[Bug 1173891] New: BUG: kernel NULL pointer dereference, address: 0000000d during install on i686 notebook
https://bugzilla.suse.com/show_bug.cgi?id=1173891 Bug ID: 1173891 Summary: BUG: kernel NULL pointer dereference, address: 0000000d during install on i686 notebook Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: i686 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-bugs@opensuse.org Reporter: richard@nod.at QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- While installing Tumbleweed (openSUSE-Tumbleweed-NET-i586-Snapshot20200701-Media.iso) on my old notbook I got the following crash: ---cut--- [ 3448.675690] BUG: kernel NULL pointer dereference, address: 0000000d [ 3448.675713] #PF: supervisor read access in kernel mode [ 3448.675723] #PF: error_code(0x0000) - not-present page [ 3448.675733] *pde = 00000000 [ 3448.675746] Oops: 0000 [#1] SMP [ 3448.675759] CPU: 1 PID: 13684 Comm: rpm Not tainted 5.7.5-1-default #1 openSUSE Tumbleweed (unreleased) [ 3448.675771] Hardware name: Dell Inc. Latitude 2100 /0W785N, BIOS A01 06/02/2009 [ 3448.675792] EIP: __vfs_write+0x83/0x200 [ 3448.675805] Code: 00 00 8b 73 24 89 55 b0 89 4d b4 89 f0 89 75 ac c1 e8 09 83 e0 02 81 e6 00 40 00 00 0f 85 fd 00 00 00 8b b3 a4 00 00 00 8b 36 <f6> 46 0d 20 0f 85 eb 00 00 00 f7 45 ac 00 10 00 00 75 15 8b b3 a4 [ 3448.675825] EAX: 00000000 EBX: ddb3a180 ECX: 00005e44 EDX: bfd3af6c [ 3448.675836] ESI: 00000000 EDI: c28fdf7c EBP: c28fdf4c ESP: c28fdef4 [ 3448.675848] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246 [ 3448.675859] CR0: 80050033 CR2: 0000000d CR3: 32744000 CR4: 000006d0 [ 3448.675868] Call Trace: [ 3448.675885] ? apparmor_file_permission+0x56/0x160 [ 3448.675902] ? security_file_permission+0x2c/0x150 [ 3448.675916] ? rw_verify_area+0x44/0x90 [ 3448.675928] vfs_write+0x9b/0x1c0 [ 3448.675942] ? ktime_get_real_ts64+0x4f/0x150 [ 3448.675955] ksys_write+0x58/0xd0 [ 3448.675968] __ia32_sys_write+0x15/0x20 [ 3448.675982] do_int80_syscall_32+0x41/0x120 [ 3448.675996] entry_INT80_32+0xfc/0xfc [ 3448.676007] EIP: 0xb7d71522 [ 3448.676018] Code: 90 66 90 66 90 66 90 90 56 53 83 ec 14 8b 5c 24 20 8b 4c 24 24 8b 54 24 28 65 a1 0c 00 00 00 85 c0 75 1d b8 04 00 00 00 cd 80 <89> c3 3d 00 f0 ff ff 77 4d 83 c4 14 89 d8 5b 5e c3 8d 74 26 00 90 [ 3448.676039] EAX: ffffffda EBX: 00000009 ECX: bfd3af6c EDX: 00005e44 [ 3448.676050] ESI: 02486bf0 EDI: b7e5ba90 EBP: 02481c50 ESP: bfd3aea0 [ 3448.676061] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000246 [ 3448.676077] ? nmi+0xc5/0x2b0 [ 3448.676085] Modules linked in: nls_utf8 isofs usbhid parport_pc parport btrfs xor raid6_pq libcrc32c dm_multipath dm_mod 8021q garp mrp stp llc arc4 fan nfs lockd grace fscache nls_iso8859_1 nls_cp437 af_packet sg st sr_mod cdrom iscsi_ibft iscsi_boot_sysfs sunrpc b43 cordic bcma mac80211 cfg80211 i915 ums_realtek uas usb_storage libarc4 dell_laptop gpio_ich ledtrig_audio dell_wmi rfkill sparse_keymap wmi_bmof dell_smbios dell_wmi_descriptor dcdbas i2c_algo_bit ahci drm_kms_helper libahci syscopyarea sysfillrect sysimgblt fb_sys_fops tg3 cec joydev libata rc_core pcspkr serio_raw i2c_i801 libphy lpc_ich drm uhci_hcd ssb ehci_pci ehci_hcd mmc_core usbcore ptp pps_core hwmon pcmcia pcmcia_core thermal wmi tiny_power_button battery button ac video acpi_cpufreq scsi_dh_rdac scsi_dh_emc scsi_dh_alua edd squashfs loop [ 3448.676246] CR2: 000000000000000d [ 3448.676258] ---[ end trace 2e9b3e59a1582583 ]--- ---cut--- Filesystem is btrfs. Thanks, //richard -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c1 Takashi Iwai <tiwai@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jslaby@suse.com, | |richard@nod.at, | |tiwai@suse.com Flags| |needinfo?(richard@nod.at) --- Comment #1 from Takashi Iwai <tiwai@suse.com> --- Is this a regression from the earlier TW releases? Also, any chance to try a newer kernel, e.g. the one in OBS Kernel:stable repo? FWIW, the stack trace implies that file->f_mapping is NULL and crashes at io_is_direct() check. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c2 Richard Weinberger <richard@nod.at> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(richard@nod.at) | --- Comment #2 from Richard Weinberger <richard@nod.at> --- (In reply to Takashi Iwai from comment #1)
Is this a regression from the earlier TW releases?
