Ubuntu
linux package

Bug #1907318
Comment #7

Comment 7 for bug 1907318

Revision history for this message

Asif Youssuff (yoasif) wrote on 2021-02-09:

I continue to see these lockups in 5.8.0-43-generic #49-Ubuntu

asif@ThinkPad-T510:~$ uname -a
Linux ThinkPad-T510 5.8.0-43-generic #49-Ubuntu SMP Fri Feb 5 03:01:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

[ 156.659907] ------------[ cut here ]------------
[ 156.659908] refcount_t: underflow; use-after-free.
[ 156.659936] WARNING: CPU: 1 PID: 1982 at lib/refcount.c:28 refcount_warn_saturate+0xae/0xf0
[ 156.659937] Modules linked in: rfcomm ccm cmac algif_hash algif_skcipher af_alg bnep lz4 zram zfs(PO) zunicode(PO) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O) zlua(PO) intel_powerclamp coretemp kvm_intel uvcvideo kvm videobuf2_vmalloc iwlmvm videobuf2_memops intel_cstate joydev mac80211 videobuf2_v4l2 input_leds libarc4 serio_raw videobuf2_common btusb iwlwifi btrtl videodev btbcm btintel intel_ips at24 mc wmi_bmof bluetooth snd_seq_midi thinkpad_acpi snd_seq_midi_event snd_hda_codec_hdmi snd_hda_codec_conexant nvram snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg snd_hda_codec cfg80211 ecdh_generic ecc mei_me snd_hda_core snd_rawmidi snd_hwdep mei snd_seq snd_pcm snd_seq_device snd_timer snd soundcore mac_hid sch_fq_codel msr parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c nouveau crct10dif_pclmul crc32_pclmul ghash_clmulni_intel mxm_wmi i2c_algo_bit ttm aesni_intel crypto_simd cryptd psmouse drm_kms_helper
[ 156.660007] glue_helper i2c_i801 i2c_smbus syscopyarea ahci sysfillrect sysimgblt sdhci_pci libahci fb_sys_fops firewire_ohci cec cqhci rc_core sdhci lpc_ich firewire_core crc_itu_t drm e1000e wmi video
[ 156.660026] CPU: 1 PID: 1982 Comm: Xorg Tainted: P O 5.8.0-43-generic #49-Ubuntu
[ 156.660028] Hardware name: LENOVO 43147PU/43147PU, BIOS 6MET92WW (1.52 ) 09/26/2012
[ 156.660032] RIP: 0010:refcount_warn_saturate+0xae/0xf0
[ 156.660036] Code: d8 3f 6a 01 01 e8 e7 7f b1 ff 0f 0b 5d c3 80 3d c5 3f 6a 01 00 75 91 48 c7 c7 00 48 9f 85 c6 05 b5 3f 6a 01 01 e8 c7 7f b1 ff <0f> 0b 5d c3 80 3d a3 3f 6a 01 00 0f 85 6d ff ff ff 48 c7 c7 58 48
[ 156.660038] RSP: 0018:ffffb8a9475f3cc8 EFLAGS: 00010282
[ 156.660041] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffff9693b3c98cd8
[ 156.660043] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9693b3c98cd0
[ 156.660044] RBP: ffffb8a9475f3cc8 R08: 0000000000000004 R09: 0000000000000477
[ 156.660046] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000004
[ 156.660048] R13: ffff9692a93d3000 R14: ffff96939f451000 R15: ffff9693b0d88000
[ 156.660050] FS: 00007fcd8f7d8a40(0000) GS:ffff9693b3c80000(0000) knlGS:0000000000000000
[ 156.660052] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 156.660054] CR2: 00007fb535f7e000 CR3: 00000001960c4006 CR4: 00000000000206e0
[ 156.660056] Call Trace:
[ 156.660074] ttm_bo_put+0x3f/0x50 [ttm]
[ 156.660179] nouveau_gem_new+0x8a/0x120 [nouveau]
[ 156.660274] ? nouveau_gem_new+0x120/0x120 [nouveau]
[ 156.660369] nouveau_gem_ioctl_new+0x5b/0xd0 [nouveau]
[ 156.660464] ? nouveau_gem_new+0x120/0x120 [nouveau]
[ 156.660502] drm_ioctl_kernel+0xae/0xf0 [drm]
[ 156.660530] drm_ioctl+0x238/0x3d0 [drm]
[ 156.660624] ? nouveau_gem_new+0x120/0x120 [nouveau]
[ 156.660630] ? __run_hrtimer+0x1cb/0x1e0
[ 156.660635] ? recalibrate_cpu_khz+0x10/0x10
[ 156.660638] ? ktime_get+0x3e/0xa0
[ 156.660734] nouveau_drm_ioctl+0x66/0xc0 [nouveau]
[ 156.660784] ksys_ioctl+0x8e/0xc0
[ 156.660790] ? __prepare_exit_to_usermode+0x62/0xe0
[ 156.660793] __x64_sys_ioctl+0x1a/0x20
[ 156.660800] do_syscall_64+0x49/0xc0
[ 156.660805] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 156.660808] RIP: 0033:0x7fcd8fc5913b
[ 156.660811] Code: 89 d8 49 8d 3c 1c 48 f7 d8 49 39 c4 72 b5 e8 1c ff ff ff 85 c0 78 ba 4c 89 e0 5b 5d 41 5c c3 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d fd 2c 0d 00 f7 d8 64 89 01 48
[ 156.660813] RSP: 002b:00007ffe8fed3448 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 156.660816] RAX: ffffffffffffffda RBX: 00007ffe8fed34a0 RCX: 00007fcd8fc5913b
[ 156.660818] RDX: 00007ffe8fed34a0 RSI: 00000000c0306480 RDI: 0000000000000010
[ 156.660819] RBP: 00000000c0306480 R08: 0000000000000000 R09: 000055f12c7eeca0
[ 156.660821] R10: 0000000000000007 R11: 0000000000000246 R12: 00007ffe8fed34a0
[ 156.660823] R13: 0000000000000010 R14: 000055f12b872cc0 R15: 0000000000001000
[ 156.660827] ---[ end trace eeace88d4219d92b ]---

