Greeting, FYI, we noticed the following commit (built with gcc-11): commit: 30f9ef94795008e5146f69d2eb043922a512bf85 ("ovl: support idmapped layers") https://github.com/ammarfaizi2/linux-block brauner/linux/fs.idmapped.overlayfs.v3 in testcase: phoronix-test-suite version: with following parameters: need_x: true test: nexuiz-1.6.1 option_a: 1024 x 768 option_b: No option_c: Off cpufreq_governor: performance ucode: 0xec test-description: The Phoronix Test Suite is the most comprehensive testing and benchmarking platform available that provides an extensible framework for which new tests can be easily added. test-url: http://www.phoronix-test-suite.com/ on test machine: 12 threads 1 sockets Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz with 32G memory caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace): If you fix the issue, kindly add following tag Reported-by: kernel test robot [ 23.631915][ T473] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 23.639505][ T473] #PF: supervisor read access in kernel mode [ 23.645281][ T473] #PF: error_code(0x0000) - not-present page [ 23.651058][ T473] PGD 0 P4D 0 [ 23.654261][ T473] Oops: 0000 [#1] SMP PTI [ 23.658413][ T473] CPU: 10 PID: 473 Comm: systemd-journal Not tainted 5.17.0-00019-g30f9ef947950 #1 [ 23.667470][ T473] Hardware name: Dell Inc. OptiPlex 7060/0C96W1, BIOS 1.4.2 06/11/2019 [ 23.675492][ T473] RIP: 0010:ovl_set_upper_acl (fs/overlayfs/ovl_entry.h:90 fs/overlayfs/ovl_entry.h:95 fs/overlayfs/overlayfs.h:254 fs/overlayfs/dir.c:457) overlay [ 23.681809][ T473] Code: c5 48 85 c0 0f 84 9e 00 00 00 4c 89 e6 4c 89 f9 48 89 c2 48 c7 c7 80 8f 84 82 e8 1a d4 2b c1 41 89 c4 85 c0 78 27 48 8b 43 08 <48> 8b 00 48 8b 78 18 41 b9 01 00 00 00 4d 89 f8 48 89 e9 4c 89 f2 All code ======== 0: c5 48 85 (bad) 3: c0 0f 84 rorb $0x84,(%rdi) 6: 9e sahf 7: 00 00 add %al,(%rax) 9: 00 4c 89 e6 add %cl,-0x1a(%rcx,%rcx,4) d: 4c 89 f9 mov %r15,%rcx 10: 48 89 c2 mov %rax,%rdx 13: 48 c7 c7 80 8f 84 82 mov $0xffffffff82848f80,%rdi 1a: e8 1a d4 2b c1 callq 0xffffffffc12bd439 1f: 41 89 c4 mov %eax,%r12d 22: 85 c0 test %eax,%eax 24: 78 27 js 0x4d 26: 48 8b 43 08 mov 0x8(%rbx),%rax 2a:* 48 8b 00 mov (%rax),%rax <-- trapping instruction 2d: 48 8b 78 18 mov 0x18(%rax),%rdi 31: 41 b9 01 00 00 00 mov $0x1,%r9d 37: 4d 89 f8 mov %r15,%r8 3a: 48 89 e9 mov %rbp,%rcx 3d: 4c 89 f2 mov %r14,%rdx Code starting with the faulting instruction =========================================== 0: 48 8b 00 mov (%rax),%rax 3: 48 8b 78 18 mov 0x18(%rax),%rdi 7: 41 b9 01 00 00 00 mov $0x1,%r9d d: 4d 89 f8 mov %r15,%r8 10: 48 89 e9 mov %rbp,%rcx 13: 4c 89 f2 mov %r14,%rdx [ 23.701076][ T473] RSP: 0018:ffffc900005f7ae8 EFLAGS: 00010202 [ 23.706941][ T473] RAX: 0000000000000000 RBX: ffff888879bc5780 RCX: ffff88816a92703c [ 23.714692][ T473] RDX: 0000000000000000 RSI: 00000000fffffffe RDI: ffffffff82848fc8 [ 23.722444][ T473] RBP: ffff88811a976a40 R08: 0000000000000000 R09: ffff888102b95330 [ 23.730199][ T473] R10: ffff888102188d80 R11: ffff888102188480 R12: 000000000000002c [ 23.737950][ T473] R13: ffff888102188d80 R14: ffffffffc0180407 R15: 000000000000002c [ 23.745705][ T473] FS: 00007fc8b516d980(0000) GS:ffff888854080000(0000) knlGS:0000000000000000 [ 23.754406][ T473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.760782][ T473] CR2: 0000000000000000 CR3: 000000087b3f2001 CR4: 00000000003706e0 [ 23.768536][ T473] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.776290][ T473] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.784044][ T473] Call Trace: [ 23.787162][ T473] [ 23.789936][ T473] ovl_create_over_whiteout (fs/overlayfs/dir.c:526) overlay [ 23.796167][ T473] ? security_prepare_creds (security/security.c:1700 (discriminator 13)) [ 23.801348][ T473] ovl_create_or_link (fs/overlayfs/dir.c:620) overlay [ 23.806969][ T473] ? new_inode (fs/inode.c:1051) [ 23.811029][ T473] ovl_create_object (fs/overlayfs/dir.c:651) overlay [ 23.816554][ T473] lookup_open+0x552/0x6c0 [ 23.821387][ T473] open_last_lookups (fs/namei.c:3451) [ 23.826136][ T473] ? path_init (fs/namei.c:2411) [ 23.830366][ T473] path_openat (fs/namei.c:3655 (discriminator 1)) [ 23.834513][ T473] ? ovl_getattr (fs/overlayfs/inode.c:277) overlay [ 23.839692][ T473] do_filp_open (fs/namei.c:3685) [ 23.843934][ T473] ? __virt_addr_valid (arch/x86/mm/physaddr.c:65) [ 23.848699][ T473] ? __check_object_size (mm/memremap.c:153) [ 23.854396][ T473] do_sys_openat2 (fs/open.c:1214) [ 23.858798][ T473] __x64_sys_openat (fs/open.c:1241) [ 23.863287][ T473] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) [ 23.867526][ T473] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:113) [ 23.873236][ T473] RIP: 0033:0x7fc8b67d92c7 [ 23.877469][ T473] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 33 0c 25 All code ======== 0: 25 00 00 41 00 and $0x410000,%eax 5: 3d 00 00 41 00 cmp $0x410000,%eax a: 74 47 je 0x53 c: 64 8b 04 25 18 00 00 mov %fs:0x18,%eax 13: 00 14: 85 c0 test %eax,%eax 16: 75 6b jne 0x83 18: 44 89 e2 mov %r12d,%edx 1b: 48 89 ee mov %rbp,%rsi 1e: bf 9c ff ff ff mov $0xffffff9c,%edi 23: b8 01 01 00 00 mov $0x101,%eax 28: 0f 05 syscall 2a:* 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax <-- trapping instruction 30: 0f 87 95 00 00 00 ja 0xcb 36: 48 8b 4c 24 28 mov 0x28(%rsp),%rcx 3b: 64 fs 3c: 48 rex.W 3d: 33 .byte 0x33 3e: 0c 25 or $0x25,%al Code starting with the faulting instruction =========================================== 0: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax 6: 0f 87 95 00 00 00 ja 0xa1 c: 48 8b 4c 24 28 mov 0x28(%rsp),%rcx 11: 64 fs 12: 48 rex.W 13: 33 .byte 0x33 14: 0c 25 or $0x25,%al [ 23.896740][ T473] RSP: 002b:00007ffd58ddcfa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 