https://bugs.freedesktop.org/show_bug.cgi?id=64774
--- Comment #6 from Ilia Mirkin <[email protected]> --- Well, +0x8e is +142, and we see 0x0000000000023bae <+142>: mov (%rcx,%r13,1),%rax 0x0000000000023bb2 <+146>: shr $0x8,%rax 0x0000000000023bb6 <+150>: mov %rax,%rdx 0x0000000000023bb9 <+153>: or $0x3,%rax 0x0000000000023bbd <+157>: or $0x1,%rdx which I'm fairly sure corresponds to u64 phys = nvc0_vm_addr(vma, *list++, memtype, target); Since static inline u64 nvc0_vm_addr(struct nouveau_vma *vma, u64 phys, u32 memtype, u32 target) { phys >>= 8; phys |= 0x00000001; /* present */ if (vma->access & NV_MEM_ACCESS_SYS) phys |= 0x00000002; (And for some reason it splits the two branches into two separate registers... odd, but nothing else in the code matches up as nicely.) So that means that the passed in list pointer must be null. This corresponds to drivers/gpu/drm/nouveau/nouveau_bo.c:nouveau_vma_getmap which passes in mem->mm_node as the mem argument to vm_map_sg, which in turn does mem->pages. So perhaps add something to the top of nouveau_vma_getmap (before the vm_get call) like if (WARN_ON(!node->pages)) { return -EINVAL; } Which should help avoid the crash, but will not provide any additional functionality. You should then see a backtrace, but no crash. -- You are receiving this mail because: You are the assignee for the bug.
_______________________________________________ Nouveau mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/nouveau
