Bug#1113861: linux-image-6.12.41+deb13-amd64: Most Flatpaks don't launch, cause kernel oops in nouveau module
Control: tags -1 + moreinfo
On Wed, Sep 03, 2025 at 10:16:24AM -0400, willed-anvil-elude@duck.com wrote:
> Package: src:linux
> Version: 6.12.41-1
> Severity: important
> X-Debbugs-Cc: willed-anvil-elude@duck.com
>
> Dear Maintainer,
>
> Most Flatpak apps have suddenly broken on my Debian Stable ("Trixie")
> installation. They were working normally until I ran a `flatpak update` today
> after several weeks without updating the Flatpak system, but now the apps fail
> to launch. I have confirmed that the base OS runs fine until the first time I
> launch a Flatpak app, at which point it causes a kernel oops in the `nouveau`
> module.
>
> I tried completely uninstalling and reinstalling all Flatpak-related Debian
> packages, and I renamed `~/.local/share/flatpak` and `/var/lib/flatpak` and
> tried starting fresh with Flatpak, but it made no difference.
>
> My hardware is a laptop with hybrid Intel / Nvidia graphics, but I don't use
> the Nvidia card at all. I even tried uninstalling the `xserver-xorg-video-
> nouveau` package, but somehow the `nouveau` module was still loading, I imagine
> coming from the Flatpak environment.
>
> When I boot with the kernel command line `module_blacklist=nouveau` this bug
> does **not** happen. This bug happens with the oldest Debian Trixie released
> kernel version (6.12.31-amd64) as well as the latest one (6.12.41+deb13-amd64).
> What changed on my system leading to this bug was the Flatpak framework
> updates, however in my bug report to them
> (https://github.com/flatpak/flatpak/issues/6307) they say it's a kernel bug.
>
> Here's the `dmesg` output that corresponds exactly to the moment that a Flatpak
> app is launched:
>
> ```````````````````````````````````````````
> [Tue Sep 2 23:31:49 2025] BUG: kernel NULL pointer dereference, address:
> 0000000000000000
> [Tue Sep 2 23:31:49 2025] #PF: supervisor read access in kernel mode
> [Tue Sep 2 23:31:49 2025] #PF: error_code(0x0000) - not-present page
> [Tue Sep 2 23:31:49 2025] PGD 0 P4D 0
> [Tue Sep 2 23:31:49 2025] Oops: Oops: 0000 [#3] PREEMPT SMP PTI
> [Tue Sep 2 23:31:49 2025] CPU: 6 UID: 1000 PID: 4820 Comm: com.github.tchx
> Tainted: G D 6.12.31-amd64 #1 Debian 6.12.31-1
> [Tue Sep 2 23:31:49 2025] Tainted: [D]=DIE
> [Tue Sep 2 23:31:49 2025] Hardware name: Intel(R) Client Systems
> LAPQC71A/LAPQC71A, BIOS QCCFL357.0144.2022.0124.1433 01/24/2022
> [Tue Sep 2 23:31:49 2025] RIP: 0010:nvkm_gr_units+0x9/0x30 [nouveau]
> [Tue Sep 2 23:31:49 2025] Code: 74 06 ff e0 cc 66 90 cc 31 c0 c3 cc cc cc cc
> 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00
> 00 <48> 8b 07 48 8b 40 58 48 85 c0 74 06 ff e0 cc 66 90 cc 31 c0 c3 cc
> [Tue Sep 2 23:31:49 2025] RSP: 0018:ffffa1f38f267b40 EFLAGS: 00010246
> [Tue Sep 2 23:31:49 2025] RAX: ffff92a3ba38e000 RBX: ffffa1f38f267c20 RCX:
> ffff92a3871f2800
> [Tue Sep 2 23:31:49 2025] RDX: ffff92a599362c00 RSI: ffffa1f38f267c20 RDI:
> 0000000000000000
> [Tue Sep 2 23:31:49 2025] RBP: ffff92a4ab71d000 R08: 000000000000000d R09:
> 00000000000012d4
> [Tue Sep 2 23:31:49 2025] R10: 0000000000000010 R11: 0000000000000012 R12:
> ffffffffc0bb61f0
> [Tue Sep 2 23:31:49 2025] R13: ffffa1f38f267c20 R14: ffff92a3ba386000 R15:
> 0000000000000010
> [Tue Sep 2 23:31:49 2025] FS: 00007fe43b074940(0000)
> GS:ffff92ab1db00000(0000) knlGS:0000000000000000