see also:

[ 337.879885] ------------[ cut here ]------------
[ 337.879890] Trying to vfree() bad address (00000000ba1dd312)
[ 337.879908] WARNING: CPU: 3 PID: 2201 at mm/vmalloc.c:2281 __vunmap+0x263/0x280
[ 337.879909] Modules linked in: rfcomm ccm cmac algif_hash algif_skcipher af_alg bnep lz4 zram zfs(PO) zunicode(PO) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O) zlua(PO) intel_powerclamp coretemp kvm_intel uvcvideo kvm videobuf2_vmalloc iwlmvm videobuf2_memops intel_cstate joydev mac80211 videobuf2_v4l2 input_leds libarc4 serio_raw videobuf2_common btusb iwlwifi btrtl videodev btbcm btintel intel_ips at24 mc wmi_bmof bluetooth snd_seq_midi thinkpad_acpi snd_seq_midi_event snd_hda_codec_hdmi snd_hda_codec_conexant nvram snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg snd_hda_codec cfg80211 ecdh_generic ecc mei_me snd_hda_core snd_rawmidi snd_hwdep mei snd_seq snd_pcm snd_seq_device snd_timer snd soundcore mac_hid sch_fq_codel msr parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c nouveau crct10dif_pclmul crc32_pclmul ghash_clmulni_intel mxm_wmi i2c_algo_bit ttm aesni_intel crypto_simd cryptd psmouse drm_kms_helper
[ 337.879970] glue_helper i2c_i801 i2c_smbus syscopyarea ahci sysfillrect sysimgblt sdhci_pci libahci fb_sys_fops firewire_ohci cec cqhci rc_core sdhci lpc_ich firewire_core crc_itu_t drm e1000e wmi video
[ 337.879987] CPU: 3 PID: 2201 Comm: JS Helper Tainted: P W O 5.8.0-43-generic #49-Ubuntu
[ 337.879989] Hardware name: LENOVO 43147PU/43147PU, BIOS 6MET92WW (1.52 ) 09/26/2012
[ 337.879992] RIP: 0010:__vunmap+0x263/0x280
[ 337.879996] Code: 01 00 74 a8 e8 3e d7 91 00 31 d2 31 f6 48 c7 c7 ff ff ff ff e8 ee cf ff ff eb 91 48 89 fe 48 c7 c7 f8 3f 9c 85 e8 c2 c2 df ff <0f> 0b eb 86 4c 89 ee 48 c7 c7 20 40 9c 85 e8 af c2 df ff 0f 0b e9
[ 337.879998] RSP: 0018:ffffb8a942b538f8 EFLAGS: 00010282
[ 337.880000] RAX: 0000000000000000 RBX: ffff96935f032900 RCX: ffff9693b3d98cd8
[ 337.880001] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9693b3d98cd0
[ 337.880003] RBP: ffffb8a942b53920 R08: 0000000000000004 R09: 00000000000004a5
[ 337.880004] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000240
[ 337.880005] R13: ffff96939fac5240 R14: 0000004ea360847b R15: ffffb8a942b53a48
[ 337.880008] FS: 00007ff7f99fd640(0000) GS:ffff9693b3d80000(0000) knlGS:0000000000000000
[ 337.880010] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 337.880011] CR2: 00007fcba80d9050 CR3: 00000001e5af6004 CR4: 00000000000206e0
[ 337.880012] Call Trace:
[ 337.880020] vunmap+0x30/0x40
[ 337.880113] nvkm_umem_unmap+0x51/0x70 [nouveau]
[ 337.880163] nvkm_object_dtor+0x9f/0x110 [nouveau]
[ 337.880213] nvkm_object_del+0x25/0x90 [nouveau]
[ 337.880262] nvkm_ioctl_del+0x3c/0x60 [nouveau]
[ 337.880310] nvkm_ioctl+0xf0/0x190 [nouveau]
[ 337.880388] nvkm_client_ioctl+0x12/0x20 [nouveau]
[ 337.880443] nvif_object_ioctl+0x4e/0x60 [nouveau]
[ 337.880499] nvif_object_fini+0x5a/0x80 [nouveau]
[ 337.880556] nvif_mem_fini+0xe/0x10 [nouveau]
[ 337.880651] nouveau_mem_fini+0x57/0x70 [nouveau]
[ 337.880745] nouveau_mem_del+0x1a/0x30 [nouveau]
[ 337.880840] nouveau_manager_del+0x11/0x20 [nouveau]
[ 337.880851] ttm_bo_cleanup_memtype_use+0x79/0x80 [ttm]
[ 337.880858] ttm_bo_release+0x198/0x380 [ttm]
[ 337.880867] ttm_bo_put+0x30/0x50 [ttm]
[ 337.880961] nouveau_gem_object_del+0x58/0x90 [nouveau]
[ 337.880999] drm_gem_object_free+0x41/0x70 [drm]
[ 337.881024] drm_gem_object_put_unlocked+0x76/0x80 [drm]
[ 337.881049] drm_gem_object_handle_put_unlocked+0x7e/0xb0 [drm]
[ 337.881074] drm_gem_object_release_handle+0x76/0xa0 [drm]
[ 337.881099] ? drm_gem_object_handle_put_unlocked+0xb0/0xb0 [drm]
[ 337.881103] idr_for_each+0x60/0xd0
[ 337.881130] drm_gem_release+0x21/0x30 [drm]
[ 337.881153] drm_file_free.part.0+0x15f/0x170 [drm]
[ 337.881177] drm_close_helper.isra.0+0x65/0x70 [drm]
[ 337.881201] drm_release+0x6a/0x110 [drm]
[ 337.881205] __fput+0xe9/0x250
[ 337.881208] ____fput+0xe/0x10
[ 337.881212] task_work_run+0x6d/0xa0
[ 337.881215] do_exit+0x200/0x440
[ 337.881218] do_group_exit+0x3b/0xb0
[ 337.881223] get_signal+0x174/0x630
[ 337.881227] do_signal+0x2f/0x1d0
[ 337.881233] exit_to_usermode_loop+0x8e/0x120
[ 337.881237] __prepare_exit_to_usermode+0xa2/0xe0
[ 337.881241] __syscall_return_slowpath+0x31/0x160
[ 337.881247] do_syscall_64+0x56/0xc0
[ 337.881252] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 337.881255] RIP: 0033:0x7ff810eb5c06
[ 337.881257] Code: Unable to access opcode bytes at RIP 0x7ff810eb5bdc.
[ 337.881258] RSP: 002b:00007ff7f99fc630 EFLAGS: 00000282 ORIG_RAX: 00000000000000ca
[ 337.881261] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007ff810eb5c06
[ 337.881263] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00005615cca597e8
[ 337.881265] RBP: 00005615cca597c0 R08: 0000000000000000 R09: 0000000000000000
[ 337.881266] R10: 0000000000000000 R11: 0000000000000282 R12: 00005615cca597e4
[ 337.881268] R13: 00005615cca59768 R14: 00007ff7f99fc670 R15: 00005615cca597e8
[ 337.881272] ---[ end trace eeace88d4219d92c ]---

