Bug 967336 - Kernel NULL pointer dereference
Kernel NULL pointer dereference
Product: Fedora
Classification: Fedora
Component: xorg-x11-drv-nouveau (Show other bugs)
x86_64 Linux
unspecified Severity high
: ---
: ---
Assigned To: Ben Skeggs
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2013-05-26 13:23 EDT by Ives.Gwen
Modified: 2014-02-05 16:33 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-02-05 16:33:28 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
abrt analysis (34.54 KB, application/zip)
2013-05-26 13:23 EDT, Ives.Gwen
no flags Details

  None (edit)
Description Ives.Gwen 2013-05-26 13:23:52 EDT
Created attachment 753339 [details]
abrt analysis

Description of problem:

The kernel oopses when booting with an external HDMI monitor attached or when attaching an HDMI monitor to an already booted machine. Attaching a monitor via a VGA cable works correctly. This is using nouveau on a laptop with both HD4000 and Geforce 650M. The abrt analysis including a backtrace attached.

Version-Release number of selected component (if applicable):

kernel 3.9.2-200.fc18.x86_64 (is the same with 3.9.4-200)

How reproducible:


Steps to Reproduce:
1. Attach an HDMI cable to the laptop
2. Boot up

Actual results:
Kernel oops

Expected results:
No oops

Additional info:

