Bug 213815
| Summary: | kernel NULL pointer dereference, address: 0000000000000000 - sysfs_kf_seq_show, rcu_note_context_switch and efi_recover_from_page_fault | ||
|---|---|---|---|
| Product: | Drivers | Reporter: | sander44 (ionut_n2001) |
| Component: | IOMMU | Assignee: | drivers_iommu |
| Status: | NEW --- | ||
| Severity: | blocking | ||
| Priority: | P1 | ||
| Hardware: | x86-64 | ||
| OS: | Linux | ||
| Kernel Version: | 5.10.52 | Subsystem: | |
| Regression: | No | Bisected commit-id: | |
| Attachments: | dmesg with bug | ||
Created attachment 297987 [details] dmesg with bug Hi Kernel Team, I notice this: [ 141.756785] general protection fault, probably for non-canonical address 0x657664325f666c65: 0000 [#1] PREEMPT SMP NOPTI [ 141.756795] CPU: 5 PID: 2416 Comm: udevadm Not tainted 5.10.52-1-vanilla #1 [ 141.756798] Hardware name: OnLogic RXM-181/RXM-181, BIOS Z01-0001A031 05/11/2020 [ 141.756806] RIP: 0010:sysfs_kf_seq_show+0x27/0x100 [ 141.756810] Code: 00 66 90 0f 1f 44 00 00 55 48 89 e5 41 54 53 48 8b 77 70 48 89 fb 48 8b 06 48 8b 40 08 4c 8b 40 60 4d 8b 60 28 4d 85 e4 74 05 <4d> 8b 64 24 08 48 8b 43 18 48 8b 4b 08 48 39 c8 0f 87 b1 00 00 00 [ 141.756816] RSP: 0018:ffffb779005e7d50 EFLAGS: 00010206 [ 141.756820] RAX: ffff95b5ce745480 RBX: ffff95b5d2d84870 RCX: 0000000000000001 [ 141.756823] RDX: ffff95b5d0de0d80 RSI: ffff95b5d0de0d80 RDI: ffff95b5d2d84870 [ 141.756826] RBP: ffffb779005e7d60 R08: ffff95b5d1540018 R09: 0000000000000001 [ 141.756829] R10: ffffffffffff6958 R11: 0000000000000000 R12: 657664325f666c65 [ 141.756832] R13: 0000000000000001 R14: ffff95b5d2d84898 R15: ffff95b5d2d84870 [ 141.756836] FS: 00007fa730b54d40(0000) GS:ffff95bd0c540000(0000) knlGS:0000000000000000 [ 141.756840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.756843] CR2: 0000556c83213258 CR3: 00000001116c8001 CR4: 00000000003706e0 [ 141.756846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 141.756849] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 141.756852] Call Trace: [ 141.756857] kernfs_seq_show+0x27/0x30 [ 141.756862] seq_read_iter+0x122/0x4b0 [ 141.756867] ? __mod_memcg_lruvec_state+0x27/0xf0 [ 141.756871] kernfs_fop_read_iter+0x150/0x1b0 [ 141.756877] ? lru_cache_add_inactive_or_unevictable+0x28/0xa0 [ 141.756881] new_sync_read+0x10d/0x190 [ 141.756886] vfs_read+0x15a/0x1c0 [ 141.756890] ksys_read+0x67/0xe0 [ 141.756893] __x64_sys_read+0x1a/0x20 [ 141.756898] do_syscall_64+0x38/0x90 [ 141.756903] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.756906] RIP: 0033:0x7fa73113c5a1 [ 141.756909] Code: fe ff ff 50 48 8d 3d ce cf 09 00 e8 e9 03 02 00 66 0f 1f 84 00 00 00 00 00 48 8d 05 59 61 0d 00 8b 00 85 c0 75 13 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 57 c3 66 0f 1f 44 00 00 41 54 49 89 d4 55 48 [ 141.756915] RSP: 002b:00007ffde404cec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 141.756919] RAX: ffffffffffffffda RBX: 0000556c831fe260 RCX: 00007fa73113c5a1 [ 141.756922] RDX: 0000000000001000 RSI: 0000556c83211240 RDI: 0000000000000005 [ 141.756925] RBP: 00007fa73120a2a0 R08: 0000000000000003 R09: 0000000000000077 [ 141.756928] R10: 0000556c831fe010 R11: 0000000000000246 R12: 0000000000001001 [ 141.756931] R13: 0000556c83211240 R14: 0000000000000d68 