Re: 5.3.18: BUG: kernel NULL pointer dereference

From: Udo van den Heuvel
Date: Sat Mar 28 2020 - 07:00:59 EST

Hello,

It happened again:

[247612.814926] BUG: kernel NULL pointer dereference, address:
0000000000000024
[247612.857147] #PF: supervisor read access in kernel mode
[247612.888446] #PF: error_code(0x0000) - not-present page
[247612.919748] PGD 0 P4D 0
[247612.935427] Oops: 0000 [#3] PREEMPT SMP NOPTI
[247612.962037] CPU: 4 PID: 695246 Comm: pidof Tainted: G D W
5.3.18 #25
[247613.007406] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS
PRO/X570 AORUS PRO, BIOS F11 12/06/2019
[247613.066308] RIP: 0010:pid_nr_ns+0xb/0x30
[247613.090314] Code: c0 74 0e 48 c1 e6 04 48 29 f0 48 2d 78 04 00 00 c3
31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 45 31 c0 48 85 ff 74 17 8b 46
48 <3b> 47 04 77 0f 48 c1 e0 04 48 8d 14 07 48 39 74 07 58 74 04 44 89
[247613.203383] RSP: 0018:ffffab6842ac3da0 EFLAGS: 00010202
[247613.235201] RAX: 0000000000000000 RBX: 0000000000041570 RCX:
0000000000000000
[247613.278481] RDX: 0000000000041571 RSI: ffffffff9e026000 RDI:
0000000000000020
[247613.321764] RBP: ffffab6842ac3dc8 R08: 0000000000000000 R09:
ffff9b0ace12b000
[247613.365040] R10: 0000000000041580 R11: 0000000000000000 R12:
0000000000000020
[247613.408320] R13: ffffffff9e026000 R14: 0000000000041570 R15:
ffff9b0931896dc0
[247613.451600] FS: 00007fb28d3027c0(0000) GS:ffff9b0b9f100000(0000)
knlGS:0000000000000000
[247613.500608] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[247613.535553] CR2: 0000000000000024 CR3: 0000000109406000 CR4:
00000000003406e0
[247613.578833] Call Trace:
[247613.594000] next_tgid+0x4a/0xc0
[247613.613833] proc_pid_readdir+0x11a/0x1fb
[247613.638368] iterate_dir+0x147/0x1a0
[247613.660300] ksys_getdents64+0x97/0x130
[247613.683779] ? filldir+0x180/0x180
[247613.704663] __x64_sys_getdents64+0x11/0x20
[247613.730235] do_syscall_64+0x5f/0x2d0
[247613.752684] ? __do_page_fault+0x1d3/0x410
[247613.777734] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[247613.808513] RIP: 0033:0x7fb28d65e57b
[247613.830439] Code: 0f 1e fa 48 8b 47 20 c3 0f 1f 80 00 00 00 00 f3 0f
1e fa 48 81 fa ff ff ff 7f b8 ff ff ff 7f 48 0f 47 d0 b8 d9 00 00 00 0f
05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 d9 88 0f 00 f7 d8
[247613.943506] RSP: 002b:00007ffde0652cd8 EFLAGS: 00000293 ORIG_RAX:
00000000000000d9
[247613.989391] RAX: ffffffffffffffda RBX: 000055f902ac1bd0 RCX:
00007fb28d65e57b
[247614.032670] RDX: 0000000000008000 RSI: 000055f902ac1c00 RDI:
0000000000000003
[247614.075949] RBP: 000055f902ac1c00 R08: 0000000000000030 R09:
0000000000000000
[247614.119227] R10: 0000000000000022 R11: 0000000000000293 R12:
ffffffffffffff80
[247614.162505] R13: 000055f902ac1bd4 R14: 0000000000000002 R15:
0000000000000000
[247614.205789] Modules linked in: fuse mq_deadline xt_MASQUERADE
iptable_nat nf_nat ipt_REJECT nf_reject_ipv4 xt_u32 xt_multiport
iptable_filter nf_conntrack_netbios_ns nf_conntrack_broadcast
ip6t_REJECT nf_reject_ipv6 xt_tcpudp xt_state xt_conntrack nf_conntrack
it87 hwmon_vid nf_defrag_ipv6 nf_defrag_ipv4 msr ip6table_filter
ip6_tables uvcvideo videobuf2_vmalloc snd_usb_audio videobuf2_memops
videobuf2_v4l2 videodev snd_hwdep snd_hda_codec_realtek snd_usbmidi_lib
videobuf2_common snd_rawmidi snd_hda_codec_generic cdc_acm snd_hda_intel
snd_hda_codec snd_hda_core snd_seq snd_seq_device snd_pcm i2c_piix4
snd_timer k10temp snd bfq evdev acpi_cpufreq binfmt_misc ip_tables
x_tables amdgpu hid_generic backlight gpu_sched aesni_intel ttm sr_mod
cdrom usbhid i2c_dev autofs4
[247614.613168] CR2: 0000000000000024
[247614.633530] ---[ end trace 818f302d0488ec2b ]---
[247614.661707] RIP: 0010:pid_nr_ns+0xb/0x30
[247614.685715] Code: c0 74 0e 48 c1 e6 04 48 29 f0 48 2d 78 04 00 00 c3
31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 45 31 c0 48 85 ff 74 17 8b 46
48 <3b> 47 04 77 0f 48 c1 e0 04 48 8d 14 07 48 39 74 07 58 74 04 44 89
[247614.798783] RSP: 0018:ffffab684185fda0 EFLAGS: 00010202
[247614.830605] RAX: 0000000000000000 RBX: 0000000000041570 RCX:
0000000000000000
[247614.873882] RDX: 0000000000041571 RSI: ffffffff9e026000 RDI:
0000000000000020
[247614.917163] RBP: ffffab684185fdc8 R08: 0000000000000000 R09:
ffff9b0ace12b000
[247614.960444] R10: 0000000000041580 R11: 0000000000000000 R12:
0000000000000020
[247615.003723] R13: ffffffff9e026000 R14: 0000000000041570 R15:
ffff9b0931896dc0
[247615.047000] FS: 00007fb28d3027c0(0000) GS:ffff9b0b9f100000(0000)
knlGS:0000000000000000
[247615.096008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[247615.130956] CR2: 0000000000000024 CR3: 0000000109406000 CR4:
00000000003406e0


Is this a known issue?
Or doe we have a fix?

Kind regards,
Udo
On 28-03-2020 05:00, Udo van den Heuvel wrote:
> Hello,
>
> Is this dmesg below a known issue?
> The core message is similar to the one in
> https://bugzilla.kernel.org/show_bug.cgi?id=206191 but the trace is
> different.
>
> [222221.211818] BUG: kernel NULL pointer dereference, address:
> 0000000000000024
> [222221.254073] #PF: supervisor read access in kernel mode
> [222221.285375] #PF: error_code(0x0000) - not-present page
> [222221.316678] PGD 0 P4D 0
> [222221.332354] Oops: 0000 [#1] PREEMPT SMP NOPTI
> [222221.358969] CPU: 2 PID: 2512 Comm: monit Tainted: G W
> 5.3.18 #25
> [222221.403285] Hardware name: Gigabyte Technology Co., Ltd. X570 AORUS
> PRO/X570 AORUS PRO, BIOS F11 12/06/2019
> [222221.462197] RIP: 0010:pid_nr_ns+0xb/0x30
> [222221.486201] Code: c0 74 0e 48 c1 e6 04 48 29 f0 48 2d 78 04 00 00 c3
> 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 45 31 c0 48 85 ff 74 17 8b 46
> 48 <3b> 47 04 77 0f 48 c1 e0 04 48 8d 14 07 48 39 74 07 58 74 04 44 89
> [222221.599270] RSP: 0018:ffffab684185fda0 EFLAGS: 00010202
> [222221.631089] RAX: 0000000000000000 RBX: 0000000000041570 RCX:
> 0000000000000000
> [222221.674370] RDX: 0000000000041571 RSI: ffffffff9e026000 RDI:
> 0000000000000020
> [222221.717650] RBP: ffffab684185fdc8 R08: 0000000000000000 R09:
> ffff9b0ace12b000
> [222221.760925] R10: 0000000000041580 R11: 0000000000000000 R12:
> 0000000000000020
> [222221.804208] R13: ffffffff9e026000 R14: 0000000000041570 R15:
> ffff9b0931896dc0
> [222221.847488] FS: 00007f19e41c0740(0000) GS:ffff9b0b9f080000(0000)
> knlGS:0000000000000000
> [222221.896496] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [222221.931440] CR2: 0000000000000024 CR3: 0000000407efe000 CR4:
> 00000000003406e0
> [222221.974719] Call Trace:
> [222221.989878] next_tgid+0x4a/0xc0
> [222222.009717] proc_pid_readdir+0x11a/0x1fb
> [222222.034251] iterate_dir+0x147/0x1a0
> [222222.056179] ksys_getdents64+0x97/0x130
> [222222.079669] ? filldir+0x180/0x180
> [222222.100548] __x64_sys_getdents64+0x11/0x20
> [222222.126126] do_syscall_64+0x5f/0x2d0
> [222222.148569] ? schedule+0x48/0xc0
> [222222.168934] ? switch_fpu_return+0x24/0xc0
> [222222.193986] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> [222222.224763] RIP: 0033:0x7f19e42c957b
> [222222.246687] Code: 0f 1e fa 48 8b 47 20 c3 0f 1f 80 00 00 00 00 f3 0f
> 1e fa 48 81 fa ff ff ff 7f b8 ff ff ff 7f 48 0f 47 d0 b8 d9 00 00 00 0f
> 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 d9 88 0f 00 f7 d8
