Re: [bug report] BUG: kernel NULL pointer dereference, address: 0000000000000048

All the mail mirrored from lore.kernel.org
 help / color / mirror / Atom feed

From: Guangwu Zhang <guazhang@redhat.com>
To: Yu Kuai <yukuai1@huaweicloud.com>, Jens Axboe <axboe@kernel.dk>
Cc: linux-block@vger.kernel.org, io-uring@vger.kernel.org,
	Jeff Moyer <jmoyer@redhat.com>, Ming Lei <ming.lei@redhat.com>,
	"yukuai (C)" <yukuai3@huawei.com>
Subject: Re: [bug report] BUG: kernel NULL pointer dereference, address: 0000000000000048
Date: Wed, 10 May 2023 12:52:47 +0800	[thread overview]
Message-ID: <CAGS2=Yob_Ud9A-aTu5hQt8+kW4cyrLX12hNJTrRkJYigFT-AmA@mail.gmail.com> (raw)
In-Reply-To: <007af59f-4f4c-f779-a1b6-aaa81ff640b3@huaweicloud.com>

HI,
after applying your patch[1], the system will panic after reboot.

  OK  ] Finished Coldplug All udev Devices.
[  OK  ] Reached target Network.
         Starting dracut initqueue hook...
[    4.675720] list_add double add: new=ffff90b056320a48,
prev=ffffa4f685f43a70, next=ffff90b056320a48.
[    4.684931] ------------[ cut here ]------------
[    4.689578] kernel BUG at lib/list_debug.c:33!
[    4.694053] invalid opcode: 0000 [#1] PREEMPT SMP PTI
[    4.699134] CPU: 14 PID: 706 Comm: systemd-udevd Not tainted 6.4.0-rc1+ #2
[    4.706049] Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380
Gen10, BIOS U30 06/20/2018
[    4.714621] RIP: 0010:__list_add_valid+0x8b/0x90
[    4.719271] Code: d1 4c 89 c6 4c 89 ca 48 c7 c7 78 d1 bb 99 e8 cc
56 b6 ff 0f 0b 48 89 f2 4c 89 c1 48 89 fe 48 c7 c7 d0 d1 bb 99 e8 b5
56 b6 ff <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 48
[    4.738150] RSP: 0018:ffffa4f685f43a48 EFLAGS: 00010246
[    4.743405] RAX: 0000000000000058 RBX: ffff90b056320a00 RCX: 0000000000000000
[    4.750578] RDX: 0000000000000000 RSI: ffff90b76fb9f840 RDI: ffff90b76fb9f840
[    4.757752] RBP: ffffa4f685f43a68 R08: 0000000000000000 R09: 00000000ffff7fff
[    4.764925] R10: ffffa4f685f43900 R11: ffffffff9a1e6888 R12: ffffa4f685f43b78
[    4.772100] R13: ffffa4f685f43a70 R14: ffff90b38a035800 R15: ffff90b056320a48
[    4.779275] FS:  00007fea88741540(0000) GS:ffff90b76fb80000(0000)
knlGS:0000000000000000
[    4.787411] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    4.793189] CR2: 00007fff014ba608 CR3: 0000000449ed4006 CR4: 00000000007706e0
[    4.800362] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[    4.807536] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[    4.814710] PKRU: 55555554
[    4.817429] Call Trace:
[    4.819887]  <TASK>
[    4.821995]  blk_mq_dispatch_plug_list+0x112/0x320
[    4.826820]  blk_mq_flush_plug_list+0x43/0x190
[    4.831289]  __blk_flush_plug+0x102/0x160
[    4.835325]  blk_finish_plug+0x25/0x40
[    4.839095]  read_pages+0x19a/0x220
[    4.842606]  page_cache_ra_unbounded+0x137/0x180
[    4.847250]  force_page_cache_ra+0xc5/0xf0
[    4.851369]  filemap_get_pages+0xf9/0x360
[    4.855406]  filemap_read+0xc5/0x320
[    4.859001]  ? generic_fillattr+0x45/0xf0
[    4.863036]  ? _copy_to_user+0x20/0x40
[    4.866808]  ? cp_new_stat+0x150/0x180
[    4.870579]  blkdev_read_iter+0xaf/0x170
[    4.874524]  vfs_read+0x1b5/0x2d0
[    4.877860]  ksys_read+0x5f/0xe0
[    4.881107]  do_syscall_64+0x59/0x90
[    4.884706]  ? exc_page_fault+0x65/0x150
[    4.888653]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[    4.893737] RIP: 0033:0x7fea8934eaf2