I continue to see these lockups in 5.8.0-43-generic #49-Ubuntu

asif@ThinkPad-T510:~$ uname -a
Linux ThinkPad-T510 5.8.0-43-generic #49-Ubuntu SMP Fri Feb 5 03:01:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

[  156.659907] ------------[ cut here ]------------
[  156.659908] refcount_t: underflow; use-after-free.
[  156.659936] WARNING: CPU: 1 PID: 1982 at lib/refcount.c:28 refcount_warn_saturate+0xae/0xf0
[  156.659937] Modules linked in: rfcomm ccm cmac algif_hash algif_skcipher af_alg bnep lz4 zram zfs(PO) zunicode(PO) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O) zlua(PO) intel_powerclamp coretemp kvm_intel uvcvideo kvm videobuf2_vmalloc iwlmvm videobuf2_memops intel_cstate joydev mac80211 videobuf2_v4l2 input_leds libarc4 serio_raw videobuf2_common btusb iwlwifi btrtl videodev btbcm btintel intel_ips at24 mc wmi_bmof bluetooth snd_seq_midi thinkpad_acpi snd_seq_midi_event snd_hda_codec_hdmi snd_hda_codec_conexant nvram snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg snd_hda_codec cfg80211 ecdh_generic ecc mei_me snd_hda_core snd_rawmidi snd_hwdep mei snd_seq snd_pcm snd_seq_device snd_timer snd soundcore mac_hid sch_fq_codel msr parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c nouveau crct10dif_pclmul crc32_pclmul ghash_clmulni_intel mxm_wmi i2c_algo_bit ttm aesni_intel crypto_simd cryptd psmouse drm_kms_helper
[  156.660007]  glue_helper i2c_i801 i2c_smbus syscopyarea ahci sysfillrect sysimgblt sdhci_pci libahci fb_sys_fops firewire_ohci cec cqhci rc_core sdhci lpc_ich firewire_core crc_itu_t drm e1000e wmi video
[  156.660026] CPU: 1 PID: 1982 Comm: Xorg Tainted: P           O      5.8.0-43-generic #49-Ubuntu
[  156.660028] Hardware name: LENOVO 43147PU/43147PU, BIOS 6MET92WW (1.52 ) 09/26/2012
[  156.660032] RIP: 0010:refcount_warn_saturate+0xae/0xf0
[  156.660036] Code: d8 3f 6a 01 01 e8 e7 7f b1 ff 0f 0b 5d c3 80 3d c5 3f 6a 01 00 75 91 48 c7 c7 00 48 9f 85 c6 05 b5 3f 6a 01 01 e8 c7 7f b1 ff <0f> 0b 5d c3 80 3d a3 3f 6a 01 00 0f 85 6d ff ff ff 48 c7 c7 58 48
[  156.660038] RSP: 0018:ffffb8a9475f3cc8 EFLAGS: 00010282
[  156.660041] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffff9693b3c98cd8
[  156.660043] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9693b3c98cd0
[  156.660044] RBP: ffffb8a9475f3cc8 R08: 0000000000000004 R09: 0000000000000477
[  156.660046] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000004
[  156.660048] R13: ffff9692a93d3000 R14: ffff96939f451000 R15: ffff9693b0d88000
[  156.660050] FS:  00007fcd8f7d8a40(0000) GS:ffff9693b3c80000(0000) knlGS:0000000000000000
[  156.660052] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  156.660054] CR2: 00007fb535f7e000 CR3: 00000001960c4006 CR4: 00000000000206e0
[  156.660056] Call Trace:
[  156.660074]  ttm_bo_put+0x3f/0x50 [ttm]
[  156.660179]  nouveau_gem_new+0x8a/0x120 [nouveau]
[  156.660274]  ? nouveau_gem_new+0x120/0x120 [nouveau]
[  156.660369]  nouveau_gem_ioctl_new+0x5b/0xd0 [nouveau]
[  156.660464]  ? nouveau_gem_new+0x120/0x120 [nouveau]
[  156.660502]  drm_ioctl_kernel+0xae/0xf0 [drm]
[  156.660530]  drm_ioctl+0x238/0x3d0 [drm]
[  156.660624]  ? nouveau_gem_new+0x120/0x120 [nouveau]
[  156.660630]  ? __run_hrtimer+0x1cb/0x1e0
[  156.660635]  ? recalibrate_cpu_khz+0x10/0x10
[  156.660638]  ? ktime_get+0x3e/0xa0
[  156.660734]  nouveau_drm_ioctl+0x66/0xc0 [nouveau]
[  156.660784]  ksys_ioctl+0x8e/0xc0
[  156.660790]  ? __prepare_exit_to_usermode+0x62/0xe0
[  156.660793]  __x64_sys_ioctl+0x1a/0x20
[  156.660800]  do_syscall_64+0x49/0xc0
[  156.660805]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  156.660808] RIP: 0033:0x7fcd8fc5913b
[  156.660811] Code: 89 d8 49 8d 3c 1c 48 f7 d8 49 39 c4 72 b5 e8 1c ff ff ff 85 c0 78 ba 4c 89 e0 5b 5d 41 5c c3 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d fd 2c 0d 00 f7 d8 64 89 01 48
[  156.660813] RSP: 002b:00007ffe8fed3448 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.660816] RAX: ffffffffffffffda RBX: 00007ffe8fed34a0 RCX: 00007fcd8fc5913b
[  156.660818] RDX: 00007ffe8fed34a0 RSI: 00000000c0306480 RDI: 0000000000000010
[  156.660819] RBP: 00000000c0306480 R08: 0000000000000000 R09: 000055f12c7eeca0
[  156.660821] R10: 0000000000000007 R11: 0000000000000246 R12: 00007ffe8fed34a0
[  156.660823] R13: 0000000000000010 R14: 000055f12b872cc0 R15: 0000000000001000
[  156.660827] ---[ end trace eeace88d4219d92b ]---

