Hi Byungchul, This patch triggers a NULL-dereference bug at update_stack_state(). Although its parent commit also has a NULL-dereference bug, however the call stack looks rather different. Both dmesg files are attached. It also triggers this warning, which is being discussed in another thread, so CC Josh. The full dmesg attached, too. Please press Enter to activate this console. [ 138.605622] WARNING: kernel stack regs at be299c9a in procd:340 has bad 'bp' value 000001be [ 138.605627] unwind stack type:0 next_sp: (null) mask:0x2 graph_idx:0 [ 138.605631] be299c9a: 299ceb00 (0x299ceb00) [ 138.605633] be299c9e: 2281f1be (0x2281f1be) [ 138.605634] be299ca2: 299cebb6 (0x299cebb6) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master commit b09be676e0ff25bd6d2e7637e26d349f9109ad75 Author: Byungchul Park AuthorDate: Mon Aug 7 16:12:52 2017 +0900 Commit: Ingo Molnar CommitDate: Thu Aug 10 12:29:07 2017 +0200 locking/lockdep: Implement the 'crossrelease' feature Lockdep is a runtime locking correctness validator that detects and reports a deadlock or its possibility by checking dependencies between locks. It's useful since it does not report just an actual deadlock but also the possibility of a deadlock that has not actually happened yet. That enables problems to be fixed before they affect real systems. However, this facility is only applicable to typical locks, such as spinlocks and mutexes, which are normally released within the context in which they were acquired. However, synchronization primitives like page locks or completions, which are allowed to be released in any context, also create dependencies and can cause a deadlock. So lockdep should track these locks to do a better job. The 'crossrelease' implementation makes these primitives also be tracked. Signed-off-by: Byungchul Park Signed-off-by: Peter Zijlstra (Intel) Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: akpm@linux-foundation.org Cc: boqun.feng@gmail.com Cc: kernel-team@lge.com Cc: kirill@shutemov.name Cc: npiggin@gmail.com Cc: walken@google.com Cc: willy@infradead.org Link: http://lkml.kernel.org/r/1502089981-21272-6-git-send-email-byungchul.park@lge.com Signed-off-by: Ingo Molnar ce07a9415f locking/lockdep: Make check_prev_add() able to handle external stack_trace b09be676e0 locking/lockdep: Implement the 'crossrelease' feature 74d83ec2b7 Merge tag 'platform-drivers-x86-v4.14-2' of git://git.infradead.org/linux-platform-drivers-x86 1418b85217 Add linux-next specific files for 20170929 +--------------------------------------------------------------+------------+------------+------------+---------------+ | | ce07a9415f | b09be676e0 | 74d83ec2b7 | next-20170929 | +--------------------------------------------------------------+------------+------------+------------+---------------+ | boot_successes | 119 | 113 | 5 | 479 | | boot_failures | 6 | 21 | 1 | 146 | | BUG:unable_to_handle_kernel | 6 | 10 | 1 | 42 | | Oops:#[##] | 6 | 10 | 1 | 42 | | EIP:iput | 5 | | | | | Kernel_panic-not_syncing:Fatal_exception | 6 | | | | | EIP:do_raw_spin_trylock | 1 | | | | | EIP:update_stack_state | 0 | 10 | 1 | 42 | | Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 10 | 1 | 42 | | WARNING:kernel_stack | 0 | 12 | 0 | 110 | | WARNING:at_arch/x86/include/asm/fpu/internal.h:#fpu__restore | 0 | 1 | | | | EIP:fpu__restore | 0 | 1 | | | | invoked_oom-killer:gfp_mask=0x | 0 | 0 | 0 | 16 | | Mem-Info | 0 | 0 | 0 | 16 | | EIP:clear_user | 0 | 0 | 0 | 2 | | EIP:copy_page_to_iter | 0 | 0 | 0 | 1 | +--------------------------------------------------------------+------------+------------+------------+---------------+ [ 136.982078] sock: process `trinity-main' is using obsolete setsockopt SO_BSDCOMPAT procd: Instance odhcpd::instance1 s in a crash loop 6 crashes, 0 seconds since last crash procd: Instance uhttpd::instance1 s in a crash loop 6 crashes, 0 seconds since last crash procd: Instance dnsmasq::instance1 s in a crash loop 6 crashes, 0 seconds since last crash [ 187.360180] Writes: Total: 2 Max/Min: 0/0 Fail: 0 [ 214.960026] BUG: unable to handle kernel NULL pointer dereference at 000001f2 [ 214.960812] IP: update_stack_state+0xd4/0x340 [ 214.961278] *pde = 00000000 [ 214.961281] [ 214.961728] Oops: 0000 [#1] PREEMPT SMP [ 214.962087] CPU: 0 PID: 18728 Comm: 