Can't tell. I got recently access to some old notebooks and thought having them run Linux is a good idea.
Also, any chance to try a newer kernel, e.g. the one in OBS Kernel:stable repo?
Since it happens during install it can be a little tricky, but maybe I have time during weekend. Or do you have a pointer to a TW installer with a recent kernel?
FWIW, the stack trace implies that file->f_mapping is NULL and crashes at io_is_direct() check.
FWIW, I see a similar issue on a second Intel Atom (ia32) based Lenovo Notebook, it crashes also while installing. Sadly so hard that I cannot get anything from the console. Thanks, //richard -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c3 --- Comment #3 from Jiri Slaby <jslaby@suse.com> --- FWIW decoded stacktrace is below. The kernel seems to be a1775d0843b12327f00c719acc05a8224f9ef596.
BUG: kernel NULL pointer dereference, address: 0000000d #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page *pde = 00000000 Oops: 0000 [#1] SMP CPU: 1 PID: 13684 Comm: rpm Not tainted 5.7.5-1-default #1 openSUSE Tumbleweed (unreleased) Hardware name: Dell Inc. Latitude 2100 /0W785N, BIOS A01 06/02/2009 EIP: __vfs_write (include/linux/fs.h:3420) Code: 00 00 8b 73 24 89 55 b0 89 4d b4 89 f0 89 75 ac c1 e8 09 83 e0 02 81 e6 00 40 00 00 0f 85 fd 00 00 00 8b b3 a4 00 00 00 8b 36 <f6> 46 0d 20 0f 85 eb 00 00 00 f7 45 ac 00 10 00 00 75 15 8b b3 a4 All code ======== 0: 00 00 add %al,(%rax) 2: 8b 73 24 mov 0x24(%rbx),%esi 5: 89 55 b0 mov %edx,-0x50(%rbp) 8: 89 4d b4 mov %ecx,-0x4c(%rbp) b: 89 f0 mov %esi,%eax d: 89 75 ac mov %esi,-0x54(%rbp) 10: c1 e8 09 shr $0x9,%eax 13: 83 e0 02 and $0x2,%eax 16: 81 e6 00 40 00 00 and $0x4000,%esi 1c: 0f 85 fd 00 00 00 jne 0x11f 22: 8b b3 a4 00 00 00 mov 0xa4(%rbx),%esi 28: 8b 36 mov (%rsi),%esi 2a:* f6 46 0d 20 testb $0x20,0xd(%rsi) <-- trapping instruction 2e: 0f 85 eb 00 00 00 jne 0x11f 34: f7 45 ac 00 10 00 00 testl $0x1000,-0x54(%rbp) 3b: 75 15 jne 0x52 3d: 8b .byte 0x8b 3e: b3 a4 mov $0xa4,%bl
Code starting with the faulting instruction =========================================== 0: f6 46 0d 20 testb $0x20,0xd(%rsi) 4: 0f 85 eb 00 00 00 jne 0xf5 a: f7 45 ac 00 10 00 00 testl $0x1000,-0x54(%rbp) 11: 75 15 jne 0x28 13: 8b .byte 0x8b 14: b3 a4 mov $0xa4,%bl EAX: 00000000 EBX: ddb3a180 ECX: 00005e44 EDX: bfd3af6c ESI: 00000000 EDI: c28fdf7c EBP: c28fdf4c ESP: c28fdef4 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246 CR0: 80050033 CR2: 0000000d CR3: 32744000 CR4: 000006d0 Call Trace: vfs_write (fs/read_write.c:560) ksys_write (fs/read_write.c:613) __ia32_sys_write (fs/read_write.c:621) do_int80_syscall_32 (arch/x86/entry/common.c:337) entry_INT80_32 (arch/x86/entry/entry_32.S:1085)
-- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c4 Miroslav Bene�� <mbenes@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mbenes@suse.com --- Comment #4 from Miroslav Bene�� <mbenes@suse.com> --- Richard, have you had a chance to try a new installation image? Some time has passed since the report, so it would be useful to retry. It may have been fixed meanwhile. TW is on 5.9.x kernel now. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c5 --- Comment #5 from Richard Weinberger <richard@nod.at> --- (In reply to Miroslav Bene�� from comment #4)
Richard, have you had a chance to try a new installation image? Some time has passed since the report, so it would be useful to retry. It may have been fixed meanwhile. TW is on 5.9.x kernel now.
Thanks for getting back to me! I gave it a try but the installation failed, sadly without output. While unpacking packages the device stopped and rebooted. :-( -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1173891 https://bugzilla.suse.com/show_bug.cgi?id=1173891#c6 Jiri Slaby <jslaby@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(richard@nod.at) --- Comment #6 from Jiri Slaby <jslaby@suse.com> --- It appears to me as HW failures. Are the crashes always the same or they vary? Anyway, this is 32bit, so it won't draw much attention :/. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com