[1] https://lore.kernel.org/linux-block/007af59f-4f4c-f779-a1b6-aaa81ff640b3@huaweicloud.com/


> diff --git a/block/blk-mq.c b/block/blk-mq.c
> index f6dad0886a2f..bd94d8a5416f 100644
> --- a/block/blk-mq.c
> +++ b/block/blk-mq.c
> @@ -2712,6 +2712,7 @@ static void blk_mq_dispatch_plug_list(struct
> blk_plug *plug, bool from_sched)
>          struct request **requeue_lastp = &requeue_list;
>          unsigned int depth = 0;
>          LIST_HEAD(list);
> +       LIST_HEAD(passthrough_list);
>
>          do {
>                  struct request *rq = rq_list_pop(&plug->mq_list);
> @@ -2723,7 +2724,10 @@ static void blk_mq_dispatch_plug_list(struct
> blk_plug *plug, bool from_sched)
>                          rq_list_add_tail(&requeue_lastp, rq);
>                          continue;
>                  }
> -               list_add(&rq->queuelist, &list);
> +               if (blk_rq_is_passthrough(rq))
> +                       list_add(&rq->queuelist, &passthrough_list);
> +               else
> +                       list_add(&rq->queuelist, &list);
>                  depth++;
>          } while (!rq_list_empty(plug->mq_list));
>
> @@ -2731,6 +2735,9 @@ static void blk_mq_dispatch_plug_list(struct
> blk_plug *plug, bool from_sched)
>          trace_block_unplug(this_hctx->queue, depth, !from_sched);
>
>          percpu_ref_get(&this_hctx->queue->q_usage_counter);
> +       if (!list_empty(&passthrough_list))
> +               blk_mq_insert_requests(this_hctx, this_ctx,
> &passthrough_list,
> +                                      from_sched);
>          if (this_hctx->queue->elevator) {
>
> this_hctx->queue->elevator->type->ops.insert_requests(this_hctx,
>                                  &list, 0);
>
> Thanks,
> Kuai
>


-- 

Guangwu Zhang, RHCE, ISTQB, ITIL

Quality Engineer, Kernel Storage QE

Red Hat

     prev parent reply	other threads:[~2023-05-10  4:52 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-10  0:49 [bug report] BUG: kernel NULL pointer dereference, address: 0000000000000048 Guangwu Zhang
2023-05-10  1:29 ` Yu Kuai
2023-05-10  1:49   ` Yu Kuai
2023-05-10  2:00     ` Yu Kuai
2023-05-10  2:17       ` Jens Axboe
2023-05-10  3:20         ` Yu Kuai
     [not found]           ` <CAGS2=YocNy9PkgRzzRdHAK1gGdjMxzA--PYS=sPrX_nCe4U6QA@mail.gmail.com>
2023-05-10  6:39             ` Ming Lei
2023-05-10  6:55               ` Yu Kuai
2023-05-10 12:08               ` Guangwu Zhang
2023-05-10  4:52       ` Guangwu Zhang [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAGS2=Yob_Ud9A-aTu5hQt8+kW4cyrLX12hNJTrRkJYigFT-AmA@mail.gmail.com' \
    --to=guazhang@redhat.com \
    --cc=axboe@kernel.dk \
    --cc=io-uring@vger.kernel.org \
    --cc=jmoyer@redhat.com \
    --cc=linux-block@vger.kernel.org \
    --cc=ming.lei@redhat.com \
    --cc=yukuai1@huaweicloud.com \
    --cc=yukuai3@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.