01-cpu-hotplug Not tainted 4.13.0-rc4-00170-gb09be67 #592 [ 214.962885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014 [ 214.963853] task: bb0b53c0 task.stack: bb3ac000 [ 214.964281] EIP: update_stack_state+0xd4/0x340 [ 214.964702] EFLAGS: 00010002 CPU: 0 [ 214.965040] EAX: 0000a570 EBX: bb3adccb ECX: 0000f401 EDX: 0000a570 [ 214.965643] ESI: 00000001 EDI: 000001ba EBP: bb3adc6b ESP: bb3adc3f [ 214.966253] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 [ 214.966791] CR0: 80050033 CR2: 000001f2 CR3: 0b3a7000 CR4: 00140690 [ 214.967405] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 [ 214.967995] DR6: fffe0ff0 DR7: 00000400 [ 214.968374] Call Trace: [ 214.968623] ? unwind_next_frame+0xea/0x400 [ 214.969017] ? __unwind_start+0xf5/0x180 [ 214.969412] ? __save_stack_trace+0x81/0x160 [ 214.969838] ? save_stack_trace+0x20/0x30 [ 214.970253] ? __lock_acquire+0xfa5/0x12f0 [ 214.970676] ? lock_acquire+0x1c2/0x230 [ 214.971033] ? tick_periodic+0x3a/0xf0 [ 214.971396] ? _raw_spin_lock+0x42/0x50 [ 214.971771] ? tick_periodic+0x3a/0xf0 [ 214.972145] ? tick_periodic+0x3a/0xf0 [ 214.972528] ? debug_smp_processor_id+0x12/0x20 [ 214.972985] ? tick_handle_periodic+0x23/0xc0 [ 214.973409] ? local_apic_timer_interrupt+0x63/0x70 [ 214.973893] ? smp_trace_apic_timer_interrupt+0x235/0x6a0 [ 214.974431] ? trace_apic_timer_interrupt+0x37/0x3c [ 214.974895] ? strrchr+0x23/0x50 [ 214.975205] Code: 0f 95 c1 89 c7 89 45 e4 0f b6 c1 89 c6 89 45 dc 8b 04 85 98 cb 74 bc 88 4d e3 89 45 f0 83 c0 01 84 c9 89 04 b5 98 cb 74 bc 74 3b <8b> 47 38 8b 57 34 c6 43 1d 01 25 00 00 02 00 83 e2 03 09 d0 83 [ 214.977101] EIP: update_stack_state+0xd4/0x340 SS:ESP: 0068:bb3adc3f [ 214.977721] CR2: 00000000000001f2 [ 214.978049] ---[ end trace 0d147fd4aba8ff50 ]--- [ 214.978500] Kernel panic - not syncing: Fatal exception in interrupt # HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD git bisect start 29b46dfb136cdbeece542b3f01115237e43f2855 v4.13 -- git bisect bad 64414e5f9896805c2e80583345e9b1745be73aa9 # 06:35 B 25 6 0 84 Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu git bisect bad 608c1d3c17e9e0e87dae69b9bb78f0556006ee6e # 06:35 B 23 9 0 100 Merge branch 'for-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup git bisect bad 9e85ae6af6e907975f68d82ff127073ec024cb05 # 06:36 B 53 6 0 10 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux git bisect good a1400cdb777409d142c76958ed96e39c2cb95edd # 07:50 G 200 0 0 0 Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect bad dd90cccffc20a15d8e4c3ac8813f4b6a6cd4766f # 07:50 B 41 12 0 12 Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect good e0a195b5225e1285806622cc146dc5c3312fb392 # 07:50 G 406 0 0 0 Merge branch 'x86-spinlocks-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect bad 5f82e71a001d14824a7728ad9e49f6aea420f161 # 07:51 B 42 5 0 13 Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect good 6c51e67b64d169419fb13318035bb442f9176612 # 08:52 G 196 0 0 1 Merge branch 'x86-syscall-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect bad b09be676e0ff25bd6d2e7637e26d349f9109ad75 # 08:53 B 54 10 0 11 locking/lockdep: Implement the 'crossrelease' feature git bisect good d0646a6f5533226ceb7620c20717286d3a372794 # 09:41 G 197 0 0 0 jump_label: Add RELEASE barrier after text changes git bisect good d89e588ca4081615216cc25f2489b0281ac0bfe9 # 10:36 G 198 0 0 0 locking: Introduce smp_mb__after_spinlock() git bisect bad 545c23f2e954eb3365629b20ceeef4eadb1ff97f # 10:36 B 70 2 0 2 locking/lockdep: Refactor lookup_chain_cache() git bisect bad ae813308f4630642d2c1c87553929ce95f29f9ef # 11:25 B 28 1 0 4 locking/lockdep: Avoid creating redundant links # extra tests on HEAD of tip/x86/urgent git bisect bad b9545e75894b4866c62b36682527f5df1394ac58 # 11:27 B 29 3 0 3 x86/asm: Fix inline asm call constraints for GCC 4.4 # extra tests on tree/branch linus/master git bisect bad 74d83ec2b73457449918c315e40622c03a3659a6 # 11:31 B 2 1 0 0 Merge tag 'platform-drivers-x86-v4.14-2' of git://git.infradead.org/linux-platform-drivers-x86 # extra tests on tree/branch linux-next/master git bisect bad 1418b852174ad50b3cb4738b8801626aefdc0bd9 # 11:33 B 472 42 0 104 Add linux-next specific files for 20170929 --- 0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/lkp Intel Corporation