Hello, kernel test robot noticed "BUG:kernel_NULL_pointer_dereference,address" on: commit: e060b9e86fd92d5e87f5b0c447e4bc610a3d3bbe ("[PATCH 5/6] shmem: quota support") url: https://github.com/intel-lab-lkp/linux/commits/cem-kernel-org/shmem-make-shmem_inode_acct_block-return-error/20230403-165022 base: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git 7e364e56293bb98cae1b55fd835f5991c4e96e7d patch link: https://lore.kernel.org/all/20230403084759.884681-6-cem@kernel.org/ patch subject: [PATCH 5/6] shmem: quota support in testcase: boot compiler: gcc-11 test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G (please refer to attached dmesg/kmsg for entire log/backtrace) +---------------------------------------------+------------+------------+ | | 2dc93cb54d | e060b9e86f | +---------------------------------------------+------------+------------+ | boot_successes | 14 | 0 | | boot_failures | 0 | 12 | | BUG:kernel_NULL_pointer_dereference,address | 0 | 12 | | Oops:#[##] | 0 | 12 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 12 | +---------------------------------------------+------------+------------+ If you fix the issue, kindly add following tag | Reported-by: kernel test robot | Link: https://lore.kernel.org/oe-lkp/202304041417.1199f918-yujie.liu@intel.com [ 8.196316][ T58] BUG: kernel NULL pointer dereference, address: 00000000 [ 8.196987][ T58] #PF: supervisor read access in kernel mode [ 8.197478][ T58] #PF: error_code(0x0000) - not-present page [ 8.197962][ T58] *pde = 00000000 [ 8.198265][ T58] Oops: 0000 [#1] [ 8.198562][ T58] CPU: 0 PID: 58 Comm: rm Not tainted 6.3.0-rc5-00005-ge060b9e86fd9 #1 b33e4695914080c2d2a6f223361e2009396ebd64 [ 8.199506][ T58] EIP: 0x0 [ 8.199759][ T58] Code: Unable to access opcode bytes at 0xffffffd6. Code starting with the faulting instruction =========================================== [ 8.200289][ T58] EAX: ee6a6388 EBX: ee6a6388 ECX: 00000007 EDX: c162e7c0 [ 8.200854][ T58] ESI: ee5b89c0 EDI: ee6a6348 EBP: ee6adecc ESP: ee6adec8 [ 8.201416][ T58] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010246 [ 8.202029][ T58] CR0: 80050033 CR2: ffffffd6 CR3: 2e5d5000 CR4: 00040690 [ 8.207818][ T58] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 [ 8.208397][ T58] DR6: fffe0ff0 DR7: 00000400 [ 8.208781][ T58] Call Trace: [ 8.209049][ T58] i_dquot (fs/quota/dquot.c:940) [ 8.209367][ T58] dquot_drop (fs/quota/dquot.c:1610 fs/quota/dquot.c:1593) [ 8.209709][ T58] shmem_evict_inode (mm/shmem.c:1239 (discriminator 3)) [ 8.210105][ T58] ? _raw_spin_unlock (kernel/locking/spinlock.c:187) [ 8.210498][ T58] evict (fs/inode.c:665) [ 8.210806][ T58] iput (fs/inode.c:1776) [ 8.211107][ T58] do_unlinkat (fs/namei.c:4325) [ 8.211481][ T58] __ia32_sys_unlink (fs/namei.c:4362) [ 8.211879][ T58] __do_fast_syscall_32 (arch/x86/entry/common.c:112 arch/x86/entry/common.c:178) [ 8.212299][ T58] do_fast_syscall_32 (arch/x86/entry/common.c:203) [ 8.212698][ T58] do_SYSENTER_32 (arch/x86/entry/common.c:247) [ 8.213076][ T58] entry_SYSENTER_32 (arch/x86/entry/entry_32.S:867) [ 8.213473][ T58] EIP: 0xb7ed356d [ 8.213773][ T58] Code: c4 01 10 03 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d 76 00 58 b8 77 00 00 00 cd 80 90 8d 76 All code ======== 0: c4 01 10 03 (bad) 4: 03 74 c0 01 add 0x1(%rax,%rax,8),%esi 8: 10 05 03 74 b8 01 adc %al,0x1b87403(%rip) # 0x1b87411 e: 10 06 adc %al,(%rsi) 10: 03 74 b4 01 add 0x1(%rsp,%rsi,4),%esi 14: 10 07 adc %al,(%rdi) 16: 03 74 b0 01 add 0x1(%rax,%rsi,4),%esi 1a: 10 08 adc %cl,(%rax) 1c: 03 74 d8 01 add 0x1(%rax,%rbx,8),%esi 20: 00 51 52 add %dl,0x52(%rcx) 23: 55 push %rbp 24: 89 e5 mov %esp,%ebp 26: 0f 34 sysenter 28: cd 80 int $0x80 2a:* 5d pop %rbp <-- trapping instruction 2b: 5a pop %rdx 2c: 59 pop %rcx 2d: c3 ret 2e: 90 nop 2f: 90 nop 30: 90 nop 31: 90 nop 32: 8d 76 00 lea 0x0(%rsi),%esi 35: 58 pop %rax 36: b8 77 00 00 00 mov $0x77,%eax 3b: cd 80 int $0x80 3d: 90 nop 3e: 8d .byte 0x8d 3f: 76 .byte 0x76 Code starting with the faulting instruction =========================================== 0: 5d pop %rbp 1: 5a pop %rdx 2: 59 pop %rcx 3: c3 ret 4: 90 nop 5: 90 nop 6: 90 nop 7: 90 nop 8: 8d 76 00 lea 0x0(%rsi),%esi b: 58 pop %rax c: b8 77 00 00 00 mov $0x77,%eax 11: cd 80 int $0x80 13: 90 nop 14: 8d .byte 0x8d 15: 76 .byte 0x76 [ 8.215315][ T58] EAX: ffffffda EBX: bfb99c97 ECX: bfb97fe0 EDX: 00000000 [ 8.215899][ T58] ESI: bfb9814c EDI: bfb99c91 EBP: bfb97fb8 ESP: bfb97f98 [ 8.216451][ T58] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000282 [ 8.217056][ T58] Modules linked in: [ 8.217386][ T58] CR2: 0000000000000000 [ 8.217833][ T58] ---[ end trace 0000000000000000 ]--- [ 8.218341][ T58] EIP: 0x0 [ 8.218608][ T58] Code: Unable to access opcode bytes at 0xffffffd6. Code starting with the faulting instruction =========================================== To reproduce: # build kernel cd linux cp config-6.3.0-rc5-00005-ge060b9e86fd9 .config make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH= modules_install cd find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests