Public bug reported:
When trying to boot Kubuntu 25.10 live on notebook Zwide NA08H there is
crash in bmc150_accel_core. Auto screen orientation doesnt work after
this, and supsend/resume and shutdown has issues bbecause of long
waiting for iio-sensor-proxy daemon, which trying to acces accelerometer
provided by by bmc150.
] block nvme0n1: No UUID available providing old NGUID
[ 21.752391] BUG: kernel NULL pointer dereference, address: 0000000000000001
[ 21.752398] #PF: supervisor read access in kernel mode
[ 21.752400] #PF: error_code(0x0000) - not-present page
[ 21.752402] PGD 0 P4D 0
[ 21.752405] Oops: Oops: 0000 [#1] SMP NOPTI
[ 21.752410] CPU: 3 UID: 0 PID: 1154 Comm: iio-sensor-prox Not tainted
6.17.0-5-generic #5-Ubuntu PREEMPT(voluntary)
[ 21.752413] Hardware name: ShenZhen ZhiWei Technology Co.,Ltd NA08H/Zwide
Inc., BIOS 5.27 09/11/2025
[ 21.752415] RIP: 0010:bmc150_accel_set_interrupt+0x7a/0x160
[bmc150_accel_core]
[ 21.752424] Code: 98 00 00 00 b8 01 00 00 00 f0 0f c1 06 83 c0 01 83 f8 01
7f 62 49 8b 7d 00 be 01 00 00 00 e8 8d fa ff ff 41 89 c4 85 c0 75 50 <0f> b6 53
01 0f b6 33 45 31 c9 45 31 c0 49 8b 7d 00 6a 00 89 d1 e8
[ 21.752426] RSP: 0018:ffffcf520380fb40 EFLAGS: 00010246
[ 21.752428] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 21.752430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 21.752432] RBP: ffffcf520380fb68 R08: 0000000000000000 R09: 0000000000000000
[ 21.752433] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 21.752434] R13: ffff89218405fd90 R14: ffff892182088c20 R15: ffff8921890c92a8
[ 21.752436] FS: 000076525b7b3940(0000) GS:ffff892531bff000(0000)
knlGS:0000000000000000
[ 21.752438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 21.752440] CR2: 0000000000000001 CR3: 000000012934d006 CR4: 0000000000f72ef0
[ 21.752442] PKRU: 55555554
[ 21.752444] Call Trace:
[ 21.752446] <TASK>
[ 21.752449] bmc150_accel_buffer_postenable+0x6b/0xb0 [bmc150_accel_core]
[ 21.752453] iio_enable_buffers+0x216/0x380 [industrialio]
[ 21.752466] __iio_update_buffers+0x20c/0x2c0 [industrialio]
[ 21.752475] enable_store+0x8e/0x100 [industrialio]
[ 21.752483] dev_attr_store+0x14/0x40
[ 21.752488] sysfs_kf_write+0x71/0x90
[ 21.752491] kernfs_fop_write_iter+0x15e/0x210
[ 21.752495] vfs_write+0x258/0x490
[ 21.752500] ksys_write+0x71/0xf0
[ 21.752503] __x64_sys_write+0x19/0x30
[ 21.752506] x64_sys_call+0x79/0x2330
[ 21.752510] do_syscall_64+0x81/0xc90
[ 21.752514] ? putname+0x78/0xb0
[ 21.752516] ? do_sys_openat2+0xa1/0xe0
[ 21.752519] ? __x64_sys_openat+0x5f/0xa0
[ 21.752521] ? arch_exit_to_user_mode_prepare.isra.0+0xd/0xe0
[ 21.752523] ? do_syscall_64+0xb9/0xc90
[ 21.752525] ? arch_exit_to_user_mode_prepare.isra.0+0xd/0xe0
[ 21.752527] ? do_syscall_64+0xb9/0xc90
[ 21.752529] ? exc_page_fault+0x90/0x1b0
[ 21.752532] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 21.752535] RIP: 0033:0x76525bb89772
[ 21.752538] Code: 08 0f 85 a1 38 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce
4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e
0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 55 bf 01 00
[ 21.752540] RSP: 002b:00007ffdbc2c8ab8 EFLAGS: 00000246 ORIG_RAX:
0000000000000001
[ 21.752542] RAX: ffffffffffffffda RBX: 00005bc770573310 RCX: 000076525bb89772
[ 21.752544] RDX: 0000000000000001 RSI: 00007ffdbc2c8c20 RDI: 0000000000000009
[ 21.752545] RBP: 00007ffdbc2c8ae0 R08: 0000000000000000 R09: 0000000000000000
[ 21.752547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 21.752548] R13: 0000000000000001 R14: 00007ffdbc2c8c20 R15: 0000000000000002
[ 21.752550] </TASK>
[ 21.752551] Modules linked in: rfcomm cmac algif_hash algif_skcipher af_alg
