_hda_intel snd_hda_codec snd_hwdep snd_seq mac80211 snd_seq_device videodev snd_pcm media cfg80211 iTCO_wdt joydev snd_timer iTCO_vendor_support i2c_i801 snd eeprom_93cx6 soundcore snd_page_alloc eeepc_laptop sparse_keymap rfkill ipv6 i915 drm_kms_helper drm i2c_algo_bit i2c_core video [last unloaded: scsi_wait_scan]
:Pid: 4673, comm: pm-suspend Not tainted 2.6.40.3-0.fc15.i686.PAE #1 ASUSTeK Computer INC. 1000/1000
:EIP: 0060:[<c05ef3d4>] EFLAGS: 00010283 CPU: 0
:EIP is at __list_del_entry+0x58/0xb0
:EAX: f2b5c3f8 EBX: f2b5c3f8 ECX: 00000000 EDX: 00000002
:ESI: f2b5c3e0 EDI: 00000004 EBP: f2803e4c ESP: f2803e34
: DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
:Process pm-suspend (pid: 4673, ti=f2802000 task=f2838ca0 task.ti=f2802000)
:Stack:
: f2803e3c c04309c7 f2803e44 c04309c7 f2803e4c f2b5c3f8 f2803e58 c05ef437
: f2b5c3e0 f2803e6c c0740818 f2b5c3e0 00000000 00000004 f2803e78 c0740884
: f4007e14 f2803e84 c071c837 f4007e14 f2803e90 c071bd90 f4007e00 f2803e9c
:Call Trace:
: [<c04309c7>] ? should_resched+0xd/0x27
: [<c04309c7>] ? should_resched+0xd/0x27
: [<c05ef437>] list_del+0xb/0x1b
: [<c0740818>] led_trigger_unregister+0x1f/0x77
: [<c0740884>] led_trigger_unregister_simple+0x14/0x1e
: [<c071c837>] power_supply_remove_triggers+0x21/0x62
: [<c071bd90>] power_supply_unregister+0x1a/0x25
: [<c0651fb9>] sysfs_remove_battery+0x24/0x2e
: [<c0652978>] battery_notify+0x1b/0x27
: [<c07ffd05>] notifier_call_chain+0x2b/0x4d
: [<c045f86e>] __blocking_notifier_call_chain+0x40/0x52
: [<c045f89f>] blocking_notifier_call_chain+0x1f/0x21
: [<c0472771>] pm_notifier_call_chain+0x16/0x2d
: [<c0472f9b>] enter_state+0xeb/0x113
: [<c04726b3>] state_store+0x98/0xa4
: [<c047261b>] ? pm_trace_dev_match_show+0x16/0x16
: [<c05e30f9>] kobj_attr_store+0x1e/0x23
: [<c053d080>] sysfs_write_file+0xc3/0xee
: [<c04f4858>] vfs_write+0x8f/0xd7
: [<c053cfbd>] ? sysfs_open_file+0x1dc/0x1dc
: [<c04f4a1a>] sys_write+0x42/0x63
: [<c08026df>] sysenter_do_call+0x12/0x28
:Code: 00 00 00 eb 65 81 fa 00 02 20 00 75 1e c7 44 24 10 00 02 20 00 89 44 24 0c c7 44 24 08 b9 75 97 c0 c7 44 24 04 32 00 00 00 eb 3f <8b> 1a 39 c3 74 1a 89 5c 24 10 89 44 24 0c c7 44 24 08 ed 75 97 
:EIP: [<c05ef3d4>] __list_del_entry+0x58/0xb0 SS:ESP 0068:f2803e34
:CR2: 0000000000000002

kernel_tainted_long:
:Kernel has oopsed before.
:Taint on warning.

Comment 1 Andrew Vagin 2011-09-05 20:40:42 UTC

After I installed fc15, my laptop has successfully wake up very rarely.

And one more oops at this moment:

kernel BUG at drivers/gpu/drm/drm_mm.c:370!
invalid opcode: 0000 [#2] SMP
Modules linked in: fuse ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ip6_tables bnep bluetooth arc4 snd_hda_codec_realtek rt2800pci rt2800lib uvcvideo crc_ccitt rt2x00pci rt2x00lib snd_hda_intel snd_hda_codec snd_hwdep snd_seq mac80211 snd_seq_device videodev snd_pcm media cfg80211 iTCO_wdt joydev snd_timer iTCO_vendor_support i2c_i801 snd eeprom_93cx6 soundcore snd_page_alloc eeepc_laptop sparse_keymap rfkill ipv6 i915 drm_kms_helper drm i2c_algo_bit i2c_core video [last unloaded: scsi_wait_scan]
Pid: 853, comm: Xorg Tainted: G      D W   2.6.40.3-0.fc15.i686.PAE #1 ASUSTeK Computer INC. 1000/1000
EIP: 0060:[<f7b3e5d8>] EFLAGS: 00010246 CPU: 0
EIP is at drm_mm_search_free+0x37/0xb8 [drm]
EAX: f2b5c1a8 EBX: f41c7280 ECX: f2b5c1a0 EDX: 00000004
ESI: 00000000 EDI: 00000004 EBP: f6869e04 ESP: f6869de0
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process Xorg (pid: 853, ti=f6868000 task=f4384bc0 task.ti=f6868000)
Stack:
 00121daa ffffffff 00000000 f29763c0 f17a6000 00000000 f17a6000 00000000
 f4178800 f6869e2c f7c372cf 00000000 f6869e18 c04309c7 00000054 f41c7280
 f4178800 f2ab9080 00000064 f6869e40 f7c373e3 f6869e90 fffffff2 f2ab9080
Call Trace:
 [<f7c372cf>] i915_gem_mmap_gtt+0xe8/0x1c8 [i915]
 [<c04309c7>] ? should_resched+0xd/0x27
 [<f7c373e3>] i915_gem_mmap_gtt_ioctl+0x34/0x39 [i915]
 [<f7b3640f>] drm_ioctl+0x2a4/0x38a [drm]
 [<f7c373af>] ? i915_gem_mmap_gtt+0x1c8/0x1c8 [i915]
 [<c040f476>] ? __switch_to_xtra+0x113/0x13b
 [<c04086ba>] ? __switch_to+0xda/0x10a
 [<f7b3616b>] ? drm_copy_field+0x54/0x54 [drm]
 [<c05008d6>] do_vfs_ioctl+0x457/0x488
 [<c07fb4a1>] ? schedule+0x654/0x6b4
 [<c045e276>] ? __run_hrtimer+0xda/0x127
 [<c0436b91>] ? __might_sleep+0x29/0xe4
 [<c0462aee>] ? timekeeping_get_ns+0x16/0x5a
 [<c04fbcee>] ? path_put+0x1a/0x1d
 [<c050094f>] sys_ioctl+0x48/0x69
 [<c08026df>] sysenter_do_call+0x12/0x28
Code: 26 00 83 78 4c 00 89 c3 89 d7 89 ce 74 02 0f 0b 8b 08 c7 45 e0 ff ff ff ff c7 45 e4 00 00 00 00 83 e9 08 eb 6b f6 41 10 01 75 02 <0f> 0b 8b 01 8b 40 14 89 45 dc 8b 41 18 89 45 ec 03 41 14 89 45
EIP: [<f7b3e5d8>] drm_mm_search_free+0x37/0xb8 [drm] SS:ESP 0068:f6869de0

Note You need to log in before you can comment on or make changes to this bug.