lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 2 Jun 2017 09:14:51 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Bart Van Assche <bart.vanassche@...disk.com>
Cc:     Christoph Hellwig <hch@....de>, Hannes Reinecke <hare@...e.de>,
        LKML <linux-kernel@...r.kernel.org>,
        Bart Van Assche <bart.vanassche@...disk.com>, lkp@...org
Subject: [lkp-robot] 105931d39f: BUG:unable_to_handle_kernel


FYI, we noticed the following commit:

commit: 105931d39f6a37845e07f65f7e23b4bed9d1d8f8 ("Move most of scsi_init_command() into scsi_initialize_rq()")
https://github.com/bvanassche/linux for-next

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -smp 2 -m 512M

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+---------------------------------------------+------------+------------+
|                                             | 8e9bd2fd5c | 105931d39f |
+---------------------------------------------+------------+------------+
| boot_successes                              | 0          | 0          |
| boot_failures                               | 10         | 39         |
| WARNING:at_block/blk-merge.c:#attempt_merge | 8          |            |
| BUG:workqueue_lockup-pool                   | 1          |            |
| BUG:kernel_hang_in_test_stage               | 1          |            |
| BUG:unable_to_handle_kernel                 | 0          | 39         |
| Oops:#[##]                                  | 0          | 39         |
| Kernel_panic-not_syncing:Fatal_exception    | 0          | 39         |
+---------------------------------------------+------------+------------+



