* Regression of next-20211019
[not found] <CGME20211020073900epcas2p402043934d4ca8f04113bc5ce50d2f596@epcas2p4.samsung.com>
@ 2021-10-20 7:39 ` Chanho Park
2021-10-20 8:07 ` Marek Szyprowski
0 siblings, 1 reply; 3+ messages in thread
From: Chanho Park @ 2021-10-20 7:39 UTC (permalink / raw)
To: axboe; +Cc: sfr, linux-block, linux-next
Hi,
I found a NULL pointer dereference on next-20211019. It might be a
regression since next-20211015.
So, I did "git bisect" and found below commit. Are you already aware of
this?
$ git bisect bad
2ff0682da6e09c1e0db63a2d2abcd4efb531c8db is the first bad commit
commit 2ff0682da6e09c1e0db63a2d2abcd4efb531c8db
Author: Jens Axboe <axboe@kernel.dk>
Date: Fri Oct 15 09:44:38 2021 -0600
block: store elevator state in request
Add an rq private RQF_ELV flag, which tells the block layer that this
request was initialized on a queue that has an IO scheduler attached.
This allows for faster checking in the fast path, rather than having to
deference rq->q later on.
Elevator switching does full quiesce of the queue before detaching an
IO scheduler, so it's safe to cache this in the request itself.
Signed-off-by: Jens Axboe <axboe@kernel.dk>
block/blk-mq-sched.h | 27 ++++++++++++++++-----------
block/blk-mq.c | 20 +++++++++++---------
include/linux/blk-mq.h | 2 ++
3 files changed, 29 insertions(+), 20 deletions(-)
[ 1.908677] BUG: kernel NULL pointer dereference, address:
000000000000000f
[ 1.911614] #PF: supervisor read access in kernel mode
[ 1.913748] #PF: error_code(0x0000) - not-present page
[ 1.916034] PGD 0 P4D 0
[ 1.917125] Oops: 0000 [#1] SMP PTI
[ 1.918638] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 5.15.0-rc6+ #14
[ 1.921381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.0-0-ga698c8995f-prebuilt.qemu.org 04/01/2014
[ 1.925974] RIP: 0010:blk_mq_free_request+0x3f/0x140
[ 1.928272] Code: 47 1c 00 10 40 00 74 36 49 8b 44 24 08 48 8b 00 48 8b
40 68 48 85 c0 74 05 e8 2d 14 a3 00 48 8b 85 b8 00 00 00 48 85 c0 74 14 <48>
8b 78 08 e8 28 9f ff ff 48 c7 85 b8 00 00 00 00 00 00 00 8b 55
[ 1.936950] RSP: 0000:ffffb5f5c010ce70 EFLAGS: 00010002
[ 1.939287] RAX: 0000000000000007 RBX: ffff981afbdaed80 RCX:
000000000002eec8
[ 1.941312] RDX: ffff981ac0314c00 RSI: 00000000fffb72c8 RDI:
ffff981ac02e6300
[ 1.943345] RBP: ffff981ac02e6300 R08: 000000000000006d R09:
ffff981ac02e6300
[ 1.944984] R10: 0000000000000008 R11: 000000006cdbb244 R12:
ffff981ac1148000
[ 1.946545] R13: ffff981ac10c6400 R14: ffff981ac03c6528 R15:
ffff981ac03c64e0
[ 1.948372] FS: 0000000000000000(0000) GS:ffff981afbd80000(0000)
knlGS:0000000000000000
[ 1.949867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.950892] CR2: 000000000000000f CR3: 000000005060c000 CR4:
00000000000006e0
[ 1.952145] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 1.953406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 1.954713] Call Trace:
[ 1.955093] <IRQ>
[ 1.955406] blk_flush_complete_seq+0x223/0x2b0
[ 1.956096] flush_end_io+0x18f/0x250
[ 1.956643] scsi_end_request+0x7d/0xf0
[ 1.957238] scsi_io_completion+0x12b/0x570
[ 1.957868] blk_complete_reqs+0x3b/0x50
[ 1.958472] __do_softirq+0xd4/0x27f
[ 1.958999] irq_exit_rcu+0x69/0x90
[ 1.959460] sysvec_call_function_single+0x6a/0x90
[ 1.960085] </IRQ>
[ 1.960367] asm_sysvec_call_function_single+0x12/0x20
