Kafs 6.16.0-rc3 BUG: kernel NULL pointer dereference

markus.suvanto at gmail.com markus.suvanto at gmail.com
Sun Aug 3 14:04:12 PDT 2025 

pe, 2025-07-18 kello 10:29 +0100, David Howells kirjoitti:
> markus.suvanto at gmail.com wrote:
> 
> > FYI... 
> > So far I can't reproduce oops anymore when using 6.16.0-rc[56].
> 
> :-/
> 
> It hasn't been fixed as far as I know.
> 
> And the kernel you were using previously should have included:
> 
> 	4882ba78574e afs: Fix afs_server ref accounting
> 
> so would seem unlikely to be that.
> 
> David


New Oops. This time 

z600 ~ # cat /sys/kernel/tracing/events/afs/afs_new_server/enable
cat /sys/kernel/tracing/events/afs/afs_del_server/enable
cat /sys/kernel/tracing/events/afs/afs_cm_no_server/enable
cat /sys/kernel/tracing/events/afs/afs_cm_no_server_u/enable
cat /sys/kernel/tracing/events/error_report/enable
cat /sys/kernel/tracing/events/afs/afs_server/enable
1
1
1
1
1
1

cat  /sys/kernel/tracing/trace found in link below
https://talvi.dynv6.net/nextcloud/index.php/s/LdaACN2SB2SJia6


Dmesg:


[24772.425221] AFS: Cache volume key already in use (afs,station.com,20000019)
[24910.984682] br0: port 1(enp1s0) neighbor 8000.4a:64:f5:b6:f6:96 lost
[24910.985310] br0: topology change detected, propagating
[25012.470096] AFS: Cache volume key already in use (afs,station.com,20000019)
[25072.478214] AFS: Cache volume key already in use (afs,station.com,20000019)
[25305.002256] BUG: kernel NULL pointer dereference, address: 0000000000000010
[25305.002692] #PF: supervisor read access in kernel mode
[25305.003094] #PF: error_code(0x0000) - not-present page
[25305.003499] PGD 0 P4D 0 
[25305.003907] Oops: Oops: 0000 [#1] SMP PTI
[25305.004324] CPU: 13 UID: 0 PID: 25878 Comm: kworker/u66:4 Tainted: G          I         6.16.0-00001-g06057fe3ba40 #1
VOLUNTARY 
[25305.004771] Tainted: [I]=FIRMWARE_WORKAROUND
[25305.005204] Hardware name: Hewlett-Packard HP Z600 Workstation/0AE8h, BIOS 786G4 v03.19 03/11/2011
[25305.005641] Workqueue: kafsd afs_process_async_call [kafs]
[25305.006109] RIP: 0010:afs_deliver_cb_init_call_back_state3+0x38/0x1d0 [kafs]
[25305.006554] Code: 56 3c 01 0f 84 b8 00 00 00 8b 83 48 01 00 00 83 f8 05 0f 85 5d 01 00 00 48 8b 83 a0 00 00 00 48 8b
93 b0 00 00 00 48 8d 48 10 <48> 8b 40 10 48 39 02 0f 84 2b 01 00 00 48 c7 c7 a8 05 37 c2 e8 7f
[25305.007012] RSP: 0018:ffffaa5a26c8be20 EFLAGS: 00010246
[25305.007474] RAX: 0000000000000000 RBX: ffff9978b3620800 RCX: 0000000000000010
[25305.007950] RDX: ffff9978d4384c30 RSI: ffff997721b88500 RDI: ffff9978d4384c30
[25305.008432] RBP: ffff9978b3620820 R08: 0000000000000010 R09: 77000000aaffffff
[25305.008922] R10: ffffaa5a26c8be20 R11: 0000000000000001 R12: ffff9978b3079e00
[25305.009419] R13: ffff9978b0084400 R14: ffff9978b3079e45 R15: ffff9978b41fde00
[25305.009923] FS:  0000000000000000(0000) GS:ffff997a81612000(0000) knlGS:0000000000000000
[25305.010440] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[25305.010963] CR2: 0000000000000010 CR3: 00000002d0018000 CR4: 00000000000026f0
[25305.011498] Call Trace:
[25305.012036]  <TASK>
[25305.012575]  afs_deliver_to_call+0x56/0x4b0 [kafs]
[25305.013155]  afs_process_async_call+0x2f/0x40 [kafs]
[25305.013740]  process_one_work+0x141/0x2a0
[25305.014304]  worker_thread+0x2da/0x420
[25305.014871]  ? __pfx_worker_thread+0x10/0x10
[25305.015442]  kthread+0xdf/0x1c0
[25305.016015]  ? __pfx_kthread+0x10/0x10
[25305.016592]  ? __pfx_kthread+0x10/0x10
[25305.017170]  ret_from_fork+0x71/0xd0
[25305.017752]  ? __pfx_kthread+0x10/0x10
[25305.018336]  ret_from_fork_asm+0x1a/0x30
[25305.018930]  </TASK>
[25305.019518] Modules linked in: bluetooth ecdh_generic ecc libaes uinput md5 algif_hash af_alg ip6table_nat
ip6table_filter iptable_nat xt_MASQUERADE nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_filter af_packet
veth rc_dib0700_rc5 bridge stp llc si2157 si2168 kafs mt2060 fcrypt pcbc cx23885 altera_ci rxrpc tda18271 altera_stapl
m88ds3103 krb5 cx2341x dns_resolver dvb_usb_dib0700 tveeprom videobuf2_dvb dib9000 netfs i2c_mux snd_usb_audio
intel_powerclamp videobuf2_dma_sg snd_hda_codec_realtek snd_hda_codec_generic dib7000m kvm_intel dib0090
videobuf2_memops snd_hda_scodec_component snd_hda_codec_hdmi videobuf2_v4l2 dib0070 snd_ump kvm dib3000mc videodev
snd_hda_intel snd_usbmidi_lib joydev dibx000_common snd_hwdep mousedev snd_intel_dspcfg dvb_usb irqbypass snd_rawmidi
snd_hda_codec intel_cstate dvb_core videobuf2_common snd_hda_core snd_seq_device cp210x rc_core bfq wmi_bmof gpio_ich
evdev mc usbserial snd_pcm input_leds intel_uncore cfg80211 snd_timer pcspkr acpi_cpufreq regmap_i2c i7core_edac snd
[25305.019615]  tiny_power_button lpc_ich soundcore rfkill edac_core rtc_cmos button sch_fq_codel ip6_tables ip_tables
x_tables wireguard curve25519_x86_64 libchacha20poly1305 libcurve25519_generic chacha_x86_64 libchacha libpoly1305
poly1305_x86_64 ip6_udp_tunnel udp_tunnel smsc47b397 coretemp fuse configfs tun loop crc32c_cryptoapi hid_logitech_hidpp
amdgpu hid_logitech_dj drm_suballoc_helper amdxcp i2c_algo_bit drm_client_lib mfd_core drm_ttm_helper syscopyarea ttm
agpgart sysfillrect sysimgblt fb_sys_fops drm_exec gpu_sched video drm_panel_backlight_quirks hid_generic cec usbkbd
usbmouse drm_buddy usbhid drm_display_helper sr_mod cdrom sd_mod drm_kms_helper drm nvme_tcp psmouse nvme_fabrics ahci
serio_raw atkbd libahci uhci_hcd drm_panel_orientation_quirks libps2 nvme_core vivaldi_fmap libata tg3 ehci_pci fb
ehci_hcd ptp backlight sha512_ssse3 font pps_core scsi_mod usbcore lcd hwmon ledtrig_backlight i2c_core scsi_common
usb_common crc16 wmi floppy i8042 serio btrfs blake2b_generic xor zstd_compress raid6_pq
[25305.023320]  nfnetlink dmi_sysfs sha1_generic sha1_ssse3 ipv6 autofs4
[25305.028689] CR2: 0000000000000010
[25305.029605] ---[ end trace 0000000000000000 ]---
[25305.030547] RIP: 0010:afs_deliver_cb_init_call_back_state3+0x38/0x1d0 [kafs]
[25305.031537] Code: 56 3c 01 0f 84 b8 00 00 00 8b 83 48 01 00 00 83 f8 05 0f 85 5d 01 00 00 48 8b 83 a0 00 00 00 48 8b
93 b0 00 00 00 48 8d 48 10 <48> 8b 40 10 48 39 02 0f 84 2b 01 00 00 48 c7 c7 a8 05 37 c2 e8 7f
[25305.032536] RSP: 0018:ffffaa5a26c8be20 EFLAGS: 00010246
[25305.033527] RAX: 0000000000000000 RBX: ffff9978b3620800 RCX: 0000000000000010
[25305.034508] RDX: ffff9978d4384c30 RSI: ffff997721b88500 RDI: ffff9978d4384c30
[25305.035501] RBP: ffff9978b3620820 R08: 0000000000000010 R09: 77000000aaffffff
[25305.036500] R10: ffffaa5a26c8be20 R11: 0000000000000001 R12: ffff9978b3079e00
[25305.037507] R13: ffff9978b0084400 R14: ffff9978b3079e45 R15: ffff9978b41fde00
[25305.038510] FS:  0000000000000000(0000) GS:ffff997a81612000(0000) knlGS:0000000000000000
[25305.039508] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[25305.040492] CR2: 0000000000000010 CR3: 00000002d0018000 CR4: 00000000000026f0
[25305.041492] note: kworker/u66:4[25878] exited with irqs disabled
[25312.512588] AFS: Cache volume key already in use (afs,station.com,20000019)
[25372.522533] AFS: Cache volume key already in use (afs,station.com,20000019)
[25612.544440] AFS: Cache volume key already in use (afs,station.com,20000019)
[25672.543807] AFS: Cache volume key already in use (afs,station.com,20000019)
[25912.588191] AFS: Cache volume key already in use (afs,station.com,20000019)

-Markus

More information about the linux-afs mailing list