Bug#899998: nvidia-legacy-340xx-kernel-dkms: Fails to boot on 4.16.0-2
Phil Miller
unmobile at gmail.com
Tue Jul 3 03:04:56 BST 2018
After recent upgrades, to 4.16.0-2-amd64 and driver version 340.107-1, I
now see crashes on boot, with the following kernel output:
Jul 2 20:28:58 itu kernel: [ 51.342077] gnome-shell[1422]: segfault at
20 ip 00007f6e99b6caed sp 00007fff8bec9950 error 4 in
libmutter-2.so.0.0.0[7f6e99a6f000+165000]
Jul 2 20:28:58 itu kernel: [ 51.786429] gnome-shell[1511]: segfault at
20 ip 00007fd5b0236aed sp 00007fffaa6b1bd0 error 4 in
libmutter-2.so.0.0.0[7fd5b0139000+165000]
Jul 2 20:29:00 itu kernel: [ 53.629851] resource sanity check:
requesting [mem 0x000c0000-0x000fffff], which spans more than PCI Bus
0000:00 [mem 0x000d0000-0x000dffff window]
Jul 2 20:29:00 itu kernel: [ 53.630028] caller _nv000788rm+0xe4/0x1c0
[nvidia] mapping multiple BARs
Jul 2 20:29:01 itu kernel: [ 54.708315] usercopy: Kernel memory exposure
attempt detected from SLUB object 'nvidia_stack_t' (offset 11864, size 3)!
Jul 2 20:29:01 itu kernel: [ 54.708327] ------------[ cut here
]------------
Jul 2 20:29:01 itu kernel: [ 54.708328] kernel BUG at
/build/linux-uwVqDp/linux-4.16.16/mm/usercopy.c:100!
Jul 2 20:29:01 itu kernel: [ 54.708335] invalid opcode: 0000 [#1] SMP PTI
Jul 2 20:29:01 itu kernel: [ 54.708337] Modules linked in: pci_stub
vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) cpufreq_powersave
cpufreq_userspace cpufreq_conservative binfmt_misc snd_hda_codec_realtek
snd_hda_codec_generic intel_powerclamp snd_hda_intel kvm_intel kvm
snd_hda_codec snd_hda_core irqbypass snd_hwdep snd_pcm_oss snd_mixer_oss
snd_pcm intel_cstate intel_uncore iTCO_wdt iTCO_vendor_support evdev dcdbas
snd_timer mei_me shpchp snd mei dell_smm_hwmon lpc_ich i7core_edac pcspkr
serio_raw sg button soundcore acpi_cpufreq nvidia(PO) drm sunrpc f71882fg
coretemp adt7475 hwmon_vid loop parport_pc ppdev lp parport ip_tables
x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb
crypto_simd cryptd glue_helper aes_x86_64 sr_mod cdrom sd_mod uas
usb_storage hid_generic usbhid hid ahci libahci broadcom
Jul 2 20:29:01 itu kernel: [ 54.708391] bcm_phy_lib ehci_pci libata
ehci_hcd crc32c_intel psmouse tg3 scsi_mod i2c_i801 usbcore libphy
usb_common
Jul 2 20:29:01 itu kernel: [ 54.708403] CPU: 3 PID: 1554 Comm: Xorg
Tainted: P O 4.16.0-2-amd64 #1 Debian 4.16.16-2
Jul 2 20:29:01 itu kernel: [ 54.708405] Hardware name: Dell Inc.
Precision T1500/0XC7MM, BIOS 2.0.3 03/15/2010
Jul 2 20:29:01 itu kernel: [ 54.708411] RIP:
0010:usercopy_abort+0x69/0x80
Jul 2 20:29:01 itu kernel: [ 54.708413] RSP: 0018:ffffbd3a82c17ba8
EFLAGS: 00010286
Jul 2 20:29:01 itu kernel: [ 54.708416] RAX: 000000000000006b RBX:
0000000000000003 RCX: 0000000000000000
Jul 2 20:29:01 itu kernel: [ 54.708418] RDX: 0000000000000000 RSI:
ffff9d9e3fcd6738 RDI: ffff9d9e3fcd6738
Jul 2 20:29:01 itu kernel: [ 54.708420] RBP: 0000000000000003 R08:
00000000000002d6 R09: 0000000000000004
Jul 2 20:29:01 itu kernel: [ 54.708422] R10: ffffffffb1077e48 R11:
ffffffffb17a8dcd R12: 0000000000000001
Jul 2 20:29:01 itu kernel: [ 54.708424] R13: ffff9d9e1537de5b R14:
ffff9d9e1537de58 R15: ffff9d9e1537dea0
Jul 2 20:29:01 itu kernel: [ 54.708427] FS: 00007f97a11b06c0(0000)
GS:ffff9d9e3fcc0000(0000) knlGS:0000000000000000
Jul 2 20:29:01 itu kernel: [ 54.708429] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
Jul 2 20:29:01 itu kernel: [ 54.708431] CR2: 00005639973ffe30 CR3:
00000004160c2000 CR4: 00000000000006e0
Jul 2 20:29:01 itu kernel: [ 54.708433] Call Trace:
Jul 2 20:29:01 itu kernel: [ 54.708442] __check_heap_object+0xe7/0x120
Jul 2 20:29:01 itu kernel: [ 54.708445] __check_object_size+0x9c/0x1a0
Jul 2 20:29:01 itu kernel: [ 54.708566] os_memcpy_to_user+0x21/0x40
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.708693] _nv001372rm+0xa5/0x260 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.708784] ? _nv004784rm+0x4eba/0x5500
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.708870] ? _nv004331rm+0xec/0xf0 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.708954] ? _nv004326rm+0xca/0x650
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709035] ? _nv015126rm+0x576/0x5c0
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709119] ? _nv000694rm+0x2e/0x60 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709194] ? _nv000789rm+0x5f5/0x8b0
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709268] ? rm_ioctl+0x73/0x100 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709320] ? nvidia_ioctl+0x221/0x460
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709374] ?
nvidia_frontend_ioctl+0x2d/0x60 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709427] ?
nvidia_frontend_unlocked_ioctl+0x19/0x20 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.709430] ? do_vfs_ioctl+0xa4/0x630
Jul 2 20:29:01 itu kernel: [ 54.709434] ? handle_mm_fault+0xdc/0x210
Jul 2 20:29:01 itu kernel: [ 54.709436] ? SyS_ioctl+0x74/0x80
Jul 2 20:29:01 itu kernel: [ 54.709440] ? do_syscall_64+0x6c/0x130
Jul 2 20:29:01 itu kernel: [ 54.709444] ?
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jul 2 20:29:01 itu kernel: [ 54.709446] Code: 0f 44 d0 53 48 c7 c0 41 de
03 b1 51 48 c7 c6 dd d3 02 b1 41 53 48 89 f9 48 0f 45 f0 4c 89 d2 48 c7 c7
28 df 03 b1 e8 f1 2e ea ff <0f> 0b 49 c7 c1 ac de 04 b1 4d 89 cb 4d 89 c8
eb a5 66 0f 1f 44
Jul 2 20:29:01 itu kernel: [ 54.709473] RIP: usercopy_abort+0x69/0x80
RSP: ffffbd3a82c17ba8
Jul 2 20:29:01 itu kernel: [ 54.709475] ---[ end trace a4e6d9846776d125