[ 1.961036] RIP: 0010:default_idle+0xb/0x10
[ 1.961581] Code: 85 c9 fe ff ff c6 43 08 00 fb eb 88 48 89 df e8 eb 44
92 ff eb ca e8 04 8c ff ff cc cc cc cc eb 07 0f 00 2d ff ad 46 00 fb f4 <c3>
0f 1f 40 00 65 48 8b 04 25 00 6d 01 00 f0 80 48 02 20 48 8b 10
[ 1.963958] RSP: 0000:ffffb5f5c007fee8 EFLAGS: 00000206
[ 1.964749] RAX: ffffffff8d99b6c0 RBX: 0000000000000003 RCX:
0000000000000001
[ 1.965553] RDX: ffff981afbda64a0 RSI: 0000000000000083 RDI:
0000000000000fd8
[ 1.966397] RBP: ffff981ac0203600 R08: 0000000000000fd7 R09:
0000000000000001
[ 1.967208] R10: ffff981afbda5740 R11: 0000000000000800 R12:
ffff981ac0203600
[ 1.968012] R13: ffff981ac0203600 R14: 0000000000000000 R15:
0000000000000000
[ 1.968818] ? __sched_text_end+0x4/0x4
[ 1.969211] ? __sched_text_end+0x4/0x4
[ 1.969608] default_idle_call+0x2c/0xa0
[ 1.970009] do_idle+0x1d9/0x230
[ 1.970352] cpu_startup_entry+0x14/0x20
[ 1.970764] secondary_startup_64_no_verify+0xc2/0xcb
[ 1.971287] Modules linked in:
[ 1.971605] CR2: 000000000000000f
[ 1.971951] ---[ end trace 1d285559d26682a4 ]---
[ 1.972422] RIP: 0010:blk_mq_free_request+0x3f/0x140
[ 1.972917] Code: 47 1c 00 10 40 00 74 36 49 8b 44 24 08 48 8b 00 48 8b
40 68 48 85 c0 74 05 e8 2d 14 a3 00 48 8b 85 b8 00 00 00 48 85 c0 74 14 <48>
8b 78 08 e8 28 9f ff ff 48 c7 85 b8 00 00 00 00 00 00 00 8b 55
[ 1.975093] RSP: 0000:ffffb5f5c010ce70 EFLAGS: 00010002
[ 1.975650] RAX: 0000000000000007 RBX: ffff981afbdaed80 RCX:
000000000002eec8
[ 1.976411] RDX: ffff981ac0314c00 RSI: 00000000fffb72c8 RDI:
ffff981ac02e6300
[ 1.977184] RBP: ffff981ac02e6300 R08: 000000000000006d R09:
ffff981ac02e6300
[ 1.977931] R10: 0000000000000008 R11: 000000006cdbb244 R12:
ffff981ac1148000
[ 1.978790] R13: ffff981ac10c6400 R14: ffff981ac03c6528 R15:
ffff981ac03c64e0
[ 1.979577] FS: 0000000000000000(0000) GS:ffff981afbd80000(0000)
knlGS:0000000000000000
[ 1.980391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.981011] CR2: 000000000000000f CR3: 000000005060c000 CR4:
00000000000006e0
[ 1.981916] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 1.982643] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 1.983365] Kernel panic - not syncing: Fatal exception in interrupt
[ 1.984122] Kernel Offset: 0xbe00000 from 0xffffffff81000000 (relocation
range: 0xffffffff80000000-0xffffffffbfffffff)
[ 1.985243] ---[ end Kernel panic - not syncing: Fatal exception in
interrupt ]---
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Regression of next-20211019
2021-10-20 7:39 ` Regression of next-20211019 Chanho Park
@ 2021-10-20 8:07 ` Marek Szyprowski
2021-10-20 8:18 ` Chanho Park
0 siblings, 1 reply; 3+ messages in thread
From: Marek Szyprowski @ 2021-10-20 8:07 UTC (permalink / raw)
To: Chanho Park, axboe; +Cc: sfr, linux-block, linux-next
Hi Chanho,
On 20.10.2021 09:39, Chanho Park wrote:
> Hi,
>
> I found a NULL pointer dereference on next-20211019. It might be a
> regression since next-20211015.
> So, I did "git bisect" and found below commit. Are you already aware of
> this?
I also found this issue in yesterday's linux-next. Then I found that is
has been already fixed by this patch:
https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git/commit/?h=for-next&id=3039417eec780c6bbb119ae5598fdca2d4a957ec
so I decided that there is no point in reporting it.