BUG: unable to handle kernel NULL pointer dereference at           (null)
IP: [<ffffffffa01cfece>] nvc0_vm_map_sg+0x8e/0x110 [nouveau]
PGD 21e97a067 PUD 2230a5067 PMD 0 
Oops: 0000 [#1] SMP 
Modules linked in: fuse ebtable_nat nf_conntrack_netbios_ns nf_conntrack_broadcast ipt_MASQUERADE ip6table_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 iptable_nat nf_nat_ipv4 nf_nat iptable_mangle nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ebtable_filter ebtables ip6table_filter ip6_tables be2iscsi iscsi_boot_sysfs bnx2i cnic uio cxgb4i cxgb4 cxgb3i cxgb3 mdio libcxgbi ib_iser rdma_cm ib_addr iw_cm ib_cm ib_sa ib_mad ib_core rfcomm iscsi_tcp libiscsi_tcp bnep libiscsi scsi_transport_iscsi vfat fat arc4 iTCO_wdt iTCO_vendor_support asus_wmi sparse_keymap snd_hda_codec_realtek iwldvm mac80211 snd_hda_intel snd_hda_codec uvcvideo acpi_cpufreq mperf coretemp snd_hwdep btusb snd_seq videobuf2_vmalloc bluetooth videobuf2_memops microcode snd_seq_device videobuf2_core videodev iwlwifi snd_pcm media cfg80211 snd_page_alloc snd_timer snd serio_raw mei lpc_ich i2c_i801 soundcore rfkill mfd_core vhost_net tun macvtap macvlan kvm_intel kvm uinput nouveau i915 i2c_algo_bit crc32_pclmul crc32c_intel ttm drm_kms_helper ghash_clmulni_intel drm mxm_wmi i2c_core video wmi
CPU 5 
Pid: 914, comm: Xorg Not tainted 3.9.2-200.fc18.x86_64 #1 ASUSTeK COMPUTER INC. N76VZ/N76VZ
RIP: 0010:[<ffffffffa01cfece>]  [<ffffffffa01cfece>] nvc0_vm_map_sg+0x8e/0x110 [nouveau]
RSP: 0018:ffff88020d069798  EFLAGS: 00010206
RAX: ffff88021d9f5240 RBX: 0000000000004e90 RCX: 0000000000000000
RDX: 0000000000005000 RSI: 0000000000000003 RDI: ffff88021d9f5240
RBP: ffff88020d0697f8 R08: 0000000000000a00 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff88021e84e200
R13: 0000000000000000 R14: 0000000000000000 R15: ffff88021d9f5240
FS:  00007f8b5e35d940(0000) GS:ffff88022ef40000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000021e899000 CR4: 00000000001407e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process Xorg (pid: 914, threadinfo ffff88020d068000, task ffff88020c35c650)
 00004e941e999168 0000000000005000 0000000500000000 0000000000000000
 ffff8802225c5400 ffff8802225c5440 ffff88021efa0d80 0000000000000a00
 ffff88021e84e200 ffff88021efa0d80 0000000000000000 ffff8802225c5440
Call Trace:
 [<ffffffffa01cddc2>] nouveau_vm_map_sg+0xc2/0x130 [nouveau]
 [<ffffffffa02245d8>] nouveau_vma_getmap.isra.11+0x68/0xa0 [nouveau]
 [<ffffffffa0224695>] nouveau_bo_move_m2mf.isra.12+0x85/0x140 [nouveau]
 [<ffffffffa01cda13>] ? nouveau_vm_map_at+0x153/0x1c0 [nouveau]
 [<ffffffffa022509a>] nouveau_bo_move+0x9a/0x400 [nouveau]
 [<ffffffffa0065e15>] ttm_bo_handle_move_mem+0x245/0x610 [ttm]
 [<ffffffffa0066d00>] ? ttm_bo_mem_space+0x180/0x360 [ttm]
 [<ffffffffa0066ff7>] ttm_bo_move_buffer+0x117/0x130 [ttm]
 [<ffffffff8122ac2a>] ? ext4_dirty_inode+0x5a/0x70
 [<ffffffffa00670aa>] ttm_bo_validate+0x9a/0x110 [ttm]
 [<ffffffffa022590c>] nouveau_bo_validate+0x1c/0x20 [nouveau]
 [<ffffffffa0225b3b>] nouveau_bo_pin+0x9b/0x100 [nouveau]
 [<ffffffff8130c0e4>] ? snprintf+0x34/0x40
 [<ffffffffa0248915>] nv50_crtc_mode_set_base+0x55/0xf0 [nouveau]
 [<ffffffffa010820b>] drm_crtc_helper_set_config+0x77b/0xb30 [drm_kms_helper]
 [<ffffffffa003075e>] drm_mode_set_config_internal+0x2e/0x60 [drm]
 [<ffffffffa0032ebc>] drm_mode_setcrtc+0x10c/0x570 [drm]
 [<ffffffff8165e30d>] ? mutex_lock+0x1d/0x50
 [<ffffffffa0023483>] drm_ioctl+0x4d3/0x580 [drm]
 [<ffffffff81160281>] ? handle_mm_fault+0x291/0x650
 [<ffffffffa0032db0>] ? drm_mode_setplane+0x3b0/0x3b0 [drm]
 [<ffffffff811b14f7>] do_vfs_ioctl+0x97/0x580
 [<ffffffff812a126a>] ? inode_has_perm.isra.32.constprop.62+0x2a/0x30
 [<ffffffff812a28f7>] ? file_has_perm+0x97/0xb0
 [<ffffffff811b1a71>] sys_ioctl+0x91/0xb0
 [<ffffffff81669a59>] system_call_fastpath+0x16/0x1b
Code: a4 4c 89 e8 48 89 4d b0 4d 89 fd 48 89 55 a8 49 89 c7 eb 10 66 0f 1f 84 00 00 00 00 00 48 8b 55 c8 8b 72 30 48 8b 4d b8 4c 89 ff <4a> 8b 04 29 48 c1 e8 08 48 89 c2 48 83 c8 03 48 83 ca 01 83 e6 
RIP  [<ffffffffa01cfece>] nvc0_vm_map_sg+0x8e/0x110 [nouveau]
 RSP <ffff88020d069798>
Comment 1 Fedora End Of Life 2013-12-21 08:44:40 EST
This message is a reminder that Fedora 18 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 18. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '18'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 18's end of life.

Thank you for reporting this issue and we are sorry that we may not be 
able to fix it before Fedora 18 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior to Fedora 18's end of life.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 2 Fedora End Of Life 2014-02-05 16:33:28 EST
Fedora 18 changed to end-of-life (EOL) status on 2014-01-14. Fedora 18 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.