Ubuntu
nvidia-graphics-drivers-390 package

Bug #1802050
Comment #6

Comment 6 for bug 1802050

Revision history for this message

kenorb (kenorb) wrote on 2019-02-11:

Related: https://forums.geforce.com/default/topic/1098094/geforce-drivers/kernel-crash-at-_nv009384rm-os_memcpy_to_user-bad-or-missing-usercopy-whitelist-/

Here are the full logs:
- 1st crash: https://gist.github.com/kenorb/4b7c333e648498f3d31c3ed8dc6625f4
- 2nd crash (posted above): https://gist.github.com/kenorb/8ff664d2cb439ad624b438a954b11c62

Logs:
caller os_map_kernel_space.part.9+0xdb/0x120 [nvidia] mapping multiple BARs
Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache' (offset 11440, size 3)!
WARNING: CPU: 11 PID: 7002 at mm/usercopy.c:81 usercopy_warn+0x81/0xa0
CPU: 11 PID: 7002 Comm: Xorg Tainted: P O 4.18.0-15-generic #16-Ubuntu
Hardware name: Punch technology 646-716-44/ROG RAMPAGE VI EXTREME, BIOS 1401 05/10/2018
RIP: 0010:usercopy_warn+0x81/0xa0
RSP: 0018:ffffb1a54aa5fb08 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff936a9e355cb0 RCX: 0000000000000006
RDX: 0000000000000007 RSI: 0000000000000096 RDI: ffff936b1f2d64b0
RBP: ffffb1a54aa5fb20 R08: 0000000000000001 R09: 0000000000000692
R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000003
R13: 0000000000000001 R14: ffff936a9e355cb3 R15: ffff936a9e355cf8
FS: 00007f7c7ce35a80(0000) GS:ffff936b1f2c0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f7c794d0110 CR3: 0000001f8b2d0006 CR4: 00000000003606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
__check_heap_object+0xc2/0x110
__check_object_size+0x14c/0x178
os_memcpy_to_user+0x26/0x50 [nvidia]
_nv009384rm+0xbf/0xe0 [nvidia]
WARNING: kernel stack frame pointer at 000000009e6b26f6 in Xorg:7002 has bad value 00000000d8fadd4b
unwind stack type:0 next_sp: (null) mask:0x2 graph_idx:0
000000003b11c2d2: ffffb1a54aa5fb30 (0xffffb1a54aa5fb30)
00000000764c1375: ffffffffad469e02 (__check_heap_object+0xc2/0x110)
...
? _nv028097rm+0x79/0x90 [nvidia]
? _nv028097rm+0x55/0x90 [nvidia]
? _nv013699rm+0xee/0x100 [nvidia]
? _nv015347rm+0x154/0x270 [nvidia]
? _nv008317rm+0x134/0x1a0 [nvidia]
? _nv008296rm+0x29c/0x2b0 [nvidia]
? _nv001072rm+0xe/0x20 [nvidia]
? _nv007324rm+0xd8/0x100 [nvidia]
? _nv001171rm+0x627/0x830 [nvidia]
? rm_ioctl+0x73/0x100 [nvidia]
? __check_object_size+0x91/0x178
? nvidia_ioctl+0x56a/0x720 [nvidia]
? nvidia_frontend_unlocked_ioctl+0x3e/0x50 [nvidia]
? do_vfs_ioctl+0xa8/0x620
? handle_mm_fault+0xe1/0x210
? ksys_ioctl+0x67/0x90
? __x64_sys_ioctl+0x1a/0x20
? do_syscall_64+0x5a/0x110
? entry_SYSCALL_64_after_hwframe+0x44/0xa9
---[ end trace e0cf3a831124a7e9 ]---

Related: https://forums.geforce.com/default/topic/1098094/geforce-drivers/kernel-crash-at-_nv009384rm-os_memcpy_to_user-bad-or-missing-usercopy-whitelist-/

Here are the full logs:
- 1st crash: https://gist.github.com/kenorb/4b7c333e648498f3d31c3ed8dc6625f4
- 2nd crash (posted above): https://gist.github.com/kenorb/8ff664d2cb439ad624b438a954b11c62

Logs:
caller os_map_kernel_space.part.9+0xdb/0x120 [nvidia] mapping multiple BARs
Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache' (offset 11440, size 3)!
WARNING: CPU: 11 PID: 7002 at mm/usercopy.c:81 usercopy_warn+0x81/0xa0
CPU: 11 PID: 7002 Comm: Xorg Tainted: P           O      4.18.0-15-generic #16-Ubuntu
Hardware name: Punch technology 646-716-44/ROG RAMPAGE VI EXTREME, BIOS 1401 05/10/2018
RIP: 0010:usercopy_warn+0x81/0xa0
RSP: 0018:ffffb1a54aa5fb08 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff936a9e355cb0 RCX: 0000000000000006
RDX: 0000000000000007 RSI: 0000000000000096 RDI: ffff936b1f2d64b0
RBP: ffffb1a54aa5fb20 R08: 0000000000000001 R09: 0000000000000692
R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000003
R13: 0000000000000001 R14: ffff936a9e355cb3 R15: ffff936a9e355cf8
FS:  00007f7c7ce35a80(0000) GS:ffff936b1f2c0000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f7c794d0110 CR3: 0000001f8b2d0006 CR4: 00000000003606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __check_heap_object+0xc2/0x110
 __check_object_size+0x14c/0x178
 os_memcpy_to_user+0x26/0x50 [nvidia]
 _nv009384rm+0xbf/0xe0 [nvidia]
WARNING: kernel stack frame pointer at 000000009e6b26f6 in Xorg:7002 has bad value 00000000d8fadd4b
unwind stack type:0 next_sp:          (null) mask:0x2 graph_idx:0
000000003b11c2d2: ffffb1a54aa5fb30 (0xffffb1a54aa5fb30)
00000000764c1375: ffffffffad469e02 (__check_heap_object+0xc2/0x110)
...
 ? _nv028097rm+0x79/0x90 [nvidia]
 ? _nv028097rm+0x55/0x90 [nvidia]
 ? _nv013699rm+0xee/0x100 [nvidia]
 ? _nv015347rm+0x154/0x270 [nvidia]
 ? _nv008317rm+0x134/0x1a0 [nvidia]
 ? _nv008296rm+0x29c/0x2b0 [nvidia]
 ? _nv001072rm+0xe/0x20 [nvidia]
 ? _nv007324rm+0xd8/0x100 [nvidia]
 ? _nv001171rm+0x627/0x830 [nvidia]
 ? rm_ioctl+0x73/0x100 [nvidia]
 ? __check_object_size+0x91/0x178
 ? nvidia_ioctl+0x56a/0x720 [nvidia]
 ? nvidia_frontend_unlocked_ioctl+0x3e/0x50 [nvidia]
 ? do_vfs_ioctl+0xa8/0x620
 ? handle_mm_fault+0xe1/0x210
 ? ksys_ioctl+0x67/0x90
 ? __x64_sys_ioctl+0x1a/0x20
 ? do_syscall_64+0x5a/0x110
 ? entry_SYSCALL_64_after_hwframe+0x44/0xa9
---[ end trace e0cf3a831124a7e9 ]---

Ubuntunvidia-graphics-drivers-390 package

Comment 6 for bug 1802050

Ubuntu
nvidia-graphics-drivers-390 package