Bug 1173891 - BUG: kernel NULL pointer dereference, address: 0000000d during install on i686 notebook
BUG: kernel NULL pointer dereference, address: 0000000d during install on i68...
Status: NEW
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel
Current
i686 Other
: P5 - None : Normal (vote)
: ---
Assigned To: openSUSE Kernel Bugs
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-07-08 11:38 UTC by Richard Weinberger
Modified: 2020-11-17 13:18 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Weinberger 2020-07-08 11:38:36 UTC
While installing Tumbleweed (openSUSE-Tumbleweed-NET-i586-Snapshot20200701-Media.iso) on my old notbook I got the following crash:

---cut---
[ 3448.675690] BUG: kernel NULL pointer dereference, address: 0000000d
[ 3448.675713] #PF: supervisor read access in kernel mode
[ 3448.675723] #PF: error_code(0x0000) - not-present page
[ 3448.675733] *pde = 00000000
[ 3448.675746] Oops: 0000 [#1] SMP
[ 3448.675759] CPU: 1 PID: 13684 Comm: rpm Not tainted 5.7.5-1-default #1 openSUSE Tumbleweed (unreleased)
[ 3448.675771] Hardware name: Dell Inc. Latitude 2100                   /0W785N, BIOS A01 06/02/2009
[ 3448.675792] EIP: __vfs_write+0x83/0x200
[ 3448.675805] Code: 00 00 8b 73 24 89 55 b0 89 4d b4 89 f0 89 75 ac c1 e8 09 83 e0 02 81 e6 00 40 00 00 0f 85 fd 00 00 00 8b b3 a4 00 00 00 8b 36 <f6> 46 0d 20 0f 85 eb 00 00 00 f7 45 ac 00 10 00 00 75 15 8b b3 a4
[ 3448.675825] EAX: 00000000 EBX: ddb3a180 ECX: 00005e44 EDX: bfd3af6c
[ 3448.675836] ESI: 00000000 EDI: c28fdf7c EBP: c28fdf4c ESP: c28fdef4
[ 3448.675848] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246
[ 3448.675859] CR0: 80050033 CR2: 0000000d CR3: 32744000 CR4: 000006d0
[ 3448.675868] Call Trace:
[ 3448.675885]  ? apparmor_file_permission+0x56/0x160
[ 3448.675902]  ? security_file_permission+0x2c/0x150
[ 3448.675916]  ? rw_verify_area+0x44/0x90
[ 3448.675928]  vfs_write+0x9b/0x1c0
[ 3448.675942]  ? ktime_get_real_ts64+0x4f/0x150
[ 3448.675955]  ksys_write+0x58/0xd0
[ 3448.675968]  __ia32_sys_write+0x15/0x20
[ 3448.675982]  do_int80_syscall_32+0x41/0x120
[ 3448.675996]  entry_INT80_32+0xfc/0xfc
[ 3448.676007] EIP: 0xb7d71522
[ 3448.676018] Code: 90 66 90 66 90 66 90 90 56 53 83 ec 14 8b 5c 24 20 8b 4c 24 24 8b 54 24 28 65 a1 0c 00 00 00 85 c0 75 1d b8 04 00 00 00 cd 80 <89> c3 3d 00 f0 ff ff 77 4d 83 c4 14 89 d8 5b 5e c3 8d 74 26 00 90
[ 3448.676039] EAX: ffffffda EBX: 00000009 ECX: bfd3af6c EDX: 00005e44
[ 3448.676050] ESI: 02486bf0 EDI: b7e5ba90 EBP: 02481c50 ESP: bfd3aea0
[ 3448.676061] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000246
[ 3448.676077]  ? nmi+0xc5/0x2b0
[ 3448.676085] Modules linked in: nls_utf8 isofs usbhid parport_pc parport btrfs xor raid6_pq libcrc32c dm_multipath dm_mod 8021q garp mrp stp llc arc4 fan nfs lockd grace fscache nls_iso8859_1 nls_cp437 af_packet sg st sr_mod cdrom iscsi_ibft iscsi_boot_sysfs sunrpc b43 cordic bcma mac80211 cfg80211 i915 ums_realtek uas usb_storage libarc4 dell_laptop gpio_ich ledtrig_audio dell_wmi rfkill sparse_keymap wmi_bmof dell_smbios dell_wmi_descriptor dcdbas i2c_algo_bit ahci drm_kms_helper libahci syscopyarea sysfillrect sysimgblt fb_sys_fops tg3 cec joydev libata rc_core pcspkr serio_raw i2c_i801 libphy lpc_ich drm uhci_hcd ssb ehci_pci ehci_hcd mmc_core usbcore ptp pps_core hwmon pcmcia pcmcia_core thermal wmi tiny_power_button battery button ac video acpi_cpufreq scsi_dh_rdac scsi_dh_emc scsi_dh_alua edd squashfs loop
[ 3448.676246] CR2: 000000000000000d
[ 3448.676258] ---[ end trace 2e9b3e59a1582583 ]---
---cut---

Filesystem is btrfs.

Thanks,
//richard
Comment 1 Takashi Iwai 2020-07-10 08:32:16 UTC
Is this a regression from the earlier TW releases?