> [Tue Sep 2 23:31:49 2025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [Tue Sep 2 23:31:49 2025] CR2: 0000000000000000 CR3: 000000030ae00001 CR4:
> 00000000003726f0
> [Tue Sep 2 23:31:49 2025] Call Trace:
> [Tue Sep 2 23:31:49 2025] <TASK>
> [Tue Sep 2 23:31:49 2025] nouveau_abi16_ioctl_getparam+0x2aa/0x350 [nouveau]
> [Tue Sep 2 23:31:49 2025] ? tomoyo_init_request_info+0x99/0xc0
> [Tue Sep 2 23:31:49 2025] drm_ioctl_kernel+0xad/0x100 [drm]
> [Tue Sep 2 23:31:49 2025] drm_ioctl+0x277/0x4f0 [drm]
> [Tue Sep 2 23:31:49 2025] ? __pfx_nouveau_abi16_ioctl_getparam+0x10/0x10
> [nouveau]
> [Tue Sep 2 23:31:49 2025] nouveau_drm_ioctl+0x57/0xb0 [nouveau]
> [Tue Sep 2 23:31:49 2025] __x64_sys_ioctl+0x91/0xd0
> [Tue Sep 2 23:31:49 2025] do_syscall_64+0x82/0x190
> [Tue Sep 2 23:31:49 2025] ? __pfx_nouveau_abi16_ioctl_getparam+0x10/0x10
> [nouveau]
> [Tue Sep 2 23:31:49 2025] ? __pm_runtime_suspend+0x69/0xc0
> [Tue Sep 2 23:31:49 2025] ? nouveau_drm_ioctl+0x7a/0xb0 [nouveau]
> [Tue Sep 2 23:31:49 2025] ? syscall_exit_to_user_mode+0x4d/0x210
> [Tue Sep 2 23:31:49 2025] ? do_syscall_64+0x8e/0x190
> [Tue Sep 2 23:31:49 2025] ? syscall_exit_to_user_mode+0x4d/0x210
> [Tue Sep 2 23:31:49 2025] ? do_syscall_64+0x8e/0x190
> [Tue Sep 2 23:31:49 2025] ? exc_page_fault+0x7e/0x180
> [Tue Sep 2 23:31:49 2025] entry_SYSCALL_64_after_hwframe+0x76/0x7e
> [Tue Sep 2 23:31:49 2025] RIP: 0033:0x7fe43d11988d
> [Tue Sep 2 23:31:49 2025] Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45
> 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f
> 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 2b 04 25 28 00 00 00
> [Tue Sep 2 23:31:49 2025] RSP: 002b:00007fff980905a0 EFLAGS: 00000246
> ORIG_RAX: 0000000000000010
> [Tue Sep 2 23:31:49 2025] RAX: ffffffffffffffda RBX: 00005630873e6e90 RCX:
> 00007fe43d11988d
> [Tue Sep 2 23:31:49 2025] RDX: 00007fff98090660 RSI: 00000000c0106440 RDI:
> 0000000000000012
> [Tue Sep 2 23:31:49 2025] RBP: 00007fff980905f0 R08: 0000000000002191 R09:
> 000017aa381e0000
> [Tue Sep 2 23:31:49 2025] R10: 00007fe3bff088c0 R11: 0000000000000246 R12:
> 00007fff98090660
> [Tue Sep 2 23:31:49 2025] R13: 00000000c0106440 R14: 0000000000000012 R15:
> 0000563087434560
> [Tue Sep 2 23:31:49 2025] </TASK>
> [Tue Sep 2 23:31:49 2025] Modules linked in: uinput ccm snd_seq_dummy
> snd_hrtimer snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device
> rfcomm cmac algif_hash algif_skcipher af_alg bnep zram lz4hc_compress
> lz4_compress binfmt_misc btusb btrtl uvcvideo btintel btbcm videobuf2_vmalloc
> btmtk uvc videobuf2_memops videobuf2_v4l2 bluetooth videodev videobuf2_common
> mc sg crc16 nls_ascii nls_cp437 vfat fat snd_sof_pci_intel_cnl
> snd_sof_intel_hda_generic soundwire_intel soundwire_generic_allocation
> soundwire_cadence snd_sof_intel_hda_common snd_soc_hdac_hda
> snd_sof_intel_hda_mlink intel_rapl_msr snd_sof_intel_hda intel_rapl_common
> snd_sof_pci intel_uncore_frequency snd_sof_xtensa_dsp
> intel_uncore_frequency_common iwlmvm snd_sof snd_sof_utils
> snd_soc_acpi_intel_match snd_soc_acpi soundwire_bus mac80211 snd_soc_avs
> snd_hda_codec_realtek x86_pkg_temp_thermal snd_soc_hda_codec intel_powerclamp
> snd_hda_ext_core coretemp snd_hda_codec_generic snd_soc_core
> snd_hda_scodec_component kvm_intel snd_hda_codec_hdmi snd_compress
> [Tue Sep 2 23:31:49 2025] snd_pcm_dmaengine snd_hda_intel libarc4
> snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec kvm iwlwifi snd_hda_core
> snd_hwdep snd_pcm_oss irqbypass snd_mixer_oss cfg80211 mei_hdcp mei_pxp rapl
> snd_pcm asus_wmi sparse_keymap intel_cstate platform_profile intel_uncore
> snd_timer mei_me intel_wmi_thunderbolt ee1004 snd rfkill mei wmi_bmof soundcore
> intel_pch_thermal intel_pmc_core intel_vsec pmt_telemetry acpi_pad pmt_class ac
> acpi_tad joydev evdev msr parport_pc dm_mod ppdev lp parport efi_pstore
> configfs nfnetlink efivarfs ip_tables x_tables autofs4 btrfs blake2b_generic
> xor sd_mod raid6_pq libcrc32c crc32c_generic uas usb_storage usbhid i915
> nouveau drm_gpuvm drm_exec gpu_sched drm_buddy i2c_algo_bit drm_display_helper
> cec hid_multitouch rc_core drm_ttm_helper hid_generic crct10dif_pclmul
> crc32_pclmul ttm crc32c_intel i2c_hid_acpi ghash_clmulni_intel ahci iTCO_wdt
> i2c_hid sha512_ssse3 xhci_pci intel_pmc_bxt drm_kms_helper hid libahci xhci_hcd
> sha256_ssse3 iTCO_vendor_support nvme libata watchdog sha1_ssse3
> [Tue Sep 2 23:31:49 2025] r8169 drm nvme_core usbcore aesni_intel realtek
> thunderbolt mxm_wmi i2c_i801 intel_lpss_pci gf128mul mdio_devres scsi_mod
> crypto_simd libphy cryptd serio_raw i2c_smbus intel_lpss nvme_auth idma64
> usb_common scsi_common battery video wmi button
> [Tue Sep 2 23:31:49 2025] CR2: 0000000000000000
> [Tue Sep 2 23:31:49 2025] ---[ end trace 0000000000000000 ]---
> [Tue Sep 2 23:31:49 2025] RIP: 0010:nvkm_gr_units+0x9/0x30 [nouveau]
> [Tue Sep 2 23:31:49 2025] Code: 74 06 ff e0 cc 66 90 cc 31 c0 c3 cc cc cc cc
> 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00
> 00 <48> 8b 07 48 8b 40 58 48 85 c0 74 06 ff e0 cc 66 90 cc 31 c0 c3 cc
> [Tue Sep 2 23:31:49 2025] RSP: 0018:ffffa1f38e783b70 EFLAGS: 00010246
> [Tue Sep 2 23:31:49 2025] RAX: ffff92a3ba38e000 RBX: ffffa1f38e783c50 RCX:
> ffff92a3871f2800
> [Tue Sep 2 23:31:49 2025] RDX: ffff92a38a102400 RSI: ffffa1f38e783c50 RDI:
> 0000000000000000
> [Tue Sep 2 23:31:49 2025] RBP: ffff92a432853200 R08: 000000000000000d R09:
> 0000000000000b38
> [Tue Sep 2 23:31:49 2025] R10: 0000000000000010 R11: 000000000000001a R12:
> ffffffffc0bb61f0
> [Tue Sep 2 23:31:49 2025] R13: ffffa1f38e783c50 R14: ffff92a3ba386000 R15:
> 0000000000000010
> [Tue Sep 2 23:31:49 2025] FS: 00007fe43b074940(0000)
> GS:ffff92ab1db00000(0000) knlGS:0000000000000000
> [Tue Sep 2 23:31:49 2025] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [Tue Sep 2 23:31:49 2025] CR2: 0000000000000000 CR3: 000000030ae00001 CR4:
> 00000000003726f0
> [Tue Sep 2 23:31:49 2025] note: com.github.tchx[4820] exited with irqs
> disabled
> ```````````````````````````````````````````
Can you please report this issue to upstream. You can contact the
initial set of recipients as:
Lyude Paul <lyude@redhat.com> (maintainer:DRM DRIVER FOR NVIDIA GEFORCE/QUADRO GPUS)
Danilo Krummrich <dakr@kernel.org> (maintainer:DRM DRIVER FOR NVIDIA GEFORCE/QUADRO GPUS)
David Airlie <airlied@gmail.com> (maintainer:DRM DRIVERS)
Simona Vetter <simona@ffwll.ch> (maintainer:DRM DRIVERS)
dri-devel@lists.freedesktop.org (open list:DRM DRIVER FOR NVIDIA GEFORCE/QUADRO GPUS)
nouveau@lists.freedesktop.org (open list:DRM DRIVER FOR NVIDIA GEFORCE/QUADRO GPUS)
linux-kernel@vger.kernel.org (open list)
Before doing so please test as well the newest kernel available in
trixie and in unstable to see if the problem persist in either.
Thanks already.
Regards,
Salvatore
Reply to: