Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 481768

Summary: sys-devel/gdb - kernel panic - not syncing: Bad Address (null pointer deref?) while running test suite
Product: Gentoo Linux Reporter: Jeroen Roovers (RETIRED) <jer>
Component: Current packagesAssignee: HPPA Porters <hppa>
Status: RESOLVED OBSOLETE    
Severity: normal CC: eike, toolchain
Priority: Normal    
Version: unspecified   
Hardware: HPPA   
OS: Linux   
URL: https://www.spinics.net/lists/linux-parisc/msg08416.html
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: Test case to reproduce the issue

Description Jeroen Roovers (RETIRED) gentoo-dev 2013-08-20 16:07:23 UTC 
Besides getting an ssh console hang, all I see on the serial line is:

<Cpu0> 0300109100e00000  0000000000000000  CC_PROCS_ENTRY_OUT
[ 1832.824000] Kernel panic - not syncing: Bad Address (null pointer deref?)
<Cpu0> 78000c6200e00000  a0e008c01100b009  CC_PAT_ENCODED_FIELD_WARNING
<Cpu0> 76000c6800e00000  0000000000000520  CC_PAT_DATA_FIELD_WARNING
<Cpu0> 0300109100e00000  0000000000000000  CC_PROCS_ENTRY_OUT

The last output from the gdb build is:

make[4]: *** [check-gdb.go] Error 1
rootme=`pwd`; export rootme; srcdir=. ; export srcdir ; EXPECT=`if [ -f ${rootme}/../../expect/expect ] ; then echo ${rootme}/../../
expect/expect ; else echo expect ; fi` ; export EXPECT ; EXEEXT= ; export EXEEXT ; LD_LIBRARY_PATH=$rootme/../../expect:$rootme/../../libstdc++:$rootme/../../tk/unix:$rootme/../../tcl/unix:$rootme/../../bfd:$rootme/../../opcodes:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH; if [ -f ${rootme}/../../expect/expect ] ; then TCL_LIBRARY=${srcdir}/../../tcl/library ; export TCL_LIBRARY ; fi ; runtest --directory=gdb.java --outdir=gdb.java                                                                                                gdb compile failed,  * JeR-QA-toolchain: expect -- /usr/share/dejagnu/runtest.exp gdb.base/skip.exp gdb.base/relocate.exp gdb.base/t
race-commands.exp gdb.base/shreloc.exp gdb.base/restore.exp gdb.base/readline-ask.exp gdb.base/siginfo-addr.exp gdb.base/solib-nodir.exp gdb.base/printcmds.exp gdb.base/ptr-typedef.exp gdb.base/step-symless.exp gdb.base/scope.exp gdb.base/relational.exp gdb.base/watchpoint-solib.exp gdb.base/valgrind-db-attach.exp gdb.base/pie-execl.exp gdb.base/page.exp gdb.base/watch-cond.exp gdb.base/permissions.exp gdb.base/siginfo-obj.exp gdb.base/siginfo.exp gdb.base/step-test.exp gdb.base/pr10179.exp gdb.base/step-resume-infcall.exp gdb.base/save-bp.exp gdb.base/solib.exp gdb.base/sigstep.exp gdb.base/recurse.exp gdb.base/siginfo-thread.exp gdb.base/unwindonsignal.exp gdb.base/sepsymtab.exp gdb.base/skip-solib.exp gdb.base/remotetimeout.exp gdb.base/value-double-free.exp gdb.base/relativedebug.exp gdb.base/type-opaque.exp gdb.base/so-impl-ld.exp gdb.base/watchpoint-cond-gone.exp gdb.base/whatis.exp gdb.base/watch_thread_num.exp gdb.base/solib-corrupted.exp gdb.base/varargs.exp gdb.base/sizeof.exp gdb.base/setshow.exp gdb.base/reread.exp gdb.base/step-bt.exp gdb.base/return.exp gdb.base/randomize.exp gdb.base/valgrind-infcall.exp gdb.base/sigaltstack.exp gdb.base/solib-disc.exp gdb.base/pr11022.exp gdb.base/start.exp gdb.base/structs.exp gdb.base/stack-checking.exp gdb.base/watchpoint-delete.exp gdb.base/return-nodebug.exp gdb.base/tui-layout.exp gdb.base/pointers.exp gdb.base/ui-redirect.exp gdb.base/siginfo-infcall.exp gdb.base/volatile.exp gdb.base/stap-probe.exp gdb.base/realname-expand.exp gdb.base/structs3.exp gdb.base/stale-infcall.exp gdb.base/signull.exp gdb.base/recpar.exp gdb.base/ptype.exp gdb.base/nextoverexit.exp gdb.base/setvar.exp gdb.base/prologue-include.exp gdb.base/watch-vfork.exp gdb.base/sigchld.exp gdb.base/term.exp gdb.base/symbol-without-target_section.exp gdb.base/shell.exp gdb.base/signals.exp gdb.base/radix.exp gdb.base/sect-cmd.exp gdb.base/watchpoint-hw.exp gdb.base/pending.exp gdb.base/so-indr-cl.exp gdb.base/step-line.exp gdb.base/solib-weak.exp gdb.base/nodebug.exp gdb.base/savedregs.exp gdb.base/whatis-exp.exp gdb.base/remote.exp gdb.base/twice.exp gdb.base/prologue.exp gdb.base/source.exp gdb.base/nofield.exp gdb.base/sigrepeat.exp gdb.base/nostdlib.exp gdb.base/print-file-var.exp gdb.base/sigbpt.exp gdb.base/set-lang-auto.exp gdb.base/solib-display.exp gdb.base/watch-read.exp gdb.base/watch-cond-infcall.exp gdb.base/step-break.exp gdb.base/psymtab.exp gdb.base/readline.exp gdb.base/sigall.exp gdb.base/watchpoint-hw-hit-once.exp gdb.base/watch-non-mem.exp gdb.base/store.exp gdb.base/pc-fp.exp gdb.base/solib-symbol.exp gdb.base/wchar.exp gdb.base/solib-overlap.exp gdb.base/unload.exp gdb.base/watchpoint.exp gdb.base/until.exp gdb.base/testenv.exp gdb.base/shlib-call.exp gdb.base/opaque.exp gdb.base/sep.exp gdb.base/overlays.exp gdb.base/set-noassign.exp gdb.base/structs2.exp gdb.base/prelink.exp gdb.base/return2.exp gdb.base/sepdebug.exp gdb.base/signest.exp gdb.base/watchpoints.exp gdb.base/subst.exp --outdir gdb.base2 : gcc -> hppa2.0-unknown-linux-gnu-gcc Running ./gdb.base/prologue.exp ...

I've been seeing this in several versions of gdb-7* and therefore as well in several kernels going back to 2.6.3*.

It's rather hard to debug when the kernel doesn't say what is happening. HPMCs aren't logged at all
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2013-08-20 16:13:49 UTC 
After hitting the TOC button, the PDC doesn't seem to want to help:

Service Menu: Enter command > pim toc

WARNING:  Processor parameter is incorrect or out of range.

Service Menu: Enter command > pim hpmc

WARNING:  Processor parameter is incorrect or out of range.
Comment 2 Guy Martin (RETIRED) gentoo-dev 2013-10-23 12:55:22 UTC 
Created attachment 361728 [details]
Test case to reproduce the issue

This is the output I get with the attached test :

Bad Address (null pointer deref?): Code=6 regs=000000007e354370 (Addr=0000000000000000)
CPU: 0 PID: 1605 Comm: gdb-crash Not tainted 3.10.6 #1
task: 000000007e354038 ti: 000000007e33c000 task.ti: 000000007e33c000

     YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
PSW: 00000000000001101111111000001111 Not tainted
r00-03  000000ff0006fe0f 0000000000000000 0000000000000000 00000000faf02300
r04-07  00000000406d3b30 0000000000000000 00000000000c8e98 00000000000c7a80
r08-11  00000000000c8e70 00000000000c8e70 000000000000006c 0000000000000061
r12-15  00000000000c3100 0000000000000000 00000000000bf100 00000000000c0900
r16-19  0000000000000000 00000000000c0900 000000000009f000 0000000000000000
r20-23  0000000000010638 0000000000000000 0000000000010638 00000000406d11b8
r24-27  00000000faf02034 00000000faf0202c 0000000000000000 00000000000110e4
r28-31  00000000faf0230c 0000000000000001 0000000000000000 0000000040143327
sr00-03  0000000000334000 0000000000334000 0000000000000000 0000000000334000
sr04-07  0000000000334000 0000000000334000 0000000000334000 0000000000334000

IASQ: 0000000000334000 0000000000334000 IAOQ: 0000000000000000 0000000000000004
 IIR: 43ffff80    ISR: 0000000010240000  IOR: 000000f400b02308
 CPU:        0   CR30: 000000007e33c000 CR31: fe1eec3fc1ecdbed
 ORIG_R28: 0000000000000000
 IAOQ[0]:           (null)
 IAOQ[1]: 0x4
 RP(r2):           (null)
Backtrace:

No info from PIM.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2013-10-25 16:32:05 UTC 
This has purportedly been fixed in 3.10.something and 3.11.6. Testing...
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2013-10-25 16:34:49 UTC 
3.10.17 has that patch, too.
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2013-10-25 17:07:49 UTC 
With that patch, the kernel panic is still being triggered. The attached test case doesn't work as intended, then.
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2014-10-25 09:30:37 UTC 
sys-devel/gdb-7.7.1 still does it. I need to remember to keep FEATURES=test masked for gdb.

[1535055.089827] Backtrace:
[1535055.119827]
[1535055.139827] Bad Address (null pointer deref?): Code=6 regs=000000007f68be88 (Addr=0000000000000000)
[1535055.249827] CPU: 1 PID: 17261 Comm: sepdebug Not tainted 3.17.0-gentoo-JeR #1
[1535055.339827] task: 000000007f68b9c0 ti: 000000004ad6c000 task.ti: 000000004ad6c000
[1535055.429827]
[1535055.449827]      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
[1535055.509827] PSW: 00000000000001101111111100001111 Not tainted
[1535055.579827] r00-03  000000ff0006ff0f 00000000faf08e40 0000000000000000 00000000faf08880
[1535055.676494] r04-07  00000000fa167b30 0000000000000000 00000000000e0eb0 00000000000e0f20
[1535055.776494] r08-11  00000000000e0e00 0000000000000000 0000000000000000 0000000000000000
[1535055.873161] r12-15  00000000000c7310 0000000000000000 0000000000000000 00000000000c363c
[1535055.969827] r16-19  00000000000c6b2c 00000000ffffffff 00000000000c4ad8 0000000000000000
[1535056.069827] r20-23  0000000000000000 0000000000000000 000000007ffffffc 0000000000000003
[1535056.166494] r24-27  fffffffffffffff5 ffffffffffffffd3 0000000000000000 00000000000110e4
[1535056.266494] r28-31  0000000000000004 00000000fa169ba8 0000000000000000 00000000fa0473cb
[1535056.363161] sr00-03  000000000687f000 0000000000000000 0000000000000000 000000000687f000
[1535056.463161] sr04-07  000000000687f000 000000000687f000 000000000687f000 000000000687f000
[1535056.563160]
[1535056.579827] IASQ: 000000000687f000 000000000687f000 IAOQ: 0000000000000000 0000000000000004
[1535056.683160]  IIR: 43ffff80    ISR: 0000000000000000  IOR: 0000000000000000
[1535056.766494]  CPU:        1   CR30: 000000004ad6c000 CR31: fffff7ffffffffff
[1535056.853160]  ORIG_R28: 0000000000000000
[1535056.899827]  IAOQ[0]:           (null)
[1535056.946494]  IAOQ[1]: 0x4
[1535056.979827]  RP(r2):           (null)
[1535057.026494] Backtrace:
[1535057.056494]
<Cpu1> 0300109101e00000  0000000000000000  CC_PROCS_ENTRY_OUT
[1535057.383160] Kernel panic - not syncing: Bad Address (null pointer deref?)
<Cpu1> 78000c6201e00000  a0e008c01100b009  CC_PAT_ENCODED_FIELD_WARNING
<Cpu1> 76000c6801e00000  0000000000000520  CC_PAT_DATA_FIELD_WARNING
<Cpu1> 0300109101e00000  0000000000000000  CC_PROCS_ENTRY_OUT
[1535057.466494] ---[ end Kernel panic - not syncing: Bad Address (null pointer deref?)
Comment 7 Rolf Eike Beer archtester 2018-01-25 17:26:12 UTC 
Still happens with gcc 7.12.1 and kernel 4.13.8, see linux-parisc mailing list (the archives are a bit behind ATM, so no link).
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2019-06-30 10:15:15 UTC 
Comment on attachment 361728 [details]
Test case to reproduce the issue

[435665.752268][T18113] Backtrace:
[435665.752268][T18113] Backtrace:
[435665.756235][T18113]
[435665.756235][T18113]
[435665.756235][T18113]
[435665.756235][T18113]
[435665.756235][T18113] Bad Address (null pointer deref?): Code=6 (Instruction TLB miss fault) at addr 0000000000000000
[435665.756235][T18113] Bad Address (null pointer deref?): Code=6 (Instruction TLB miss fault) at addr 0000000000000000
[435665.756235][T18113] CPU: 1 PID: 18113 Comm: gdb-crash Not tainted 5.2.0-rc6-JeR-00015-g249155c20f9b #69
[435665.756235][T18113] CPU: 1 PID: 18113 Comm: gdb-crash Not tainted 5.2.0-rc6-JeR-00015-g249155c20f9b #69
[435665.756235][T18113] Hardware name: 9000/785/C8000
[435665.756235][T18113] Hardware name: 9000/785/C8000
[435665.756235][T18113]
[435665.756235][T18113]
[435665.756235][T18113]      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
[435665.756235][T18113]      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
[435665.756235][T18113] PSW: 00000000000001101111111000001111 Not tainted
[435665.756235][T18113] PSW: 00000000000001101111111000001111 Not tainted
[435665.756235][T18113] r00-03  000000ff0006fe0f 0000000000000000 0000000000000000 00000000f8f03380
[435665.756235][T18113] r00-03  000000ff0006fe0f 0000000000000000 0000000000000000 00000000f8f03380
[435665.756235][T18113] r04-07  00000000fa970c80 000000004100201a 00000000410f6e70 0000000000000000
[435665.756235][T18113] r04-07  00000000fa970c80 000000004100201a 00000000410f6e70 0000000000000000
[435665.756235][T18113] r08-11  00000000410f6e70 0000000000000063 0000000000000000 00000000410e86b8
[435665.756235][T18113] r08-11  00000000410f6e70 0000000000000063 0000000000000000 00000000410e86b8
[435665.756235][T18113] r12-15  0000000000000000 0000000000000000 00000000410e5000 0000000041096718
[435665.756235][T18113] r12-15  0000000000000000 0000000000000000 00000000410e5000 0000000041096718
[435665.756235][T18113] r16-19  0000000000000000 0000000000000000 00000000410e88e8 0000000000000000
[435665.756235][T18113] r16-19  0000000000000000 0000000000000000 00000000410e88e8 0000000000000000
[435665.756235][T18113] r20-23  00000000faefe2c0 00000000f8f03248 00000000410007d0 0000000000000000
[435665.756235][T18113] r20-23  00000000faefe2c0 00000000f8f03248 00000000410007d0 0000000000000000
[435665.756235][T18113] r24-27  00000000f8f03028 00000000f8f03020 0000000000000000 0000000041002000
[435665.756235][T18113] r24-27  00000000f8f03028 00000000f8f03020 0000000000000000 0000000041002000
[435665.756235][T18113] r28-31  00000000fa9733b8 0000000000000001 0000000000000000 00000000fa833937
[435665.756235][T18113] r28-31  00000000fa9733b8 0000000000000001 0000000000000000 00000000fa833937
[435665.756235][T18113] sr00-03  0000000003f54800 0000000003f54800 0000000000000000 0000000003f54800
[435665.756235][T18113] sr00-03  0000000003f54800 0000000003f54800 0000000000000000 0000000003f54800
[435665.756235][T18113] sr04-07  0000000003f54800 0000000003f54800 0000000003f54800 0000000003f54800
[435665.756235][T18113] sr04-07  0000000003f54800 0000000003f54800 0000000003f54800 0000000003f54800
[435665.756235][T18113]
[435665.756235][T18113]
[435665.756235][T18113] IASQ: 0000000003f54800 0000000003f54800 IAOQ: 0000000000000000 0000000000000004
[435665.756235][T18113] IASQ: 0000000003f54800 0000000003f54800 IAOQ: 0000000000000000 0000000000000004
[435665.756235][T18113]  IIR: 43ffff80    ISR: 0000000010240000  IOR: 0000042529b033e0
[435665.756235][T18113]  IIR: 43ffff80    ISR: 0000000010240000  IOR: 0000042529b033e0
[435665.756235][T18113]  CPU:        1   CR30: 00000000564e0000 CR31: ffffffffffffffff
[435665.756235][T18113]  CPU:        1   CR30: 00000000564e0000 CR31: ffffffffffffffff
[435665.756235][T18113]  ORIG_R28: 0000000000000000
[435665.756235][T18113]  ORIG_R28: 0000000000000000
[435665.756235][T18113]  IAOQ[0]: 0x0
[435665.756235][T18113]  IAOQ[0]: 0x0
[435665.756235][T18113]  IAOQ[1]: 0x4
[435665.756235][T18113]  IAOQ[1]: 0x4
[435665.756235][T18113]  RP(r2): 0x0
[435665.756235][T18113]  RP(r2): 0x0
[435665.756235][T18113] Backtrace:
[435665.756235][T18113] Backtrace:
[435665.756235][T18113]
[435665.756235][T18113]
<Cpu1> 0300109101e00000  0000000000000000  CC_PROCS_ENTRY_OUT
[435665.756235][T18113] Kernel panic - not syncing: Bad Address (null pointer deref?)
[435665.756235][T18113] Kernel panic - not syncing: Bad Address (null pointer deref?)
<Cpu1> 78000c6201e00000  a0e008c01100b009  CC_PAT_ENCODED_FIELD_WARNING
<Cpu1> 76000c6801e00000  0000000000000520  CC_PAT_DATA_FIELD_WARNING
<Cpu1> 0300109101e00000  0000000000000000  CC_PROCS_ENTRY_OUT
[435665.756235][T18113] ---[ end Kernel panic - not syncing: Bad Address (null pointer deref?) ]---
[435665.756235][T18113] ---[ end Kernel panic - not syncing: Bad Address (null pointer deref?) ]---
Comment 9 Rolf Eike Beer archtester 2020-03-16 19:14:07 UTC 
The test restriction can be lifted again, this has been fixed and current kernels work fine. The patch is backported at least to 5.2, so everything newer should be fine.
Comment 10 Sergei Trofimovich (RETIRED) gentoo-dev 2020-03-17 00:14:00 UTC 
Sounds reasonable to do it eventually. Maybe a while after we move hake off 5.1:

slyfox@hake ~ $ uname -r
5.1.15-gentoo
Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-12-01 02:28:11 UTC 
Obsolete per above (fixed in kernel upstream >= 5.2 and hake is on 5.10 now anyway).
Comment 12 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-12-01 02:28:37 UTC 
(In reply to Sam James from comment #11)
> Obsolete per above (fixed in kernel upstream >= 5.2 and hake is on 5.10 now
> anyway).


[02:28:26]  <@sam_> note that the restrict in gdb has actually been removed *and then put back* since because of how broken the gdb test suite is