bnep snd_hda_codec_intelhdmi snd_hda_codec_alc269 snd_hda_scodec_component
snd_hda_codec_realtek_lib snd_hda_codec_generic snd_hda_intel
snd_sof_pci_intel_tgl snd_sof_pci_intel_cnl snd_sof_intel_hda_generic
soundwire_intel snd_sof_intel_hda_sdw_bpt snd_sof_intel_hda_common
snd_soc_hdac_hda snd_sof_intel_hda_mlink snd_sof_intel_hda snd_hda_codec_hdmi
soundwire_cadence snd_sof_pci snd_sof_xtensa_dsp snd_sof snd_sof_utils
snd_soc_acpi_intel_match snd_soc_acpi_intel_sdca_quirks
soundwire_generic_allocation snd_soc_acpi xe soundwire_bus snd_soc_sdca crc8
binfmt_misc intel_rapl_msr gpu_sched drm_gpuvm drm_gpusvm_helper drm_ttm_helper
drm_exec drm_suballoc_helper snd_soc_avs intel_rapl_common snd_soc_hda_codec
snd_hda_ext_core snd_hda_codec snd_hda_core snd_intel_dspcfg snd_intel_sdw_acpi
x86_pkg_temp_thermal snd_soc_core snd_usb_audio intel_powerclamp
snd_usbmidi_lib snd_compress ac97_bus snd_hwdep snd_ump snd_pcm_dmaengine
snd_pcm iwlmvm
[ 21.752596] snd_seq_midi coretemp cmdlinepart spi_nor snd_seq_midi_event
mei_hdcp mtd mei_pxp joydev snd_rawmidi mac80211 kvm_intel snd_seq libarc4
uvcvideo i915 videobuf2_vmalloc btusb bmi323_i2c kvm uvc btrtl videobuf2_memops
iwlwifi bmi323_core snd_seq_device drm_buddy snd_timer videobuf2_v4l2 ttm
i2c_i801 videobuf2_common btintel snd spi_intel_pci irqbypass videodev
drm_display_helper i2c_smbus rapl wmi_bmof btbcm btmtk intel_cstate mei_me cec
spi_intel i2c_mux soundcore cfg80211 mei mc bluetooth rc_core i2c_algo_bit
igen6_edac bmc150_accel_i2c bmc150_accel_core intel_pmc_core
industrialio_triggered_buffer pmt_telemetry pmt_discovery goodix_ts kfifo_buf
pmt_class intel_hid intel_pmc_ssram_telemetry industrialio soc_button_array
intel_vsec sparse_keymap acpi_tad acpi_pad btrfs blake2b_generic xor raid6_pq
input_leds mac_hid sch_fq_codel msr parport_pc ppdev lp parport efi_pstore
nfnetlink dmi_sysfs ip_tables x_tables autofs4 overlay isofs hid_generic usbhid
hid uas usb_storage spi_pxa2xx_platform dw_dmac
[ 21.752662] dw_dmac_core spi_pxa2xx_core nvme polyval_clmulni
ghash_clmulni_intel sdhci_pci nvme_core sdhci_uhs2 aesni_intel psmouse
nvme_keyring nvme_auth sdhci serio_raw cqhci intel_ish_ipc intel_lpss_pci
intel_ishtp intel_lpss idma64 video pinctrl_alderlake wmi
[ 21.752680] CR2: 0000000000000001
[ 21.752683] ---[ end trace 0000000000000000 ]---
[ 22.479343] RIP: 0010:bmc150_accel_set_interrupt+0x7a/0x160
[bmc150_accel_core]
[ 22.479354] Code: 98 00 00 00 b8 01 00 00 00 f0 0f c1 06 83 c0 01 83 f8 01
7f 62 49 8b 7d 00 be 01 00 00 00 e8 8d fa ff ff 41 89 c4 85 c0 75 50 <0f> b6 53
01 0f b6 33 45 31 c9 45 31 c0 49 8b 7d 00 6a 00 89 d1 e8
[ 22.479356] RSP: 0018:ffffcf520380fb40 EFLAGS: 00010246
[ 22.479360] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 22.479361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 22.479362] RBP: ffffcf520380fb68 R08: 0000000000000000 R09: 0000000000000000
[ 22.479364] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 22.479365] R13: ffff89218405fd90 R14: ffff892182088c20 R15: ffff8921890c92a8
[ 22.479366] FS: 000076525b7b3940(0000) GS:ffff892531bff000(0000)
knlGS:0000000000000000
[ 22.479368] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.479370] CR2: 0000000000000001 CR3: 000000012934d006 CR4: 0000000000f72ef0
[ 22.479372] PKRU: 55555554
[ 22.479373] note: iio-sensor-prox[1154] exited with irqs disabled
[ 22.693516] NET: Registered PF_QIPCRTR protocol family
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2130888
Title:
bmc150_accel_core module NULL pointer dereference
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2130888/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