]---
Jul 2 20:29:01 itu kernel: [ 54.710862] BUG: unable to handle kernel
NULL pointer dereference at 0000000000000642
Jul 2 20:29:01 itu kernel: [ 54.710946] IP: _nv016786rm+0xe0/0x1b0
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.710948] PGD 0 P4D 0
Jul 2 20:29:01 itu kernel: [ 54.710951] Oops: 0000 [#2] SMP PTI
Jul 2 20:29:01 itu kernel: [ 54.710952] Modules linked in: pci_stub
vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) cpufreq_powersave
cpufreq_userspace cpufreq_conservative binfmt_misc snd_hda_codec_realtek
snd_hda_codec_generic intel_powerclamp snd_hda_intel kvm_intel kvm
snd_hda_codec snd_hda_core irqbypass snd_hwdep snd_pcm_oss snd_mixer_oss
snd_pcm intel_cstate intel_uncore iTCO_wdt iTCO_vendor_support evdev dcdbas
snd_timer mei_me shpchp snd mei dell_smm_hwmon lpc_ich i7core_edac pcspkr
serio_raw sg button soundcore acpi_cpufreq nvidia(PO) drm sunrpc f71882fg
coretemp adt7475 hwmon_vid loop parport_pc ppdev lp parport ip_tables
x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb
crypto_simd cryptd glue_helper aes_x86_64 sr_mod cdrom sd_mod uas
usb_storage hid_generic usbhid hid ahci libahci broadcom
Jul 2 20:29:01 itu kernel: [ 54.710985] bcm_phy_lib ehci_pci libata
ehci_hcd crc32c_intel psmouse tg3 scsi_mod i2c_i801 usbcore libphy
usb_common
Jul 2 20:29:01 itu kernel: [ 54.710992] CPU: 3 PID: 1554 Comm: Xorg
Tainted: P D O 4.16.0-2-amd64 #1 Debian 4.16.16-2
Jul 2 20:29:01 itu kernel: [ 54.710993] Hardware name: Dell Inc.
Precision T1500/0XC7MM, BIOS 2.0.3 03/15/2010
Jul 2 20:29:01 itu kernel: [ 54.711074] RIP: 0010:_nv016786rm+0xe0/0x1b0
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711076] RSP: 0018:ffffbd3a82c17d28
EFLAGS: 00010046
Jul 2 20:29:01 itu kernel: [ 54.711078] RAX: 0000000000000612 RBX:
0000000000000000 RCX: 0000000000000000
Jul 2 20:29:01 itu kernel: [ 54.711079] RDX: ffffbd3a82c17d90 RSI:
ffff9d9e0dc65ff8 RDI: ffffbd3a82c17d90
Jul 2 20:29:01 itu kernel: [ 54.711081] RBP: ffff9d9e0dc65ff8 R08:
ffffffffc0b5de4c R09: ffff9d9e275808d8
Jul 2 20:29:01 itu kernel: [ 54.711082] R10: 0000000000000920 R11:
00000000ffffff00 R12: 0000000000000200
Jul 2 20:29:01 itu kernel: [ 54.711084] R13: ffff9d9e14365100 R14:
ffff9d9e2d194800 R15: ffff9d9e2d194800
Jul 2 20:29:01 itu kernel: [ 54.711085] FS: 0000000000000000(0000)
GS:ffff9d9e3fcc0000(0000) knlGS:0000000000000000
Jul 2 20:29:01 itu kernel: [ 54.711087] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
Jul 2 20:29:01 itu kernel: [ 54.711089] CR2: 0000000000000642 CR3:
000000001400a000 CR4: 00000000000006e0
Jul 2 20:29:01 itu kernel: [ 54.711090] Call Trace:
Jul 2 20:29:01 itu kernel: [ 54.711164] ?
rm_free_unused_clients+0x64/0xf0 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711218] ? os_pci_read_dword+0x12/0x30
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711269] ?
nv_check_pci_config_space+0x262/0x2e0 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711321] ? nvidia_close+0xc2/0x440
[nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711375] ?