R15: 00007fa731209760 [ 141.756936] Modules linked in: pci_stub bluetooth ecdh_generic ecc st cfg80211 snd_soc_skl_hda_dsp snd_soc_hdac_hdmi nls_iso8859_1 snd_hda_codec_hdmi snd_hda_codec_realtek input_leds joydev snd_hda_codec_generic snd_soc_dmic snd_sof_pci snd_sof_intel_byt snd_sof_intel_ipc snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_hda_ext_core snd_soc_acpi_intel_match snd_soc_acpi ledtrig_audio intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal snd_hda_intel intel_powerclamp coretemp snd_intel_dspcfg kvm_intel mei_hdcp soundwire_intel cdc_acm soundwire_generic_allocation soundwire_cadence snd_hda_codec kvm snd_hda_core crct10dif_pclmul snd_hwdep crc32_pclmul soundwire_bus ghash_clmulni_intel aesni_intel snd_soc_core snd_compress crypto_simd cryptd ac97_bus glue_helper snd_pcm_dmaengine snd_pcm rapl intel_cstate snd_timer snd wmi_bmof intel_wmi_thunderbolt pcspkr efi_pstore soundcore ee1004 8250_dw mei_me mei intel_pch_thermal mac_hid acpi_tad acpi_pad [ 141.756989] binfmt_misc ip_tables x_tables autofs4 btrfs blake2b_generic usbkbd raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbmouse usbhid hid i915 nvme drm_kms_helper i2c_i801 i2c_smbus nvme_core igb syscopyarea sysfillrect sysimgblt fb_sys_fops cec dca ahci rc_core i2c_algo_bit intel_lpss_pci xhci_pci libahci intel_lpss xhci_pci_renesas e1000e idma64 drm virt_dma wmi video pinctrl_cannonlake [ 141.757056] ---[ end trace 5320cddd397b9d08 ]--- [ 141.758350] ------------[ cut here ]------------ [ 141.758358] WARNING: CPU: 5 PID: 2416 at kernel/rcu/tree_plugin.h:297 rcu_note_context_switch+0x48/0x470 [ 141.758363] Modules linked in: pci_stub bluetooth ecdh_generic ecc st cfg80211 snd_soc_skl_hda_dsp snd_soc_hdac_hdmi nls_iso8859_1 snd_hda_codec_hdmi snd_hda_codec_realtek input_leds joydev snd_hda_codec_generic snd_soc_dmic snd_sof_pci snd_sof_intel_byt snd_sof_intel_ipc snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_hda_ext_core snd_soc_acpi_intel_match snd_soc_acpi ledtrig_audio intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal snd_hda_intel intel_powerclamp coretemp snd_intel_dspcfg kvm_intel mei_hdcp soundwire_intel cdc_acm soundwire_generic_allocation soundwire_cadence snd_hda_codec kvm snd_hda_core crct10dif_pclmul snd_hwdep crc32_pclmul soundwire_bus ghash_clmulni_intel aesni_intel snd_soc_core snd_compress crypto_simd cryptd ac97_bus glue_helper snd_pcm_dmaengine snd_pcm rapl intel_cstate snd_timer snd wmi_bmof intel_wmi_thunderbolt pcspkr efi_pstore soundcore ee1004 8250_dw mei_me mei intel_pch_thermal mac_hid acpi_tad acpi_pad [ 141.758414] binfmt_misc ip_tables x_tables autofs4 btrfs blake2b_generic usbkbd raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbmouse usbhid hid i915 nvme drm_kms_helper i2c_i801 i2c_smbus nvme_core igb syscopyarea sysfillrect sysimgblt fb_sys_fops cec dca ahci rc_core i2c_algo_bit intel_lpss_pci xhci_pci libahci intel_lpss xhci_pci_renesas e1000e idma64 drm virt_dma wmi video pinctrl_cannonlake [ 141.758486] CPU: 5 PID: 2416 Comm: udevadm Tainted: G D 5.10.52-1-vanilla #1 [ 141.758490] Hardware name: OnLogic RXM-181/RXM-181, BIOS Z01-0001A031 05/11/2020 [ 141.758497] RIP: 0010:rcu_note_context_switch+0x48/0x470 [ 141.758501] Code: c3 c0 ce 02 00 65 