FYI, we noticed the following commit (built with gcc-7):
commit: ae86a1c5530b52dc44a280e78feb0c4eb2dd8595 ("[PATCH V2 2/2] scsi: implement .cleanup_rq callback") url: https://github.com/0day-ci/linux/commits/Ming-Lei/blk-mq-add-callback-of-cle...
in testcase: blktests with following parameters:
disk: 1SSD test: block-group1
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 4G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+---------------------------------------------------------------------------------------------------------------+------------+------------+ | | bd222ca85f | ae86a1c553 | +---------------------------------------------------------------------------------------------------------------+------------+------------+ | boot_successes | 0 | 0 | | boot_failures | 11 | 14 | | BUG:kernel_reboot-without-warning_in_test_stage | 11 | 1 | | BUG:kernel_NULL_pointer_dereference,address | 0 | 4 | | Oops:#[##] | 0 | 4 | | RIP:scsi_queue_rq | 0 | 4 | | Kernel_panic-not_syncing:Fatal_exception | 0 | 4 | | invoked_oom-killer:gfp_mask=0x | 0 | 9 | | Mem-Info | 0 | 9 | | page_allocation_failure:order:#,mode:#(GFP_KERNEL|__GFP_RETRY_MAYFAIL),nodemask=(null),cpuset=/,mems_allowed= | 0 | 2 | +---------------------------------------------------------------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag Reported-by: kernel test robot rong.a.chen@intel.com
[ 140.974865] BUG: kernel NULL pointer dereference, address: 000000000000001c [ 141.013422] #PF: supervisor read access in kernel mode [ 141.034814] #PF: error_code(0x0000) - not-present page [ 141.042285] sd 6:0:0:0: [sdo] Write cache: enabled, read cache: enabled, supports DPO and FUA [ 141.049589] PGD 0 P4D 0 [ 141.049616] Oops: 0000 [#1] SMP PTI [ 141.049621] CPU: 1 PID: 384 Comm: kworker/1:1H Not tainted 5.2.0-gae86a1c5530b52 #1 [ 141.049623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014 [ 141.049654] Workqueue: kblockd blk_mq_run_work_fn [ 141.049684] RIP: 0010:scsi_queue_rq+0x267/0xa80 [ 141.049688] Code: b0 07 00 00 8d 4a fa 83 f9 01 0f 86 80 05 00 00 83 fa 04 0f 84 77 05 00 00 c7 83 2c 01 00 00 00 00 07 00 48 8b 93 30 02 00 00 <f6> 42 1c 80 0f 84 1d ff ff ff 48 8b 3c 24 88 44 24 08 e8 22 f5 ff [ 141.049690] RSP: 0000:ffffab02c078fd00 EFLAGS: 00010297 [ 141.049713] RAX: 000000000000000a RBX: ffff92fe394b1200 RCX: 00000000fffffffd [ 141.145130] sd 6:0:0:0: [sdo] Optimal transfer size 524288 bytes [ 141.161078] RDX: 0000000000000000 RSI: ffffab02c078fd90 RDI: ffff92fe3971f400 [ 141.161080] RBP: ffff92fe39721000 R08: 00000000000003c0 R09: 8080808080808080 [ 141.161082] R10: ffffab02c0373858 R11: fefefefefefefeff R12: ffff92fe3971f400 [ 141.161084] R13: 0000000000000000 R14: ffff92fe3ef93918 R15: ffff92fe3946a800 [ 141.161108] FS: 0000000000000000(0000) GS:ffff92feffd00000(0000) knlGS:0000000000000000 [ 141.161110] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.161111] CR2: 000000000000001c CR3: 000000007f2ec000 CR4: 00000000000006e0 [ 141.161143] Call Trace: [ 141.548583] blk_mq_dispatch_rq_list+0x3c3/0x5c0 [ 141.563298] ? syscall_return_via_sysret+0x10/0x7f [ 141.577641] ? __switch_to_asm+0x40/0x70 [ 141.603426] ? elv_rb_del+0x1f/0x30 [ 141.615379] ? deadline_remove_request+0x55/0xc0 [ 141.631520] blk_mq_do_dispatch_sched+0x76/0x120 [ 141.647829] blk_mq_sched_dispatch_requests+0x100/0x170 [ 141.667954] __blk_mq_run_hw_queue+0x60/0x130 [ 141.697797] process_one_work+0x19c/0x3b0 [ 141.714051] worker_thread+0x3c/0x3b0 [ 141.735158] ? process_one_work+0x3b0/0x3b0 [ 141.748670] kthread+0x11e/0x140 [ 141.761030] ? kthread_park+0xa0/0xa0 [ 141.784865] ret_from_fork+0x35/0x40 [ 141.804669] Modules linked in: scsi_debug loop sr_mod cdrom sd_mod sg intel_rapl_msr ppdev bochs_drm drm_vram_helper ata_generic ttm pata_acpi drm_kms_helper syscopyarea sysfillrect sysimgblt snd_pcm fb_sys_fops snd_timer snd intel_rapl_common crc32c_intel soundcore joydev ata_piix pcspkr drm serio_raw virtio_scsi libata i2c_piix4 floppy parport_pc parport ip_tables [ 141.928554] CR2: 000000000000001c [ 141.944180] ---[ end trace 9f0c0bf804097727 ]---
To reproduce:
# build kernel cd linux cp config-5.2.0-gae86a1c5530b52 .config make HOSTCC=gcc-7 CC=gcc-7 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git cd lkp-tests bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks, Rong Chen