nvidia_frontend_close+0x47/0x80 [nvidia]
Jul 2 20:29:01 itu kernel: [ 54.711378] ? __fput+0xd0/0x1e0
Jul 2 20:29:01 itu kernel: [ 54.711381] ? task_work_run+0x8a/0xb0
Jul 2 20:29:01 itu kernel: [ 54.711384] ? do_exit+0x2e1/0xb40
Jul 2 20:29:01 itu kernel: [ 54.711386] ? SyS_ioctl+0x74/0x80
Jul 2 20:29:01 itu kernel: [ 54.711389] ? rewind_stack_do_exit+0x17/0x20
Jul 2 20:29:01 itu kernel: [ 54.711391] Code: 08 48 83 c4 08 5b 41 5c c3
66 90 48 8b 7b 48 48 8b 15 45 ea 44 00 48 89 ee e8 9d d1 b2 ff 85 c0 89 c3
75 c6 48 8b 7d 00 48 8b 07 <4c> 39 60 30 0f 85 9c 00 00 00 48 c7 c6 d0 c0
fa c0 e8 3a d0 b2
Jul 2 20:29:01 itu kernel: [ 54.711497] RIP: _nv016786rm+0xe0/0x1b0
[nvidia] RSP: ffffbd3a82c17d28
Jul 2 20:29:01 itu kernel: [ 54.711498] CR2: 0000000000000642
Jul 2 20:29:01 itu kernel: [ 54.711499] ---[ end trace a4e6d9846776d126
]---
Jul 2 20:29:01 itu kernel: [ 54.711501] Fixing recursive fault but
reboot is needed!
Uoti's suggested workaround does let me boot, start GDM, and log in.
I still see a similar warning stack trace as what I reported earlier, which
is unsurprising:
Jul 2 20:55:40 itu kernel: [ 52.008231] gnome-shell[1424]: segfault at
20 ip 00007f7ecad2baed sp 00007fffde92ff10 error 4 in
libmutter-2.so.0.0.0[7f7ecac2e000+165000]
Jul 2 20:55:41 itu kernel: [ 52.503987] gnome-shell[1512]: segfault at
20 ip 00007f0d5a7ffaed sp 00007fff7ef548b0 error 4 in
libmutter-2.so.0.0.0[7f0d5a702000+165000]
Jul 2 20:55:43 itu kernel: [ 54.317041] resource sanity check:
requesting [mem 0x000c0000-0x000fffff], which spans more than PCI Bus
0000:00 [mem 0x000d0000-0x000dffff window]
Jul 2 20:55:43 itu kernel: [ 54.317216] caller _nv000788rm+0xe4/0x1c0
[nvidia] mapping multiple BARs
Jul 2 20:55:44 itu kernel: [ 55.381614] ------------[ cut here
]------------
Jul 2 20:55:44 itu kernel: [ 55.381617] Bad or missing usercopy
whitelist? Kernel memory exposure attempt detected from SLUB object
'nvidia_stack_t' (offset 11864, size 3)!
Jul 2 20:55:44 itu kernel: [ 55.381628] WARNING: CPU: 1 PID: 1555 at
/build/linux-uwVqDp/linux-4.16.16/mm/usercopy.c:81 usercopy_warn+0x7e/0xa0
Jul 2 20:55:44 itu kernel: [ 55.381629] Modules linked in: pci_stub
vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) cpufreq_powersave
cpufreq_userspace cpufreq_conservative binfmt_misc snd_hda_codec_realtek
snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep
snd_pcm_oss intel_powerclamp snd_mixer_oss kvm_intel snd_pcm iTCO_wdt
iTCO_vendor_support kvm evdev snd_timer irqbypass intel_cstate mei_me mei
dcdbas intel_uncore shpchp sg snd serio_raw dell_smm_hwmon lpc_ich pcspkr
i7core_edac button soundcore acpi_cpufreq nvidia(PO) sunrpc drm f71882fg
coretemp adt7475 hwmon_vid loop parport_pc ppdev lp parport ip_tables
x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb
crypto_simd cryptd glue_helper aes_x86_64 sr_mod cdrom sd_mod uas
usb_storage hid_generic usbhid hid ahci broadcom bcm_phy_lib
Jul 2 20:55:44 itu kernel: [ 55.381672] libahci ehci_pci libata
ehci_hcd crc32c_intel psmouse tg3 scsi_mod i2c_i801 usbcore libphy
usb_common
Jul 2 20:55:44 itu kernel: [ 55.381681] CPU: 1 PID: 1555 Comm: Xorg
Tainted: P O 4.16.0-2-amd64 #1 Debian 4.16.16-2
Jul 2 20:55:44 itu kernel: [ 55.381682] Hardware name: Dell Inc.
Precision T1500/0XC7MM, BIOS 2.0.3 03/15/2010
Jul 2 20:55:44 itu kernel: [ 55.381684] RIP: 0010:usercopy_warn+0x7e/0xa0
Jul 2 20:55:44 itu kernel: [ 55.381685] RSP: 0018:ffff9d02021f7bb8
EFLAGS: 00010286
Jul 2 20:55:44 itu kernel: [ 55.381686] RAX: 0000000000000000 RBX:
ffff90c2d4ec5e58 RCX: 0000000000000006
Jul 2 20:55:44 itu kernel: [ 55.381687] RDX: 0000000000000007 RSI:
0000000000000082 RDI: ffff90c2ffc56730
Jul 2 20:55:44 itu kernel: [ 55.381688] RBP: 0000000000000003 R08:
00000000000002d7 R09: 0000000000000004
Jul 2 20:55:44 itu kernel: [ 55.381689] R10: ffffffffb1677e48 R11:
0000000000000001 R12: 0000000000000001
Jul 2 20:55:44 itu kernel: [ 55.381690] R13: ffff90c2d4ec5e5b R14:
ffff90c2d4ec5e58 R15: ffff90c2d4ec5ea0
Jul 2 20:55:44 itu kernel: [ 55.381692] FS: 00007f61486026c0(0000)
GS:ffff90c2ffc40000(0000) knlGS:0000000000000000
Jul 2 20:55:44 itu kernel: [ 55.381693] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
Jul 2 20:55:44 itu kernel: [ 55.381694] CR2: 000055c194df9c40 CR3:
00000004266fa000 CR4: 00000000000006e0
Jul 2 20:55:44 itu kernel: [ 55.381695] Call Trace:
Jul 2 20:55:44 itu kernel: [ 55.381700] __check_object_size+0x9c/0x1a0
Jul 2 20:55:44 itu kernel: [ 55.381795] os_memcpy_to_user+0x21/0x40
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.381888] _nv001372rm+0xa5/0x260 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.381982] ? _nv004784rm+0x4eba/0x5500
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382075] ? _nv004331rm+0xec/0xf0 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382168] ? _nv004326rm+0xca/0x650
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382257] ? _nv015126rm+0x576/0x5c0
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382349] ? _nv000694rm+0x2e/0x60 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382432] ? _nv000789rm+0x5f5/0x8b0
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382512] ? rm_ioctl+0x73/0x100 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382570] ? nvidia_ioctl+0x221/0x460
[nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382628] ?
nvidia_frontend_ioctl+0x2d/0x60 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382686] ?
nvidia_frontend_unlocked_ioctl+0x19/0x20 [nvidia]
Jul 2 20:55:44 itu kernel: [ 55.382688] ? do_vfs_ioctl+0xa4/0x630
Jul 2 20:55:44 itu kernel: [ 55.382691] ? handle_mm_fault+0xdc/0x210
Jul 2 20:55:44 itu kernel: [ 55.382693] ? SyS_ioctl+0x74/0x80
Jul 2 20:55:44 itu kernel: [ 55.382696] ? do_syscall_64+0x6c/0x130
Jul 2 20:55:44 itu kernel: [ 55.382700] ?
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Jul 2 20:55:44 itu kernel: [ 55.382701] Code: 48 c7 c0 41 de 63 b1 48 0f
44 c2 41 50 51 41 51 48 89 f9 49 89 f1 4d 89 d8 4c 89 d2 48 89 c6 48 c7 c7
88 de 63 b1 e8 52 45 e4 ff <0f> 0b 48 83 c4 18 c3 48 c7 c6 ac de 64 b1 49
89 f1 49 89 f3 eb
Jul 2 20:55:44 itu kernel: [ 55.382729] ---[ end trace 78d6c105adaca01d
]---
Jul 2 21:02:05 itu kernel: [ 436.273458] fuse init (API version 7.26)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nvidia-devel/attachments/20180702/f0298bb0/attachment-0001.html>
More information about the pkg-nvidia-devel
mailing list