Also, any chance to try a newer kernel, e.g. the one in OBS Kernel:stable repo? 

FWIW, the stack trace implies that file->f_mapping is NULL and crashes at io_is_direct() check.
Comment 2 Richard Weinberger 2020-07-10 08:46:44 UTC
(In reply to Takashi Iwai from comment #1)
> Is this a regression from the earlier TW releases?

Can't tell. I got recently access to some old notebooks and thought
having them run Linux is a good idea.

> Also, any chance to try a newer kernel, e.g. the one in OBS Kernel:stable
> repo? 

Since it happens during install it can be a little tricky, but maybe I have time during weekend.
Or do you have a pointer to a TW installer with a recent kernel?

> FWIW, the stack trace implies that file->f_mapping is NULL and crashes at
> io_is_direct() check.

FWIW, I see a similar issue on a second Intel Atom (ia32) based Lenovo Notebook,
it crashes also while installing. Sadly so hard that I cannot get anything from
the console.

Thanks,
//richard
Comment 3 Jiri Slaby 2020-07-10 11:32:27 UTC
FWIW decoded stacktrace is below. The kernel seems to be a1775d0843b12327f00c719acc05a8224f9ef596.

> BUG: kernel NULL pointer dereference, address: 0000000d
> #PF: supervisor read access in kernel mode
> #PF: error_code(0x0000) - not-present page
> *pde = 00000000
> Oops: 0000 [#1] SMP
> CPU: 1 PID: 13684 Comm: rpm Not tainted 5.7.5-1-default #1 openSUSE Tumbleweed (unreleased)
> Hardware name: Dell Inc. Latitude 2100                   /0W785N, BIOS A01 06/02/2009
> EIP: __vfs_write (include/linux/fs.h:3420)
> Code: 00 00 8b 73 24 89 55 b0 89 4d b4 89 f0 89 75 ac c1 e8 09 83 e0 02 81 e6 00 40 00 00 0f 85 fd 00 00 00 8b b3 a4 00 00 00 8b 36 <f6> 46 0d 20 0f 85 eb 00 00 00 f7 45 ac 00 10 00 00 75 15 8b b3 a4
> All code
> ========
>    0: 00 00                   add    %al,(%rax)
>    2: 8b 73 24                mov    0x24(%rbx),%esi
>    5: 89 55 b0                mov    %edx,-0x50(%rbp)
>    8: 89 4d b4                mov    %ecx,-0x4c(%rbp)
>    b: 89 f0                   mov    %esi,%eax
>    d: 89 75 ac                mov    %esi,-0x54(%rbp)
>   10: c1 e8 09                shr    $0x9,%eax
>   13: 83 e0 02                and    $0x2,%eax
>   16: 81 e6 00 40 00 00       and    $0x4000,%esi
>   1c: 0f 85 fd 00 00 00       jne    0x11f
>   22: 8b b3 a4 00 00 00       mov    0xa4(%rbx),%esi
>   28: 8b 36                   mov    (%rsi),%esi
>   2a:*        f6 46 0d 20             testb  $0x20,0xd(%rsi)          <-- trapping instruction
>   2e: 0f 85 eb 00 00 00       jne    0x11f
>   34: f7 45 ac 00 10 00 00    testl  $0x1000,-0x54(%rbp)
>   3b: 75 15                   jne    0x52
>   3d: 8b                      .byte 0x8b
>   3e: b3 a4                   mov    $0xa4,%bl
>
> Code starting with the faulting instruction
> ===========================================
>    0: f6 46 0d 20             testb  $0x20,0xd(%rsi)
>    4: 0f 85 eb 00 00 00       jne    0xf5
>    a: f7 45 ac 00 10 00 00    testl  $0x1000,-0x54(%rbp)
>   11: 75 15                   jne    0x28
>   13: 8b                      .byte 0x8b
>   14: b3 a4                   mov    $0xa4,%bl
> EAX: 00000000 EBX: ddb3a180 ECX: 00005e44 EDX: bfd3af6c
> ESI: 00000000 EDI: c28fdf7c EBP: c28fdf4c ESP: c28fdef4
> DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246
> CR0: 80050033 CR2: 0000000d CR3: 32744000 CR4: 000006d0
> Call Trace:
> vfs_write (fs/read_write.c:560)
> ksys_write (fs/read_write.c:613)
> __ia32_sys_write (fs/read_write.c:621)
> do_int80_syscall_32 (arch/x86/entry/common.c:337)
> entry_INT80_32 (arch/x86/entry/entry_32.S:1085)
Comment 4 Miroslav Beneš 2020-11-13 14:38:11 UTC
Richard, have you had a chance to try a new installation image? Some time has passed since the report, so it would be useful to retry. It may have been fixed meanwhile. TW is on 5.9.x kernel now.
Comment 5 Richard Weinberger 2020-11-17 13:18:44 UTC
(In reply to Miroslav Beneš from comment #4)
> Richard, have you had a chance to try a new installation image? Some time
> has passed since the report, so it would be useful to retry. It may have
> been fixed meanwhile. TW is on 5.9.x kernel now.

Thanks for getting back to me!
I gave it a try but the installation failed, sadly without output.
While unpacking packages the device stopped and rebooted. :-(