Greeting,
FYI, we noticed BUG:kernel_NULL_pointer_dereference due to commit (built with gcc-11):
commit: a2cf3264f331acfeb7e463ad7b7fe1ac647a829d ("rxrpc: Fold __rxrpc_unuse_local() into rxrpc_unuse_local()")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
[test failed on linux-next/master 39ab32797f072eaf86b1faa7384ac73450684110]
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
[ 23.941859][ T1] BUG: kernel NULL pointer dereference, address: 00000188
[ 23.942355][ T1] #PF: supervisor read access in kernel mode
[ 23.942754][ T1] #PF: error_code(0x0000) - not-present page
[ 23.943151][ T1] *pde = 00000000
[ 23.943400][ T1] Oops: 0000 [#1] SMP
[ 23.943664][ T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.1.0-rc7-01552-ga2cf3264f331 #1
[ 23.944254][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 23.944947][ T1] EIP: rxrpc_unuse_local (??:?)
[ 23.945328][ T1] Code: 01 00 00 85 d2 0f 84 da fd ff ff 89 42 04 e9 d2 fd ff ff 0f 0b b8 f4 af 1e c3 e8 9b a1 2b 00 8d 74 26 00 3e 8d 74 26 00 89 d1 <8b> 90 88 01 00 00 85 c0 74 47 55 89 e5 57 56 be ff ff ff ff 53 89
All code
========
0: 01 00 add %eax,(%rax)
2: 00 85 d2 0f 84 da add %al,-0x257bf02e(%rbp)
8: fd std
9: ff (bad)
a: ff 89 42 04 e9 d2 decl -0x2d16fbbe(%rcx)
10: fd std
11: ff (bad)
12: ff 0f decl (%rdi)
14: 0b b8 f4 af 1e c3 or -0x3ce1500c(%rax),%edi
1a: e8 9b a1 2b 00 callq 0x2ba1ba
1f: 8d 74 26 00 lea 0x0(%rsi,%riz,1),%esi
23: 3e 8d 74 26 00 lea %ds:0x0(%rsi,%riz,1),%esi
28: 89 d1 mov %edx,%ecx
2a:* 8b 90 88 01 00 00 mov 0x188(%rax),%edx <-- trapping instruction
30: 85 c0 test %eax,%eax
32: 74 47 je 0x7b
34: 55 push %rbp
35: 89 e5 mov %esp,%ebp
37: 57 push %rdi
38: 56 push %rsi
39: be ff ff ff ff mov $0xffffffff,%esi
3e: 53 push %rbx
3f: 89 .byte 0x89
Code starting with the faulting instruction
===========================================
0: 8b 90 88 01 00 00 mov 0x188(%rax),%edx
6: 85 c0 test %eax,%eax
8: 74 47 je 0x51
a: 55 push %rbp
b: 89 e5 mov %esp,%ebp
d: 57 push %rdi
e: 56 push %rsi
f: be ff ff ff ff mov $0xffffffff,%esi
14: 53 push %rbx
15: 89 .byte 0x89
[ 23.946638][ T1] EAX: 00000000 EBX: ca3c3b00 ECX: 00000014 EDX: 00000014
[ 23.947113][ T1] ESI: ca3c3d80 EDI: c4293eb4 EBP: c4293e6c ESP: c4293e60
[ 23.947585][ T1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010246
[ 23.948092][ T1] CR0: 80050033 CR2: 00000188 CR3: 034fe000 CR4: 00040690
[ 23.948577][ T1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 23.949050][ T1] DR6: fffe0ff0 DR7: 00000400
[ 23.949358][ T1] Call Trace:
[ 23.949575][ T1] ? rxrpc_release_sock (af_rxrpc.c:?)
[ 23.949927][ T1] rxrpc_release (af_rxrpc.c:?)
[ 23.950219][ T1] sock_release (??:?)
[ 23.950535][ T1] afs_open_socket (??:?)
[ 23.950854][ T1] afs_net_init (main.c:?)
[ 23.951154][ T1] ops_init+0x2e/0x100
[ 23.951500][ T1] register_pernet_operations (net_namespace.c:?)
[ 23.951868][ T1] register_pernet_device (??:?)
[ 23.952215][ T1] ? ovl_aio_request_cache_init (main.c:?)
[ 23.952595][ T1] afs_init (main.c:?)
[ 23.952865][ T1] do_one_initcall (??:?)
[ 23.953191][ T1] ? rdinit_setup (main.c:?)
[ 23.953499][ T1] ? rdinit_setup (main.c:?)
[ 23.953807][ T1] ? rcu_read_lock_sched_held (??:?)
[ 23.954181][ T1] do_initcalls (main.c:?)
[ 23.954475][ T1] kernel_init_freeable (main.c:?)
[ 23.954818][ T1] ? rest_init (main.c:?)
[ 23.955144][ T1] kernel_init (main.c:?)
[ 23.955430][ T1] ret_from_fork (??:?)
[ 23.955726][ T1] Modules linked in:
[ 23.955991][ T1] CR2: 0000000000000188
[ 23.956269][ T1] ---[ end trace 0000000000000000 ]---
[ 23.956629][ T1] EIP: rxrpc_unuse_local (??:?)
[ 23.956972][ T1] Code: 01 00 00 85 d2 0f 84 da fd ff ff 89 42 04 e9 d2 fd ff ff 0f 0b b8 f4 af 1e c3 e8 9b a1 2b 00 8d 74 26 00 3e 8d 74 26 00 89 d1 <8b> 90 88 01 00 00 85 c0 74 47 55 89 e5 57 56 be ff ff ff ff 53 89
If you fix the issue, kindly add following tag
| Reported-by: kernel test robot <[email protected]>
| Link: https://lore.kernel.org/oe-lkp/[email protected]
To reproduce:
# build kernel
cd linux
cp config-6.1.0-rc7-01552-ga2cf3264f331 .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp