From mboxrd@z Thu Jan 1 00:00:00 1970 From: bugzilla-daemon-CC+yJ3UmIYqDUpFQwHEjaQ@public.gmane.org Subject: [Bug 58087] New: [-next] nouveau corrupts kernel mm allocator Date: Mon, 10 Dec 2012 14:55:27 +0000 Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1485948980==" Return-path: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: nouveau-bounces+gcfxn-nouveau=m.gmane.org-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org Errors-To: nouveau-bounces+gcfxn-nouveau=m.gmane.org-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org To: nouveau-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org List-Id: nouveau.vger.kernel.org --===============1485948980== Content-Type: multipart/alternative; boundary="1355151328.4cEEeB4a1.2232"; charset="us-ascii" --1355151328.4cEEeB4a1.2232 Date: Mon, 10 Dec 2012 14:55:28 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" https://bugs.freedesktop.org/show_bug.cgi?id=58087 Priority: medium Bug ID: 58087 Assignee: nouveau-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org Summary: [-next] nouveau corrupts kernel mm allocator QA Contact: xorg-team-go0+a7rfsptAfugRpC6u6w@public.gmane.org Severity: normal Classification: Unclassified OS: Linux (All) Reporter: peter-WaGBZJeGNqdsbIuE7sb01tBPR1lH4CV8@public.gmane.org Hardware: x86-64 (AMD64) Status: NEW Version: unspecified Component: Driver/nouveau Product: xorg Created attachment 71269 --> https://bugs.freedesktop.org/attachment.cgi?id=71269&action=edit kernel log showing BUG triggered by nouveau If nouveau_vm_new() fails in nouveau_drm_open(), the cleanup triggered corrupts the kernel slab allocator (in this case, SLUB). Attached is the kernel log showing the page allocation failure and the subsequent BUG in mm/slub.c A similar corruption had previously occurred which triggered a GP fault in the mm allocator from the same code path. This was reported as kernel bug #51291 here https://bugzilla.kernel.org/show_bug.cgi?id=51291 -- You are receiving this mail because: You are the assignee for the bug. --1355151328.4cEEeB4a1.2232 Date: Mon, 10 Dec 2012 14:55:28 +0000 MIME-Version: 1.0 Content-Type: text/html; charset="UTF-8"

Priority	medium
Bug ID	58087
Assignee	nouveau@lists.freedesktop.org
Summary	[-next] nouveau corrupts kernel mm allocator
QA Contact	xorg-team@lists.x.org
Severity	normal
Classification	Unclassified
OS	Linux (All)
Reporter	peter@hurleysoftware.com
Hardware	x86-64 (AMD64)
Status	NEW
Version	unspecified
Component	Driver/nouveau
Product	xorg

Created attachment 71269 [details]
kernel log showing BUG triggered by nouveau

If nouveau_vm_new() fails in nouveau_drm_open(), the cleanup triggered corrupts
the kernel slab allocator (in this case, SLUB).

Attached is the kernel log showing the page allocation failure and the
subsequent BUG in mm/slub.c

A similar corruption had previously occurred which triggered a GP fault in the
mm allocator from the same code path. This was reported as kernel bug #51291
here
https://bugzilla.kernel.org/show_bug.cgi?id=51291

You are receiving this mail because:

You are the assignee for the bug.

--1355151328.4cEEeB4a1.2232-- --===============1485948980== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Nouveau mailing list Nouveau-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org http://lists.freedesktop.org/mailman/listinfo/nouveau --===============1485948980==--