see also:

[  337.879885] ------------[ cut here ]------------
[  337.879890] Trying to vfree() bad address (00000000ba1dd312)
[  337.879908] WARNING: CPU: 3 PID: 2201 at mm/vmalloc.c:2281 __vunmap+0x263/0x280
[  337.879909] Modules linked in: rfcomm ccm cmac algif_hash algif_skcipher af_alg bnep lz4 zram zfs(PO) zunicode(PO) zavl(PO) icp(PO) zcommon(PO) znvpair(PO) spl(O) zlua(PO) intel_powerclamp coretemp kvm_intel uvcvideo kvm videobuf2_vmalloc iwlmvm videobuf2_memops intel_cstate joydev mac80211 videobuf2_v4l2 input_leds libarc4 serio_raw videobuf2_common btusb iwlwifi btrtl videodev btbcm btintel intel_ips at24 mc wmi_bmof bluetooth snd_seq_midi thinkpad_acpi snd_seq_midi_event snd_hda_codec_hdmi snd_hda_codec_conexant nvram snd_hda_codec_generic ledtrig_audio snd_hda_intel snd_intel_dspcfg snd_hda_codec cfg80211 ecdh_generic ecc mei_me snd_hda_core snd_rawmidi snd_hwdep mei snd_seq snd_pcm snd_seq_device snd_timer snd soundcore mac_hid sch_fq_codel msr parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c nouveau crct10dif_pclmul crc32_pclmul ghash_clmulni_intel mxm_wmi i2c_algo_bit ttm aesni_intel crypto_simd cryptd psmouse drm_kms_helper
[  337.879970]  glue_helper i2c_i801 i2c_smbus syscopyarea ahci sysfillrect sysimgblt sdhci_pci libahci fb_sys_fops firewire_ohci cec cqhci rc_core sdhci lpc_ich firewire_core crc_itu_t drm e1000e wmi video
[  337.879987] CPU: 3 PID: 2201 Comm: JS Helper Tainted: P        W  O      5.8.0-43-generic #49-Ubuntu
[  337.879989] Hardware name: LENOVO 43147PU/43147PU, BIOS 6MET92WW (1.52 ) 09/26/2012
[  337.879992] RIP: 0010:__vunmap+0x263/0x280
[  337.879996] Code: 01 00 74 a8 e8 3e d7 91 00 31 d2 31 f6 48 c7 c7 ff ff ff ff e8 ee cf ff ff eb 91 48 89 fe 48 c7 c7 f8 3f 9c 85 e8 c2 c2 df ff <0f> 0b eb 86 4c 89 ee 48 c7 c7 20 40 9c 85 e8 af c2 df ff 0f 0b e9
[  337.879998] RSP: 0018:ffffb8a942b538f8 EFLAGS: 00010282
[  337.880000] RAX: 0000000000000000 RBX: ffff96935f032900 RCX: ffff9693b3d98cd8
[  337.880001] RDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9693b3d98cd0
[  337.880003] RBP: ffffb8a942b53920 R08: 0000000000000004 R09: 00000000000004a5
[  337.880004] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000240
[  337.880005] R13: ffff96939fac5240 R14: 0000004ea360847b R15: ffffb8a942b53a48
[  337.880008] FS:  00007ff7f99fd640(0000) GS:ffff9693b3d80000(0000) knlGS:0000000000000000
[  337.880010] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  337.880011] CR2: 00007fcba80d9050 CR3: 00000001e5af6004 CR4: 00000000000206e0
[  337.880012] Call Trace:
[  337.880020]  vunmap+0x30/0x40
[  337.880113]  nvkm_umem_unmap+0x51/0x70 [nouveau]