48 03 1d 7d 86 ce 55 0f 1f 44 00 00 45 84 e4 75 15 65 48 8b 04 25 c0 7b 01 00 8b 90 88 07 00 00 85 d2 7e 02 <0f> 0b 65 48 8b 04 25 c0 7b 01 00 8b 80 88 07 00 00 85 c0 7e 0a 41 [ 141.758508] RSP: 0018:ffffb779005e7730 EFLAGS: 00010002 [ 141.758512] RAX: ffff95b5cc208000 RBX: ffff95bd0c56cec0 RCX: 0000000000000000 [ 141.758515] RDX: 0000000000000001 RSI: ffffffffaae2c2d8 RDI: 0000000000000000 [ 141.758519] RBP: ffffb779005e7750 R08: 0000000000000001 R09: ffff95bd0c4ac270 [ 141.758522] R10: 000000000000000e R11: 00000000000003b5 R12: 0000000000000000 [ 141.758526] R13: ffff95bd0c56c140 R14: ffff95b5cc208000 R15: ffff95bd0c56c140 [ 141.758530] FS: 00007fa730b54d40(0000) GS:ffff95bd0c540000(0000) knlGS:0000000000000000 [ 141.758535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.758538] CR2: 0000556c83213258 CR3: 00000001116c8001 CR4: 00000000003706e0 [ 141.758542] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 141.758545] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 141.758549] Call Trace: [ 141.758554] __schedule+0x9e/0x800 [ 141.758560] ? ttwu_do_activate+0x6e/0xd0 [ 141.758564] schedule+0x68/0xe0 [ 141.758569] schedule_timeout+0x117/0x160 [ 141.758575] ? wake_up_process+0x15/0x20 [ 141.758579] ? insert_work+0x71/0x80 [ 141.758583] wait_for_completion+0x86/0xe0 [ 141.758590] virt_efi_query_variable_info+0x146/0x160 [ 141.758596] efi_query_variable_store+0x53/0x180 [ 141.758600] ? vsnprintf+0x71/0x4e0 [ 141.758607] efivar_entry_set_safe+0xbd/0x210 [ 141.758614] efi_pstore_write+0x106/0x190 [efi_pstore] [ 141.758620] pstore_dump+0x111/0x340 [ 141.758626] kmsg_dump+0xb0/0xd0 [ 141.758631] oops_exit+0x56/0x60 [ 141.758636] oops_end+0x66/0xd0 [ 141.758639] die_addr+0x51/0x60 [ 141.758645] exc_general_protection+0x1d3/0x3b0 [ 141.758653] asm_exc_general_protection+0x1e/0x30 [ 141.758659] RIP: 0010:sysfs_kf_seq_show+0x27/0x100 [ 141.758665] Code: 00 66 90 0f 1f 44 00 00 55 48 89 e5 41 54 53 48 8b 77 70 48 89 fb 48 8b 06 48 8b 40 08 4c 8b 40 60 4d 8b 60 28 4d 85 e4 74 05 <4d> 8b 64 24 08 48 8b 43 18 48 8b 4b 08 48 39 c8 0f 87 b1 00 00 00 [ 141.758671] RSP: 0018:ffffb779005e7d50 EFLAGS: 00010206 [ 141.758675] RAX: ffff95b5ce745480 RBX: ffff95b5d2d84870 RCX: 0000000000000001 [ 141.758679] RDX: ffff95b5d0de0d80 RSI: ffff95b5d0de0d80 RDI: ffff95b5d2d84870 [ 141.758683] RBP: ffffb779005e7d60 R08: ffff95b5d1540018 R09: 0000000000000001 [ 141.758687] R10: ffffffffffff6958 R11: 0000000000000000 R12: 657664325f666c65 [ 141.758691] R13: 0000000000000001 R14: ffff95b5d2d84898 R15: ffff95b5d2d84870 [ 141.758699] kernfs_seq_show+0x27/0x30 [ 141.758704] seq_read_iter+0x122/0x4b0 [ 141.758710] ? __mod_memcg_lruvec_state+0x27/0xf0 [ 141.758715] kernfs_fop_read_iter+0x150/0x1b0 [ 141.758722] ? lru_cache_add_inactive_or_unevictable+0x28/0xa0 [ 141.758727] new_sync_read+0x10d/0x190 [ 141.758731] vfs_read+0x15a/0x1c0 [ 141.758735] ksys_read+0x67/0xe0 [ 141.758739] __x64_sys_read+0x1a/0x20 [ 141.758743] do_syscall_64+0x38/0x90 [ 141.758749] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 141.758754] RIP: 0033:0x7fa73113c5a1 [ 141.758759] Code: fe ff ff 50 48 8d 3d ce cf 09 00 e8 e9 03 02 00 66 0f 1f 84 00 00 00 00 00 48 8d 05 59 61 0d 00 8b 00 85 c0 75 13 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 