[Bug 2113992] Re: NULL pointer dereference caught by ubuntu_fan_smoke_test:sut-scan

Wed, 11 Jun 2025 14:14:15 -0700 

Decoded stacktrace for 6.14.0-1008-gcp:

$ ./scripts/decode_stacktrace.sh 
~/6.14.0-1008-gcp-dbgsym/usr/lib/debug/boot/vmlinux-6.14.0-1008-gcp auto 
~/6.14.0-1008-gcp-dbgsym/usr/lib/debug/lib/modules/6.14.0-1008-gcp/ < ~/1012\ 
062312\ BUG\ kernel.txt                                     
[ 1012.062312] BUG: kernel NULL pointer dereference, address: 0000000000000000
[ 1012.069603] #PF: supervisor read access in kernel mode
[ 1012.074864] #PF: error_code(0x0000) - not-present page
[ 1012.080097] PGD 0 P4D 0
[ 1012.082728] Oops: Oops: 0000 [#1] SMP NOPTI
[ 1012.094688] Hardware name: Google Google Compute Engine/Google Compute 
Engine, BIOS Google 05/29/2025
readelf: Error: Not an ELF file - it has the wrong magic bytes at the start
[ 1012.104000] RIP: 0010:vxlan_nl2conf (include/net/netlink.h:1259 
drivers/net/vxlan/vxlan_core.c:166 drivers/net/vxlan/vxlan_core.c:4323) vxlan 
[ 1012.109256] Code: 48 85 c0 0f 84 4c 06 00 00 8b 40 04 89 43 04 b8 02 00 00 
00 66 89 03 49 83 bc 24 10 01 00 00 00 74 6d 49 8b 84 24 08 01 00 00 <0f> b7 38 
8d 57 fc 0f b7 d2 83 fa 03 7e 57 49 81 c2 80 0a 00 00 48
All code
========
   0:   48 85 c0                test   %rax,%rax
   3:   0f 84 4c 06 00 00       je     0x655
   9:   8b 40 04                mov    0x4(%rax),%eax
   c:   89 43 04                mov    %eax,0x4(%rbx)
   f:   b8 02 00 00 00          mov    $0x2,%eax
  14:   66 89 03                mov    %ax,(%rbx)
  17:   49 83 bc 24 10 01 00    cmpq   $0x0,0x110(%r12)
  1e:   00 00 
  20:   74 6d                   je     0x8f
  22:   49 8b 84 24 08 01 00    mov    0x108(%r12),%rax
  29:   00 
  2a:*  0f b7 38                movzwl (%rax),%edi              <-- trapping 
instruction
  2d:   8d 57 fc                lea    -0x4(%rdi),%edx
  30:   0f b7 d2                movzwl %dx,%edx
  33:   83 fa 03                cmp    $0x3,%edx
  36:   7e 57                   jle    0x8f
  38:   49 81 c2 80 0a 00 00    add    $0xa80,%r10
  3f:   48                      rex.W

Code starting with the faulting instruction
===========================================
   0:   0f b7 38                movzwl (%rax),%edi
   3:   8d 57 fc                lea    -0x4(%rdi),%edx
   6:   0f b7 d2                movzwl %dx,%edx
   9:   83 fa 03                cmp    $0x3,%edx
   c:   7e 57                   jle    0x65
   e:   49 81 c2 80 0a 00 00    add    $0xa80,%r10
  15:   48                      rex.W
[ 1012.128119] RSP: 0018:ffffa1f802c63380 EFLAGS: 00010286
[ 1012.133439] RAX: 0000000000000000 RBX: ffffa1f802c63418 RCX: 0000000000000000
[ 1012.140668] RDX: ffff95bcce0d2000 RSI: 0000000000000000 RDI: ffffa1f802c63490
[ 1012.147898] RBP: ffffa1f802c63400 R08: 0000000000000000 R09: ffffa1f802c63760
[ 1012.155128] R10: ffff95bcce0d2000 R11: 0000000000000000 R12: ffff95bd2f144a48
[ 1012.162356] R13: ffffa1f802c63760 R14: 00ffffff00000008 R15: 0000000000000000
[ 1012.169588] FS:  00007eb23310c840(0000) GS:ffff95cbbf700000(0000) 
knlGS:0000000000000000
[ 1012.177777] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1012.183618] CR2: 0000000000000000 CR3: 000000015b6a3002 CR4: 0000000000370ef0
[ 1012.190850] Call Trace:
[ 1012.193393]  <TASK>
[ 1012.195589] ? alloc_netdev_mqs (net/core/dev.c:11626 (discriminator 4)) 
[ 1012.199869] ? __kvmalloc_node_noprof (mm/util.c:690) 
[ 1012.204584] vxlan_newlink (drivers/net/vxlan/vxlan_core.c:4618) vxlan 
[ 1012.208971] ? vxlan_newlink (drivers/net/vxlan/vxlan_core.c:4618) vxlan 
[ 1012.213515] rtnl_newlink_create (net/core/rtnetlink.c:3799) 
[ 1012.217884] __rtnl_newlink (net/core/rtnetlink.c:3910) 
[ 1012.221730] rtnl_newlink (net/core/rtnetlink.c:345 (discriminator 1) 
net/core/rtnetlink.c:4026 (discriminator 1)) 
[ 1012.225513] rtnetlink_rcv_msg (net/core/rtnetlink.c:6916) 
[ 1012.229705] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.234590] ? update_io_ticks (block/blk-core.c:1014 (discriminator 1)) 
[ 1012.238620] ? __pfx_rtnetlink_rcv_msg (net/core/rtnetlink.c:6818) 
[ 1012.243334] netlink_rcv_skb (net/netlink/af_netlink.c:2533) 
[ 1012.247270] rtnetlink_rcv (net/core/rtnetlink.c:6943) 
[ 1012.250940] netlink_unicast (net/netlink/af_netlink.c:1313 
net/netlink/af_netlink.c:1338) 
[ 1012.254957] netlink_sendmsg (net/netlink/af_netlink.c:1882) 
[ 1012.258974] ____sys_sendmsg (net/socket.c:718 (discriminator 1) 
net/socket.c:733 (discriminator 1) net/socket.c:2572 (discriminator 1)) 
[ 1012.262994] ___sys_sendmsg (net/socket.c:2628) 
[ 1012.266754] __sys_sendmsg (net/socket.c:2658 (discriminator 1)) 
[ 1012.270426] __x64_sys_sendmsg (net/socket.c:2661) 
[ 1012.274441] x64_sys_call (arch/x86/entry/syscall_64.c:36) 
[ 1012.278285] do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) 
arch/x86/entry/common.c:83 (discriminator 1)) 
[ 1012.282045] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.286929] ? filemap_map_pages (arch/x86/include/asm/paravirt.h:582 
arch/x86/include/asm/qspinlock.h:57 include/linux/spinlock.h:204 
include/linux/spinlock_api_smp.h:142 include/linux/spinlock.h:391 
mm/filemap.c:3748) 
[ 1012.291293] ? __lruvec_stat_mod_folio (mm/memcontrol.c:811) 
[ 1012.296006] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.300891] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.305778] ? do_read_fault (mm/memory.c:5365 mm/memory.c:5398) 
[ 1012.309711] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.314596] ? do_fault (mm/memory.c:5541) 
[ 1012.318180] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.323065] ? handle_pte_fault (mm/memory.c:4057 mm/memory.c:5886) 
[ 1012.327260] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.332406] ? __handle_mm_fault (mm/memory.c:6029) 
[ 1012.336773] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.341657] ? rseq_get_rseq_cs (kernel/rseq.c:248 (discriminator 1)) 
[ 1012.345853] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.350737] ? rseq_ip_fixup (kernel/rseq.c:344 (discriminator 3) 
kernel/rseq.c:378 (discriminator 3)) 
[ 1012.354683] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.359568] ? arch_exit_to_user_mode_prepare.isra.0 
(arch/x86/include/asm/entry-common.h:58 arch/x86/include/asm/entry-common.h:65) 
[ 1012.365495] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.370380] ? irqentry_exit_to_user_mode 
(arch/x86/include/asm/jump_label.h:36 
include/linux/context_tracking_state.h:108 include/linux/context_tracking.h:41 
include/linux/entry-common.h:364 kernel/entry/common.c:233) 
[ 1012.375441] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.380325] ? irqentry_exit (kernel/entry/common.c:367) 
[ 1012.384171] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:182) 
[ 1012.389055] ? exc_page_fault (arch/x86/mm/fault.c:1542) 
[ 1012.393084] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2113992

Title:
  NULL pointer dereference caught by ubuntu_fan_smoke_test:sut-scan

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2113992/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to