[    6.892331] BUG: unable to handle kernel NULL pointer dereference at           (null)
[    6.893404] IP: scsi_add_cmd_to_list+0x28/0xb0
[    6.894001] PGD 0 
[    6.894003] P4D 0 
[    6.894288] 
[    6.894776] Oops: 0000 [#1] PREEMPT SMP
[    6.895302] CPU: 0 PID: 5 Comm: kworker/u4:0 Not tainted 4.12.0-rc2-00339-g105931d #1
[    6.896342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-20161025_171302-gandalf 04/01/2014
[    6.897692] Workqueue: events_unbound async_run_entry_fn
[    6.898411] task: ffff88001cf28040 task.stack: ffffc900000f0000
[    6.899202] RIP: 0010:scsi_add_cmd_to_list+0x28/0xb0
[    6.899868] RSP: 0000:ffffc900000f2fd0 EFLAGS: 00010046
[    6.900575] RAX: ffff88001ee11868 RBX: 0000000000000000 RCX: 0000000000000000
[    6.901523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88001ee11678
[    6.902478] RBP: ffffc900000f3020 R08: 00000000be1630d2 R09: 0000000000000000
[    6.903429] R10: ffff88001ee11868 R11: 0000000000000000 R12: ffff88001ee11678
[    6.904377] R13: ffff88001ee11678 R14: ffff8800149ca2a8 R15: ffffc900000f30e0
[    6.905121] Creating 1 MTD partitions on "NAND 128MiB 1,8V 8-bit":
[    6.905129] 0x000000000000-0x000008000000 : "NAND simulator partition 0"
[    6.907028] FS:  0000000000000000(0000) GS:ffff88001d200000(0000) knlGS:0000000000000000
[    6.908097] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    6.908868] CR2: 0000000000000000 CR3: 0000000002823000 CR4: 00000000000006b0
[    6.909418] ftl_cs: FTL header not found.
[    6.910363] Call Trace:
[    6.910699]  scsi_init_command+0x37/0x40
[    6.911228]  scsi_prep_fn+0x67/0x140
[    6.911719]  ? __kmalloc_node+0x119/0x290
[    6.912267]  ? ioc_lookup_icq+0xac/0xe0
[    6.912782]  blk_peek_request+0x1f9/0x370
[    6.913331]  ? scsi_init_rq+0x75/0x100
[    6.913836]  scsi_request_fn+0x8a/0x7d0
[    6.914362]  ? kvm_clock_read+0x25/0x40
[    6.914879]  ? kvm_sched_clock_read+0x9/0x20
[    6.915458]  ? blk_account_io_start+0x2df/0x320
[    6.916066]  ? __lock_release+0x1b7/0x230
[    6.916610]  ? blk_account_io_start+0x2df/0x320
[    6.917218]  ? put_lock_stats+0xe/0x20
[    6.917728]  __blk_run_queue+0xa5/0xc0
[    6.918242]  __elv_add_request+0x1f7/0x330
[    6.918789]  blk_queue_bio+0x4de/0x510
[    6.919304]  ? __lock_release+0x1b7/0x230
[    6.919840]  ? mempool_alloc_slab+0x20/0x30
[    6.920410]  generic_make_request+0xef/0x2c0
[    6.920981]  ? preempt_count_sub+0x63/0x80
[    6.921540]  ? bio_init+0xd/0x40
[    6.921979]  submit_bio+0x118/0x130
[    6.922456]  ? __add_to_page_cache_locked+0x158/0x250
[    6.923133]  ? guard_bio_eod+0x19/0x130
[    6.923654]  submit_bh_wbc+0x10e/0x120
[    6.924167]  submit_bh+0x10/0x20
[    6.924610]  block_read_full_page+0x3d0/0x400
[    6.925196]  ? I_BDEV+0x20/0x20
[    6.925628]  ? add_to_page_cache_lru+0x112/0x130
[    6.926254]  ? alloc_pages_current+0x143/0x160
[    6.926846]  ? ret_from_fork+0x2c/0x40
[    6.927361]  blkdev_readpage+0x18/0x20
[    6.927866]  do_read_cache_page+0xe8/0x370
[    6.928426]  ? init_object+0x88/0xa0
[    6.928910]  ? blkdev_writepages+0x40/0x40
[    6.929464]  ? ___slab_alloc+0x36f/0x3a0
[    6.929992]  ? find_valid_gpt+0x80/0x230
[    6.930524]  ? get_page_from_freelist+0x6e8/0x800
[    6.931153]  ? ___slab_alloc+0x36f/0x3a0
[    6.931687]  ? sched_clock_cpu+0x22/0xe0
[    6.932216]  ? __vmalloc_area_node+0x98/0x210
[    6.932804]  ? kvm_clock_read+0x25/0x40
[    6.933329]  read_cache_page+0x15/0x20
[    6.933830]  read_dev_sector+0x34/0xd0
[    6.934348]  read_lba+0xb4/0x150
[    6.934783]  find_valid_gpt+0x9e/0x230
[    6.935298]  ? find_valid_gpt+0x230/0x230
[    6.935834]  efi_partition+0x6c/0x3d0
[    6.936339]  ? vsnprintf+0xb5/0x410
[    6.936808]  ? snprintf+0x34/0x40
[    6.937266]  ? find_valid_gpt+0x230/0x230
[    6.937798]  check_partition+0x119/0x1e0
[    6.938335]  rescan_partitions+0x8c/0x330
[    6.938873]  __blkdev_get+0x14d/0x390
[    6.939375]  blkdev_get+0x1be/0x1d0
[    6.939845]  register_disk+0xfd/0x160
[    6.940353]  device_add_disk+0xcf/0x130
[    6.940867]  sd_probe_async+0x126/0x1f0
[    6.941395]  async_run_entry_fn+0x4a/0x120
[    6.941949]  ? preempt_count_sub+0x63/0x80
[    6.942503]  process_one_work+0x331/0x5a0
[    6.943042]  ? process_one_work+0x1ee/0x5a0
[    6.943608]  ? sched_clock_cpu+0x22/0xe0
[    6.944138]  ? preempt_count_add+0xe/0x70
[    6.944682]  ? preempt_count_sub+0x16/0x80
[    6.945240]  ? put_lock_stats+0xe/0x20
[    6.945743]  ? __lock_acquired+0x222/0x250
[    6.946302]  worker_thread+0x2c5/0x3e0
[    6.946806]  ? maybe_create_worker+0x100/0x100
[    6.947411]  ? preempt_count_sub+0x63/0x80
[    6.947963]  ? schedule+0x9e/0xb0
[    6.948419]  ? maybe_create_worker+0x100/0x100
[    6.949013]  kthread+0x142/0x150
[    6.949456]  ? __kthread_init_worker+0x80/0x80
[    6.950053]  ret_from_fork+0x2c/0x40
[    6.950541] Code: 00 00 00 55 48 89 e5 48 83 ec 50 48 89 5d d8 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0 4c 89 7d f8 e8 af de 70 00 48 8b 5f 38 49 89 fc <48> 8b 03 f6 80 01 03 00 00 08 74 61 4c 8d 7b 38 4d 8d 6c 24 40 
[    6.953112] RIP: scsi_add_cmd_to_list+0x28/0xb0 RSP: ffffc900000f2fd0


To reproduce:

        git clone https://github.com/01org/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.12.0-rc2-00339-g105931d" of type "text/plain" (113537 bytes)

View attachment "job-script" of type "text/plain" (4128 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (12376 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