57 c3 66 0f 1f 44 00 00 41 54 49 89 d4 55 48 [ 141.758766] RSP: 002b:00007ffde404cec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 141.758770] RAX: ffffffffffffffda RBX: 0000556c831fe260 RCX: 00007fa73113c5a1 [ 141.758774] RDX: 0000000000001000 RSI: 0000556c83211240 RDI: 0000000000000005 [ 141.758778] RBP: 00007fa73120a2a0 R08: 0000000000000003 R09: 0000000000000077 [ 141.758782] R10: 0000556c831fe010 R11: 0000000000000246 R12: 0000000000001001 [ 141.758785] R13: 0000556c83211240 R14: 0000000000000d68 R15: 00007fa731209760 [ 141.758792] ---[ end trace 5320cddd397b9d09 ]--- [ 196.693313] RIP: 0010:sysfs_kf_seq_show+0x27/0x100 [ 196.693322] Code: 00 66 90 0f 1f 44 00 00 55 48 89 e5 41 54 53 48 8b 77 70 48 89 fb 48 8b 06 48 8b 40 08 4c 8b 40 60 4d 8b 60 28 4d 85 e4 74 05 <4d> 8b 64 24 08 48 8b 43 18 48 8b 4b 08 48 39 c8 0f 87 b1 00 00 00 [ 196.693329] RSP: 0018:ffffb779005e7d50 EFLAGS: 00010206 [ 196.693333] RAX: ffff95b5ce745480 RBX: ffff95b5d2d84870 RCX: 0000000000000001 [ 196.693336] RDX: ffff95b5d0de0d80 RSI: ffff95b5d0de0d80 RDI: ffff95b5d2d84870 [ 196.693339] RBP: ffffb779005e7d60 R08: ffff95b5d1540018 R09: 0000000000000001 [ 196.693342] R10: ffffffffffff6958 R11: 0000000000000000 R12: 657664325f666c65 [ 196.693345] R13: 0000000000000001 R14: ffff95b5d2d84898 R15: ffff95b5d2d84870 [ 196.693349] FS: 00007fa730b54d40(0000) GS:ffff95bd0c5c0000(0000) knlGS:0000000000000000 [ 196.693353] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.693356] CR2: 000000000050ff54 CR3: 00000001116c8004 CR4: 00000000003706e0 [ 196.693359] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 196.693362] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 198.307700] general protection fault, probably for non-canonical address 0x6e7973656d697464: 0000 [#2] PREEMPT SMP NOPTI [ 198.307711] CPU: 4 PID: 2593 Comm: udevadm Tainted: G D W 5.10.52-1-vanilla #1 [ 198.307715] Hardware name: OnLogic RXM-181/RXM-181, BIOS Z01-0001A031 05/11/2020 [ 198.307722] RIP: 0010:sysfs_kf_seq_show+0x27/0x100 [ 198.307726] Code: 00 66 90 0f 1f 44 00 00 55 48 89 e5 41 54 53 48 8b 77 70 48 89 fb 48 8b 06 48 8b 40 08 4c 8b 40 60 4d 8b 60 28 4d 85 e4 74 05 <4d> 8b 64 24 08 48 8b 43 18 48 8b 4b 08 48 39 c8 0f 87 b1 00 00 00 [ 198.307732] RSP: 0018:ffffb779012b3d50 EFLAGS: 00010202 [ 198.307736] RAX: ffff95b5ce745480 RBX: ffff95b5d3883618 RCX: 0000000000000001 [ 198.307739] RDX: ffff95b5c2770f00 RSI: ffff95b5c2770f00 RDI: ffff95b5d3883618 [ 198.307743] RBP: ffffb779012b3d60 R08: ffff95b5d1540018 R09: 0000000000000001 [ 198.307746] R10: ffffffffffffda10 R11: 0000000000000000 R12: 6e7973656d697464 [ 198.307749] R13: 0000000000000001 R14: ffff95b5d3883640 R15: ffff95b5d3883618 [ 198.307752] FS: 00007f127a031d40(0000) GS:ffff95bd0c500000(0000) knlGS:0000000000000000 [ 198.307756] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.307759] CR2: 000055bc6fabf258 CR3: 0000000110c32003 CR4: 00000000003706e0 [ 198.307762] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 198.307765] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 198.307768] Call Trace: [ 198.307774] kernfs_seq_show+0x27/0x30 [ 198.307779] seq_read_iter+0x122/0x4b0 [ 198.307784] ? __mod_memcg_lruvec_state+0x27/0xf0 [ 198.307789] kernfs_fop_read_iter+0x150/0x1b0 [ 198.307794] ? lru_cache_add_inactive_or_unevictable+0x28/0xa0 [ 198.307799] new_sync_read+0x10d/0x190 [ 198.307803] vfs_read+0x15a/0x1c0 [ 198.307807] ksys_read+0x67/0xe0 [ 198.307811] __x64_sys_read+0x1a/0x20 [ 198.307815] do_syscall_64+0x38/0x90 [ 198.307820] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 198.307823] RIP: 0033:0x7f127a6195a1 [ 198.307827] Code: fe ff ff 50 48 8d 3d ce cf 09 00 e8 e9 03 02 00 66 0f 1f 84 00 00 00 00 00 48 8d 05 59 61 0d 00 8b 00 85 c0 75 13 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 57 c3 66 0f 1f 44 00 00 41 54 49 89 d4 55 48 [ 198.307833] RSP: 002b:00007ffcf6b49e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 198.307838] RAX: ffffffffffffffda RBX: 000055bc6faaa260 RCX: 00007f127a6195a1 [ 198.307841] RDX: 0000000000001000 RSI: 000055bc6fabd240 RDI: 0000000000000005 [ 198.307844] RBP: 00007f127a6e72a0 R08: 0000000000000003 R09: 0000000000000077 [ 198.307847] R10: 000055bc6faaa010 R11: 0000000000000246 R12: 0000000000001001 [ 198.307850] R13: 000055bc6fabd240 R14: 0000000000000d68 R15: 00007f127a6e6760 [ 198.307854] Modules linked in: pci_stub bluetooth ecdh_generic ecc st cfg80211 snd_soc_skl_hda_dsp snd_soc_hdac_hdmi nls_iso8859_1 snd_hda_codec_hdmi snd_hda_codec_realtek input_leds joydev snd_hda_codec_generic snd_soc_dmic snd_sof_pci snd_sof_intel_byt snd_sof_intel_ipc snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_hda_ext_core snd_soc_acpi_intel_match snd_soc_acpi ledtrig_audio intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal snd_hda_intel intel_powerclamp coretemp snd_intel_dspcfg kvm_intel mei_hdcp soundwire_intel cdc_acm soundwire_generic_allocation soundwire_cadence snd_hda_codec kvm snd_hda_core crct10dif_pclmul snd_hwdep crc32_pclmul soundwire_bus ghash_clmulni_intel aesni_intel snd_soc_core snd_compress crypto_simd cryptd ac97_bus glue_helper snd_pcm_dmaengine snd_pcm rapl intel_cstate snd_timer snd wmi_bmof intel_wmi_thunderbolt pcspkr efi_pstore soundcore ee1004 8250_dw mei_me mei intel_pch_thermal mac_hid acpi_tad acpi_pad [ 198.307906] binfmt_misc ip_tables x_tables autofs4 btrfs blake2b_generic usbkbd raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbmouse usbhid hid i915 nvme drm_kms_helper i2c_i801 i2c_smbus nvme_core igb syscopyarea sysfillrect sysimgblt fb_sys_fops cec dca ahci rc_core i2c_algo_bit intel_lpss_pci xhci_pci libahci intel_lpss xhci_pci_renesas e1000e idma64 drm virt_dma wmi video pinctrl_cannonlake [ 198.307973] ---[ end trace 5320cddd397b9d0a ]--- Step for reproduce: BOOT_IMAGE=/vmlinuz-5.13.4-1-vanilla root=UUID=ac59dee0-90a4-4d34-8518-acbb7c28b7cc ro splash quiet intel_iommu=on Step 1. # systemctl stop lightdm # modprobe pci-stub # CONTROLLER="00:02.0" # VENDOR=$(lspci -s $CONTROLLER -nD | awk '{ print $3 }' | cut -d: -f1) # PRODUCT=$(lspci -s $CONTROLLER -nD | awk '{ print $3 }' | cut -d: -f2) # KERNEL_MODULE=$(lspci -s $CONTROLLER -k | grep Kernel | head -2 | tail -1 | cut -d: -f2 | cut -d' ' -f2) # echo -n "$VENDOR $PRODUCT" > /sys/bus/pci/drivers/pci-stub/new_id # echo -n "0000:$CONTROLLER" > /sys/bus/pci/devices/0000:$CONTROLLER/driver/unbind Hang I try to reboot with the "reboot" command, but it doesn't work, the system gets stuck in an incomplete state.