23.904934][ T473] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc8b67d92c7 [ 23.912698][ T473] RDX: 0000000000080842 RSI: 000055aa55019ee0 RDI: 00000000ffffff9c [ 23.920466][ T473] RBP: 000055aa55019ee0 R08: 000055aa550129c8 R09: ffffffffffffffff [ 23.928223][ T473] R10: 00000000000001a0 R11: 0000000000000246 R12: 0000000000080842 [ 23.935977][ T473] R13: 000055aa55018890 R14: 000055aa55011d50 R15: 0000000000000200 [ 23.943734][ T473] [ 23.946591][ T473] Modules linked in: acpi_cpufreq(-) sg ip_tables overlay rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver btrfs blake2b_generic xor raid6_pq zstd_compress libcrc32c sd_mod t10_pi intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel i915 kvm intel_gtt irqbypass ttm crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel mei_wdt intel_wmi_thunderbolt wmi_bmof drm_kms_helper ahci rapl libahci syscopyarea intel_cstate sysfillrect sysimgblt intel_uncore fb_sys_fops libata mei_me i2c_designware_platform drm mei i2c_designware_core idma64 intel_pch_thermal wmi video intel_pmc_core acpi_pad [ 24.002894][ T473] CR2: 0000000000000000 [ 24.006878][ T473] ---[ end trace 0000000000000000 ]--- [ 24.012139][ T473] RIP: 0010:ovl_set_upper_acl (fs/overlayfs/ovl_entry.h:90 fs/overlayfs/ovl_entry.h:95 fs/overlayfs/overlayfs.h:254 fs/overlayfs/dir.c:457) overlay [ 24.018447][ T473] Code: c5 48 85 c0 0f 84 9e 00 00 00 4c 89 e6 4c 89 f9 48 89 c2 48 c7 c7 80 8f 84 82 e8 1a d4 2b c1 41 89 c4 85 c0 78 27 48 8b 43 08 <48> 8b 00 48 8b 78 18 41 b9 01 00 00 00 4d 89 f8 48 89 e9 4c 89 f2 All code ======== 0: c5 48 85 (bad) 3: c0 0f 84 rorb $0x84,(%rdi) 6: 9e sahf 7: 00 00 add %al,(%rax) 9: 00 4c 89 e6 add %cl,-0x1a(%rcx,%rcx,4) d: 4c 89 f9 mov %r15,%rcx 10: 48 89 c2 mov %rax,%rdx 13: 48 c7 c7 80 8f 84 82 mov $0xffffffff82848f80,%rdi 1a: e8 1a d4 2b c1 callq 0xffffffffc12bd439 1f: 41 89 c4 mov %eax,%r12d 22: 85 c0 test %eax,%eax 24: 78 27 js 0x4d 26: 48 8b 43 08 mov 0x8(%rbx),%rax 2a:* 48 8b 00 mov (%rax),%rax <-- trapping instruction 2d: 48 8b 78 18 mov 0x18(%rax),%rdi 31: 41 b9 01 00 00 00 mov $0x1,%r9d 37: 4d 89 f8 mov %r15,%r8 3a: 48 89 e9 mov %rbp,%rcx 3d: 4c 89 f2 mov %r14,%rdx Code starting with the faulting instruction =========================================== 0: 48 8b 00 mov (%rax),%rax 3: 48 8b 78 18 mov 0x18(%rax),%rdi 7: 41 b9 01 00 00 00 mov $0x1,%r9d d: 4d 89 f8 mov %r15,%r8 10: 48 89 e9 mov %rbp,%rcx 13: 4c 89 f2 mov %r14,%rdx To reproduce: git clone https://github.com/intel/lkp-tests.git cd lkp-tests sudo bin/lkp install job.yaml # job file is attached in this email bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run sudo bin/lkp run generated-yaml-file # if come across any failure that blocks the test, # please remove ~/.lkp and /lkp dir to run from a clean state. -- 0-DAY CI Kernel Test Service https://01.org/lkp