Message-ID: <20170411015036.GX17682@yexl-desktop>
Date:   Tue, 11 Apr 2017 09:50:36 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Jan Kara <jack@...e.cz>
Cc:     Jens Axboe <axboe@...com>, LKML <linux-kernel@...r.kernel.org>,
        Jens Axboe <axboe@...nel.dk>, lkp@...org
Subject: [lkp-robot] [cfq]  142bbdfccc: kernel_BUG_at_lib/list_debug.c


FYI, we noticed the following commit:

commit: 142bbdfccc8b3e9f7342f2ce8422e76a3b45beae ("cfq: Disable writeback throttling by default")
https://git.kernel.org/cgit/linux/kernel/git/axboe/linux-block.git for-4.12/block

in testcase: iperf
with following parameters:

	runtime: 300s
	cluster: cs-localhost
	protocol: udp

test-description: iperf is a tool for active measurements of the maximum achievable bandwidth on IP networks.
test-url: https://iperf.fr/


on test machine: qemu-system-x86_64 -enable-kvm -cpu kvm64,+ssse3 -m 1G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+-----------------------------------------------------------------------+------------+------------+
|                                                                       | 85003a446e | 142bbdfccc |
+-----------------------------------------------------------------------+------------+------------+
| boot_successes                                                        | 0          | 0          |
| boot_failures                                                         | 72         | 13         |
| WARNING:at_drivers/gpu/drm/drm_mode_config.c:#drm_mode_config_cleanup | 72         | 13         |
| BUG:Bad_page_state_in_process                                         | 72         | 13         |
| kernel_BUG_at_lib/list_debug.c                                        | 0          | 7          |
| invalid_opcode:#[##]                                                  | 0          | 7          |
| Kernel_panic-not_syncing:Fatal_exception                              | 0          | 7          |
+-----------------------------------------------------------------------+------------+------------+



[  488.656324] BUG: Bad page state in process swapper  pfn:3f121
[  488.665716] page:ffffea0000dcbf38 count:-1 mapcount:0 mapping:          (null) index:0x0
[  488.677841] flags: 0x4000000000000000()
[  488.684515] raw: 4000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
[  488.696441] raw: 0000000000000000 0000000200000001 0000000000000000
[  488.705803] page dumped because: nonzero _refcount
[  488.713520] CPU: 0 PID: 1 Comm: swapper Tainted: G        W       4.11.0-rc3-00108-g142bbdf #1
[  488.727293] Call Trace:
[  488.731601]  dump_stack+0x19/0x1b
[  488.737048]  bad_page+0xfb/0x117
[  488.742231]  free_pages_check+0x6c/0x78
[  488.748685]  __free_pages_ok+0x73/0x160
[  488.755100]  __free_pages+0x19/0x1b
[  488.760897]  kfree+0x64/0x69
[  488.782249]  bochs_unload+0x36/0x44
[  488.788275]  drm_dev_unregister+0x3c/0xac
[  488.794960]  drm_put_dev+0x44/0x4f
[  488.800956]  bochs_pci_remove+0x10/0x12
[  488.807362]  pci_device_remove+0x46/0x8f
[  488.813886]  driver_probe_device+0x178/0x322
[  488.821104]  ? driver_probe_device+0x322/0x322
[  488.828462]  __driver_attach+0x61/0x82
[  488.834752]  bus_for_each_dev+0x5a/0x82
[  488.841518]  driver_attach+0x19/0x1b
[  488.847872]  bus_add_driver+0xea/0x1ce
[  488.854645]  ? qxl_init+0x7d/0x7d
[  488.860615]  driver_register+0x83/0xba
[  488.867380]  __pci_register_driver+0x5b/0x5e
[  488.874800]  drm_pci_init+0x47/0xc8
[  488.881026]  ? qxl_init+0x7d/0x7d
[  488.886957]  bochs_init+0x50/0x71
[  488.893014]  do_one_initcall+0xc3/0x22d
[  488.899697]  ? parse_args+0x116/0x2a4
[  488.905876]  kernel_init_freeable+0x185/0x2ab
[  488.913655]  ? rest_init+0xba/0xba
[  488.919393]  kernel_init+0x9/0xe1
[  488.924715]  ret_from_fork+0x2c/0x40
[  488.930350] Disabling lock debugging due to kernel taint
[  488.972021] [drm] Found bochs VGA, ID 0xb0c0.
[  488.979633] [drm] Framebuffer size 16384 kB @ 0xfc000000, mmio @ 0xfebf0000.
[  488.992145] [TTM] Zone  kernel: Available graphics memory: 491180 kiB
[  489.001252] [TTM] Initializing pool allocator
[  489.007729] [TTM] Initializing DMA pool allocator
[  489.034792] bochsdrmfb: enable CONFIG_FB_LITTLE_ENDIAN to support this framebuffer
[  489.054532] [drm] Initialized bochs-drm 1.0.0 20130925 for 0000:00:02.0 on minor 0
[  489.246771] brd: module loaded
[  489.361486] loop: module loaded
[  489.366770] HP CISS Driver (v 3.6.26)
[  489.374715] skd:  v2.2.1-b0260 loaded
[  489.744560] dummy-irq: no IRQ given.  Use irq=N
[  489.756553] lkdtm: No crash points registered, enable through debugfs
[  489.767924] Phantom Linux Driver, version n0.9.8, init OK
[  489.776967] Silicon Labs C2 port support v. 0.51.0 - (C) 2007 Rodolfo Giometti
[  489.790122] c2port c2port0: C2 port uc added
[  489.796733] c2port c2port0: uc flash has 30 blocks x 512 bytes (15360 bytes total)
[  489.818349] Guest personality initialized and is inactive
[  489.827782] VMCI host device registered (name=vmci, major=10, minor=60)
[  489.836984] Initialized host personality
[  489.865280] usbcore: registered new interface driver viperboard
[  489.873697] usbcore: registered new interface driver dln2
[  489.883129] usbcore: registered new interface driver pn533_usb
[  489.909510] nfcsim 0.2 initialized
[  489.915831] usbcore: registered new interface driver port100
[  489.924611] usbcore: registered new interface driver nfcmrvl
[  489.935050] Uniform Multi-Platform E-IDE driver
[  489.946386] piix 0000:00:01.1: IDE controller (0x8086:0x7010 rev 0x00)
[  489.956590] piix 0000:00:01.1: not 100% native mode: will probe irqs later
[  489.976717]     ide0: BM-DMA at 0xc0c0-0xc0c7
[  489.984753]     ide1: BM-DMA at 0xc0c8-0xc0cf
[  489.991856] Probing IDE interface ide0...
[  490.613344] Probing IDE interface ide1...
[  491.407543] hdc: QEMU DVD-ROM, ATAPI CD/DVD-ROM drive
[  492.137525] hdc: host max PIO4 wanted PIO255(auto-tune) selected PIO0
[  492.147898] hdc: MWDMA2 mode selected
[  492.155063] ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
[  492.162647] ide1 at 0x170-0x177,0x376 on irq 15
[  492.195116] piix 0000:00:01.1: IDE controller (0x8086:0x7010 rev 0x00)
[  492.207364] piix 0000:00:01.1: not 100% native mode: will probe irqs later
[  492.230823]     ide0: BM-DMA at 0xc0c0-0xc0c7
[  492.240899]     ide1: BM-DMA at 0xc0c8-0xc0cf
[  492.249519] Probing IDE interface ide0...
[  492.867566] Probing IDE interface ide1...
[  493.679634] hdc: QEMU DVD-ROM, ATAPI CD/DVD-ROM drive
[  494.409723] hdc: host max PIO4 wanted PIO255(auto-tune) selected PIO0
[  494.421037] hdc: MWDMA2 mode selected
[  494.432259] ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
[  494.442598] ide1 at 0x170-0x177,0x376 on irq 15
[  494.476464] ide_generic: please use "probe_mask=0x3f" module parameter for probing all legacy ISA IDE ports
[  494.498586] ide-gd driver 1.18
[  494.506211] ide-cd driver 5.00
[  494.518554] ide-cd: hdc: ATAPI 4X DVD-ROM drive, 512kB Cache
[  494.526391] cdrom: Uniform CD-ROM driver Revision: 3.20
[  494.557704] list_del corruption, ffff88003e508a88->prev is LIST_POISON2 (dead000000000200)
[  494.570371] ------------[ cut here ]------------
[  494.577366] kernel BUG at lib/list_debug.c:50!
[  494.586672] invalid opcode: 0000 [#1]
[  494.592214] CPU: 0 PID: 1 Comm: swapper Tainted: G    B   W       4.11.0-rc3-00108-g142bbdf #1
[  494.604942] task: ffff88003282a000 task.stack: ffff880032834000
[  494.613761] RIP: 0010:__list_del_entry_valid+0x49/0x7c
[  494.621573] RSP: 0000:ffff880032837ca8 EFLAGS: 00010296
[  494.629416] RAX: 000000000000004e RBX: ffff88003e508a88 RCX: ffff88003282a608
[  494.639982] RDX: 0000000000000086 RSI: 0000000000000001 RDI: 0000000000000286
[  494.650514] RBP: ffff880032837ca8 R08: 0000000000000001 R09: 0000000000000000
[  494.661109] R10: ffff880032837c68 R11: ffffffff83b9f5c7 R12: ffff88003e4f1000
[  494.671774] R13: ffffffff82edc470 R14: 0000000000000000 R15: 00000000ecd70201
[  494.682428] FS:  0000000000000000(0000) GS:ffffffff82c41000(0000) knlGS:0000000000000000
[  494.694291] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  494.702753] CR2: 0000000000000000 CR3: 0000000002c17000 CR4: 00000000000006f0
[  494.713287] Call Trace:
[  494.717039]  blk_stat_remove_callback+0x22/0x75
[  494.723909]  wbt_exit+0x1d/0x3c
[  494.728640]  blk_unregister_queue+0x97/0xa8
[  494.734894]  del_gendisk+0x12f/0x1c8
[  494.743396]  ide_cd_remove+0x29/0x50
[  494.748357]  generic_ide_remove+0x20/0x27
[  494.754540]  driver_probe_device+0x178/0x322
[  494.761064]  ? driver_probe_device+0x322/0x322
[  494.767771]  __driver_attach+0x61/0x82
[  494.773114]  bus_for_each_dev+0x5a/0x82
[  494.780016]  driver_attach+0x19/0x1b
[  494.785975]  bus_add_driver+0xea/0x1ce
[  494.791753]  ? ide_gd_init+0x48/0x48
[  494.797518]  driver_register+0x83/0xba
[  494.803441]  ide_cdrom_init+0x27/0x48
[  494.809122]  do_one_initcall+0xc3/0x22d
[  494.814948]  ? parse_args+0x116/0x2a4
[  494.820692]  kernel_init_freeable+0x185/0x2ab
[  494.828010]  ? rest_init+0xba/0xba
[  494.835039]  kernel_init+0x9/0xe1
[  494.841978]  ret_from_fork+0x2c/0x40
[  494.847905] Code: 89 c2 48 c7 c7 26 5d 8d 82 e8 1f 5e c9 ff 0f 0b 48 b9 00 02 00 00 00 00 ad de 48 39 ca 75 0e 48 c7 c7 5c 5d 8d 82 e8 02 5e c9 ff <0f> 0b 48 8b 12 48 39 d7 74 0e 48 c7 c7 92 5d 8d 82 e8 ec 5d c9 
[  494.882066] RIP: __list_del_entry_valid+0x49/0x7c RSP: ffff880032837ca8
[  494.897715] ---[ end trace b636e6b0676c11d3 ]---


To reproduce:

        git clone https://github.com/01org/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Xiaolong

View attachment "config-4.11.0-rc3-00108-g142bbdf" of type "text/plain" (109945 bytes)

View attachment "job-script" of type "text/plain" (6396 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (12600 bytes)

Powered by blists - more mailing lists