> [222222.258517] [drm] Fence fallback timer expired on ring gfx
> [222222.359755] RSP: 002b:00007fff0a192818 EFLAGS: 00000293 ORIG_RAX:
> 00000000000000d9
> [222222.359758] RAX: ffffffffffffffda RBX: 000055d197c26530 RCX:
> 00007f19e42c957b
> [222222.359759] RDX: 0000000000008000 RSI: 000055d197c26560 RDI:
> 0000000000000006
> [222222.359760] RBP: 000055d197c26560 R08: 0000000000000030 R09:
> 00007f19e43c2e80
> [222222.359761] R10: 0000000000000000 R11: 0000000000000293 R12:
> ffffffffffffff80
> [222222.359761] R13: 000055d197c26534 R14: 0000000000000002 R15:
> 00007fff0a192940
> [222222.359764] Modules linked in: fuse mq_deadline xt_MASQUERADE
> iptable_nat nf_nat ipt_REJECT nf_reject_ipv4 xt_u32 xt_multiport
> iptable_filter nf_conntrack_netbios_ns nf_conntrack_broadcast
> ip6t_REJECT nf_reject_ipv6 xt_tcpudp xt_state xt_conntrack nf_conntrack
> it87 hwmon_vid nf_defrag_ipv6 nf_defrag_ipv4 msr ip6table_filter
> ip6_tables uvcvideo videobuf2_vmalloc snd_usb_audio videobuf2_memops
> videobuf2_v4l2 videodev snd_hwdep snd_hda_codec_realtek snd_usbmidi_lib
> videobuf2_common snd_rawmidi snd_hda_codec_generic cdc_acm snd_hda_intel
> snd_hda_codec snd_hda_core snd_seq snd_seq_device snd_pcm i2c_piix4
> snd_timer k10temp snd bfq evdev acpi_cpufreq binfmt_misc ip_tables
> x_tables amdgpu hid_generic backlight gpu_sched aesni_intel ttm sr_mod
> cdrom usbhid i2c_dev autofs4
> [222223.061704] CR2: 0000000000000024
> [222223.082071] ---[ end trace 818f302d0488ec29 ]---
> [222223.110249] RIP: 0010:pid_nr_ns+0xb/0x30
> [222223.122491] [drm] Fence fallback timer expired on ring sdma0
> [222223.134252] Code: c0 74 0e 48 c1 e6 04 48 29 f0 48 2d 78 04 00 00 c3
> 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 45 31 c0 48 85 ff 74 17 8b 46
> 48 <3b> 47 04 77 0f 48 c1 e0 04 48 8d 14 07 48 39 74 07 58 74 04 44 89
> [222223.134253] RSP: 0018:ffffab684185fda0 EFLAGS: 00010202
> [222223.134254] RAX: 0000000000000000 RBX: 0000000000041570 RCX:
> 0000000000000000
> [222223.134254] RDX: 0000000000041571 RSI: ffffffff9e026000 RDI:
> 0000000000000020
> [222223.134254] RBP: ffffab684185fdc8 R08: 0000000000000000 R09:
> ffff9b0ace12b000
> [222223.134255] R10: 0000000000041580 R11: 0000000000000000 R12:
> 0000000000000020
> [222223.134255] R13: ffffffff9e026000 R14: 0000000000041570 R15:
> ffff9b0931896dc0
> [222223.134256] FS: 00007f19e41c0740(0000) GS:ffff9b0b9f080000(0000)
> knlGS:0000000000000000
> [222223.134256] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [222223.134257] CR2: 0000000000000024 CR3: 0000000407efe000 CR4:
> 00000000003406e0
>