[  337.880163]  nvkm_object_dtor+0x9f/0x110 [nouveau]
[  337.880213]  nvkm_object_del+0x25/0x90 [nouveau]
[  337.880262]  nvkm_ioctl_del+0x3c/0x60 [nouveau]
[  337.880310]  nvkm_ioctl+0xf0/0x190 [nouveau]
[  337.880388]  nvkm_client_ioctl+0x12/0x20 [nouveau]
[  337.880443]  nvif_object_ioctl+0x4e/0x60 [nouveau]
[  337.880499]  nvif_object_fini+0x5a/0x80 [nouveau]
[  337.880556]  nvif_mem_fini+0xe/0x10 [nouveau]
[  337.880651]  nouveau_mem_fini+0x57/0x70 [nouveau]
[  337.880745]  nouveau_mem_del+0x1a/0x30 [nouveau]
[  337.880840]  nouveau_manager_del+0x11/0x20 [nouveau]
[  337.880851]  ttm_bo_cleanup_memtype_use+0x79/0x80 [ttm]
[  337.880858]  ttm_bo_release+0x198/0x380 [ttm]
[  337.880867]  ttm_bo_put+0x30/0x50 [ttm]
[  337.880961]  nouveau_gem_object_del+0x58/0x90 [nouveau]
[  337.880999]  drm_gem_object_free+0x41/0x70 [drm]
[  337.881024]  drm_gem_object_put_unlocked+0x76/0x80 [drm]
[  337.881049]  drm_gem_object_handle_put_unlocked+0x7e/0xb0 [drm]
[  337.881074]  drm_gem_object_release_handle+0x76/0xa0 [drm]
[  337.881099]  ? drm_gem_object_handle_put_unlocked+0xb0/0xb0 [drm]
[  337.881103]  idr_for_each+0x60/0xd0
[  337.881130]  drm_gem_release+0x21/0x30 [drm]
[  337.881153]  drm_file_free.part.0+0x15f/0x170 [drm]
[  337.881177]  drm_close_helper.isra.0+0x65/0x70 [drm]
[  337.881201]  drm_release+0x6a/0x110 [drm]
[  337.881205]  __fput+0xe9/0x250
[  337.881208]  ____fput+0xe/0x10
[  337.881212]  task_work_run+0x6d/0xa0
[  337.881215]  do_exit+0x200/0x440
[  337.881218]  do_group_exit+0x3b/0xb0
[  337.881223]  get_signal+0x174/0x630
[  337.881227]  do_signal+0x2f/0x1d0
[  337.881233]  exit_to_usermode_loop+0x8e/0x120
[  337.881237]  __prepare_exit_to_usermode+0xa2/0xe0
[  337.881241]  __syscall_return_slowpath+0x31/0x160
[  337.881247]  do_syscall_64+0x56/0xc0
[  337.881252]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  337.881255] RIP: 0033:0x7ff810eb5c06
[  337.881257] Code: Unable to access opcode bytes at RIP 0x7ff810eb5bdc.
[  337.881258] RSP: 002b:00007ff7f99fc630 EFLAGS: 00000282 ORIG_RAX: 00000000000000ca
[  337.881261] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 00007ff810eb5c06
[  337.881263] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00005615cca597e8
[  337.881265] RBP: 00005615cca597c0 R08: 0000000000000000 R09: 0000000000000000
[  337.881266] R10: 0000000000000000 R11: 0000000000000282 R12: 00005615cca597e4
[  337.881268] R13: 00005615cca59768 R14: 00007ff7f99fc670 R15: 00005615cca597e8
[  337.881272] ---[ end trace eeace88d4219d92c ]---

Ubuntulinux package

Comment 7 for bug 1907318

Ubuntu
linux package