In today's linux-next it has been fixed by the commit
https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git/commit/?h=for-next&id=e70feb8b3e6886c525c88943b5f1508d02f5a683
> $ git bisect bad
> 2ff0682da6e09c1e0db63a2d2abcd4efb531c8db is the first bad commit
> commit 2ff0682da6e09c1e0db63a2d2abcd4efb531c8db
> Author: Jens Axboe <axboe@kernel.dk>
> Date: Fri Oct 15 09:44:38 2021 -0600
>
> block: store elevator state in request
>
> Add an rq private RQF_ELV flag, which tells the block layer that this
> request was initialized on a queue that has an IO scheduler attached.
> This allows for faster checking in the fast path, rather than having to
> deference rq->q later on.
>
> Elevator switching does full quiesce of the queue before detaching an
> IO scheduler, so it's safe to cache this in the request itself.
>
> Signed-off-by: Jens Axboe <axboe@kernel.dk>
>
> block/blk-mq-sched.h | 27 ++++++++++++++++-----------
> block/blk-mq.c | 20 +++++++++++---------
> include/linux/blk-mq.h | 2 ++
> 3 files changed, 29 insertions(+), 20 deletions(-)
>
>
> [ 1.908677] BUG: kernel NULL pointer dereference, address:
> 000000000000000f
> [ 1.911614] #PF: supervisor read access in kernel mode
> [ 1.913748] #PF: error_code(0x0000) - not-present page
> [ 1.916034] PGD 0 P4D 0
> [ 1.917125] Oops: 0000 [#1] SMP PTI
> [ 1.918638] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 5.15.0-rc6+ #14
> [ 1.921381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> rel-1.12.0-0-ga698c8995f-prebuilt.qemu.org 04/01/2014
> [ 1.925974] RIP: 0010:blk_mq_free_request+0x3f/0x140
> [ 1.928272] Code: 47 1c 00 10 40 00 74 36 49 8b 44 24 08 48 8b 00 48 8b
> 40 68 48 85 c0 74 05 e8 2d 14 a3 00 48 8b 85 b8 00 00 00 48 85 c0 74 14 <48>
> 8b 78 08 e8 28 9f ff ff 48 c7 85 b8 00 00 00 00 00 00 00 8b 55
> [ 1.936950] RSP: 0000:ffffb5f5c010ce70 EFLAGS: 00010002
> [ 1.939287] RAX: 0000000000000007 RBX: ffff981afbdaed80 RCX:
> 000000000002eec8
> [ 1.941312] RDX: ffff981ac0314c00 RSI: 00000000fffb72c8 RDI:
> ffff981ac02e6300
> [ 1.943345] RBP: ffff981ac02e6300 R08: 000000000000006d R09:
> ffff981ac02e6300
> [ 1.944984] R10: 0000000000000008 R11: 000000006cdbb244 R12:
> ffff981ac1148000
> [ 1.946545] R13: ffff981ac10c6400 R14: ffff981ac03c6528 R15:
> ffff981ac03c64e0
> [ 1.948372] FS: 0000000000000000(0000) GS:ffff981afbd80000(0000)
> knlGS:0000000000000000
> [ 1.949867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 1.950892] CR2: 000000000000000f CR3: 000000005060c000 CR4:
> 00000000000006e0
> [ 1.952145] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> 0000000000000000
> [ 1.953406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
> 0000000000000400
> [ 1.954713] Call Trace:
> [ 1.955093] <IRQ>
> [ 1.955406] blk_flush_complete_seq+0x223/0x2b0
> [ 1.956096] flush_end_io+0x18f/0x250
> [ 1.956643] scsi_end_request+0x7d/0xf0
> [ 1.957238] scsi_io_completion+0x12b/0x570
> [ 1.957868] blk_complete_reqs+0x3b/0x50
> [ 1.958472] __do_softirq+0xd4/0x27f
> [ 1.958999] irq_exit_rcu+0x69/0x90
> [ 1.959460] sysvec_call_function_single+0x6a/0x90
> [ 1.960085] </IRQ>
> [ 1.960367] asm_sysvec_call_function_single+0x12/0x20
> [ 1.961036] RIP: 0010:default_idle+0xb/0x10
> [ 1.961581] Code: 85 c9 fe ff ff c6 43 08 00 fb eb 88 48 89 df e8 eb 44
> 92 ff eb ca e8 04 8c ff ff cc cc cc cc eb 07 0f 00 2d ff ad 46 00 fb f4 <c3>
> 0f 1f 40 00 65 48 8b 04 25 00 6d 01 00 f0 80 48 02 20 48 8b 10
> [ 1.963958] RSP: 0000:ffffb5f5c007fee8 EFLAGS: 00000206
> [ 1.964749] RAX: ffffffff8d99b6c0 RBX: 0000000000000003 RCX:
> 0000000000000001
> [ 1.965553] RDX: ffff981afbda64a0 RSI: 0000000000000083 RDI:
> 0000000000000fd8
> [ 1.966397] RBP: ffff981ac0203600 R08: 0000000000000fd7 R09:
> 0000000000000001
> [ 1.967208] R10: ffff981afbda5740 R11: 0000000000000800 R12:
> ffff981ac0203600
> [ 1.968012] R13: ffff981ac0203600 R14: 0000000000000000 R15:
> 0000000000000000
> [ 1.968818] ? __sched_text_end+0x4/0x4
> [ 1.969211] ? __sched_text_end+0x4/0x4
> [ 1.969608] default_idle_call+0x2c/0xa0
> [ 1.970009] do_idle+0x1d9/0x230
> [ 1.970352] cpu_startup_entry+0x14/0x20
> [ 1.970764] secondary_startup_64_no_verify+0xc2/0xcb
> [ 1.971287] Modules linked in:
> [ 1.971605] CR2: 000000000000000f
> [ 1.971951] ---[ end trace 1d285559d26682a4 ]---
> [ 1.972422] RIP: 0010:blk_mq_free_request+0x3f/0x140
> [ 1.972917] Code: 47 1c 00 10 40 00 74 36 49 8b 44 24 08 48 8b 00 48 8b
> 40 68 48 85 c0 74 05 e8 2d 14 a3 00 48 8b 85 b8 00 00 00 48 85 c0 74 14 <48>
> 8b 78 08 e8 28 9f ff ff 48 c7 85 b8 00 00 00 00 00 00 00 8b 55
> [ 1.975093] RSP: 0000:ffffb5f5c010ce70 EFLAGS: 00010002
> [ 1.975650] RAX: 0000000000000007 RBX: ffff981afbdaed80 RCX:
> 000000000002eec8
> [ 1.976411] RDX: ffff981ac0314c00 RSI: 00000000fffb72c8 RDI:
> ffff981ac02e6300
> [ 1.977184] RBP: ffff981ac02e6300 R08: 000000000000006d R09:
> ffff981ac02e6300
> [ 1.977931] R10: 0000000000000008 R11: 000000006cdbb244 R12:
> ffff981ac1148000
> [ 1.978790] R13: ffff981ac10c6400 R14: ffff981ac03c6528 R15:
> ffff981ac03c64e0
> [ 1.979577] FS: 0000000000000000(0000) GS:ffff981afbd80000(0000)
> knlGS:0000000000000000
> [ 1.980391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 1.981011] CR2: 000000000000000f CR3: 000000005060c000 CR4:
> 00000000000006e0
> [ 1.981916] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> 0000000000000000
> [ 1.982643] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
> 0000000000000400
> [ 1.983365] Kernel panic - not syncing: Fatal exception in interrupt
> [ 1.984122] Kernel Offset: 0xbe00000 from 0xffffffff81000000 (relocation
> range: 0xffffffff80000000-0xffffffffbfffffff)
> [ 1.985243] ---[ end Kernel panic - not syncing: Fatal exception in
> interrupt ]---
>
>
Best regards
--
Marek Szyprowski, PhD
Samsung R&D Institute Poland
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: Regression of next-20211019
2021-10-20 8:07 ` Marek Szyprowski
@ 2021-10-20 8:18 ` Chanho Park
0 siblings, 0 replies; 3+ messages in thread
From: Chanho Park @ 2021-10-20 8:18 UTC (permalink / raw)
To: 'Marek Szyprowski', axboe; +Cc: sfr, linux-block, linux-next
Hi Marek,
> > I found a NULL pointer dereference on next-20211019. It might be a
> > regression since next-20211015.
> > So, I did "git bisect" and found below commit. Are you already aware
> > of this?
>
> I also found this issue in yesterday's linux-next. Then I found that is
> has been already fixed by this patch:
> https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-
> block.git/commit/?h=for-next&id=3039417eec780c6bbb119ae5598fdca2d4a957ec
> so I decided that there is no point in reporting it.
>
> In today's linux-next it has been fixed by the commit
> https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-
> block.git/commit/?h=for-next&id=e70feb8b3e6886c525c88943b5f1508d02f5a683
Great. It works for me. I should use today's version.
Best Regards,
Chanho Park
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-10-20 8:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <CGME20211020073900epcas2p402043934d4ca8f04113bc5ce50d2f596@epcas2p4.samsung.com>
2021-10-20 7:39 ` Regression of next-20211019 Chanho Park
2021-10-20 8:07 ` Marek Szyprowski
2021-10-20 8:18 ` Chanho Park
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).