kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #10147
[Bug 1037115] Re: BUG: unable to handle kernel NULL pointer dereference at 00000000000000e0; RIP: 0010:[<ffffffffa032b270>] [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
I think you are looking for this patch (kernel 3.7;
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=220329916c72ee3d54ae7262b215a050f04a18fc):
commit 220329916c72ee3d54ae7262b215a050f04a18fc
Author: Bart Van Assche <bvanassche@xxxxxxx>
Date: Tue Aug 14 13:18:53 2012 +0000
IB/srp: Fix a race condition
Avoid a crash caused by the scmnd->scsi_done(scmnd) call in
srp_process_rsp() being invoked with scsi_done == NULL. This can
happen if a reply is received during or after a command abort.
Reported-by: Joseph Glanville <joseph.glanville@xxxxxxxxxxxxxx>
Reference: http://marc.info/?l=linux-rdma&m=134314367801595
Cc: <stable@xxxxxxxxxxxxxxx>
Acked-by: David Dillow <dillowda@xxxxxxxx>
Signed-off-by: Bart Van Assche <bvanassche@xxxxxxx>
Signed-off-by: Roland Dreier <roland@xxxxxxxxxxxxxxx>
** Tags removed: needs-upstream-testing
** Tags added: kernel-fixed-upstream-v3.7
** Tags added: kernel-fixed-upstream
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1037115
Title:
BUG: unable to handle kernel NULL pointer dereference at
00000000000000e0; RIP: 0010:[<ffffffffa032b270>] [<ffffffffa032b270>]
srp_process_rsp+0x50/0x170 [ib_srp]
Status in “linux” package in Ubuntu:
Confirmed
Bug description:
How to reproduce:
1. Install ib_srpt r4468 from the SCST trunk on a target system.
2. On an initiator system connected via InfiniBand to the target system, install Ubuntu 12.04.
3. Run the following commands on the initiator system (where the login string must be modified according to the target login details):
modprobe ib_srp
for ((i=0;i<100;i++)); do echo -n "$i "; echo 'id_ext=0002c9030005f34e,ioc_guid=0002c9030005f34e,dgid=fe800000000000000002c9030005f350,pkey=ffff,service_id=0002c9030005f34e' >/sys/class/infiniband_srp/srp-mlx4_0-1/add_target; done
Initiator details:
# lsb_release -rd
Description: Ubuntu 12.04.1 LTS
Release: 12.04
# cat /proc/version_signature
Ubuntu 3.2.0-29.46-generic 3.2.24
Resulting kernel messages:
[ 2428.880007] scsi host51: ib_srp: connection closed
[ 2428.880015] scsi host64: ib_srp: connection closed
[ 2428.881570] scsi host107: Null scmnd for RSP w/tag 0000000000000019
[ 2428.882380] BUG: unable to handle kernel NULL pointer dereference at 00000000000000e0
[ 2428.883210] IP: [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] PGD 1b116d067 PUD 1b45a3067 PMD 0
[ 2428.884001] Oops: 0002 [#1] SMP
[ 2428.884001] CPU 1
[ 2428.884001] Modules linked in: netconsole configfs ib_srp scsi_transport_srp scsi_tgt ib_uverbs ib_umad ib_ipoib ib_cm ib_sa mlx4_ib ib_mad ib_core snd_hda_codec_hdmi radeon snd_hda_codec_analog ttm snd_hda_intel snd_hda_codec lp drm_kms_helper psmouse drm snd_hwdep snd_pcm i2c_algo_bit serio_raw snd_timer snd mac_hid asus_atk0110 parport soundcore snd_page_alloc firewire_ohci usbhid sky2 floppy hid firewire_core crc_itu_t skge pata_marvell mlx4_core
[ 2428.884001]
[ 2428.884001] Pid: 3488, comm: kworker/1:6 Not tainted 3.2.0-29-generic #46-Ubuntu System manufacturer P5Q DELUXE/P5Q DELUXE
[ 2428.884001] RIP: 0010:[<ffffffffa032b270>] [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] RSP: 0018:ffff8801bfc83d28 EFLAGS: 00010096
[ 2428.884001] RAX: 0000000000000002 RBX: ffff88017cf48000 RCX: ffffffff81e1fbb6
[ 2428.884001] RDX: 0000000000000000 RSI: 0000000000000086 RDI: 0000000000000046
[ 2428.884001] RBP: ffff8801bfc83d48 R08: 0000000000000000 R09: 0000000000000000
[ 2428.884001] R10: ffff8801b1d29000 R11: 0000000000000000 R12: 0000000000000000
[ 2428.884001] R13: ffff88017ce52690 R14: ffff88017ce532f0 R15: 0000000000000000
[ 2428.884001] FS: 0000000000000000(0000) GS:ffff8801bfc80000(0000) knlGS:0000000000000000
[ 2428.884001] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 2428.884001] CR2: 00000000000000e0 CR3: 00000001b26db000 CR4: 00000000000406e0
[ 2428.884001] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2428.884001] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 2428.904005] scsi host55: ib_srp: connection closed
[ 2428.884001] Process kworker/1:6 (pid: 3488, threadinfo ffff88017defe000, task ffff88017de39700)
[ 2428.884001] Stack:
[ 2428.884001] ffff88017ce52690 ffff88017d1db480 ffff8801b1a9e000 ffff8801b0d4f600
[ 2428.884001] ffff8801bfc83dc8 ffffffffa032cd2a 0000000000000082 0000000000000001
[ 2428.884001] ffff8801bfc83dc8 ffffffffa01f07c1 ffff880100000000 0000000000000082
[ 2428.912006] scsi host74: ib_srp: connection closed
[ 2428.884001] Call Trace:
[ 2428.884001] <IRQ>
[ 2428.884001] [<ffffffffa032cd2a>] srp_handle_recv.isra.22+0x17a/0x2c0 [ib_srp]
[ 2428.884001] [<ffffffffa01f07c1>] ? mlx4_ib_poll_cq+0x81/0xd0 [mlx4_ib]
[ 2428.884001] [<ffffffff810829b5>] ? __queue_work+0xe5/0x320
[ 2428.884001] [<ffffffffa032ceb3>] srp_recv_completion+0x43/0xb0 [ib_srp]
[ 2428.884001] [<ffffffffa01ef517>] mlx4_ib_cq_comp+0x17/0x20 [mlx4_ib]
[ 2428.884001] [<ffffffffa0002461>] mlx4_cq_completion+0x41/0x80 [mlx4_core]
[ 2428.884001] [<ffffffffa0002d34>] mlx4_eq_int+0x224/0x280 [mlx4_core]
[ 2428.884001] [<ffffffffa0002da4>] mlx4_msi_x_interrupt+0x14/0x20 [mlx4_core]
[ 2428.884001] [<ffffffff810d88f5>] handle_irq_event_percpu+0x55/0x220
[ 2428.884001] [<ffffffff8106e4fd>] ? __do_softirq+0xfd/0x210
[ 2428.884001] [<ffffffff810d8b11>] handle_irq_event+0x51/0x80
[ 2428.884001] [<ffffffff810dbc67>] handle_edge_irq+0x87/0x140
[ 2428.884001] [<ffffffff81015282>] handle_irq+0x22/0x40
[ 2428.884001] [<ffffffff816649da>] do_IRQ+0x5a/0xe0
[ 2428.884001] [<ffffffff81659d6e>] common_interrupt+0x6e/0x6e
[ 2428.884001] <EOI>
[ 2428.884001] [<ffffffff8106780f>] ? vprintk+0x1ef/0x4a0
[ 2428.884001] [<ffffffffa02d8c10>] ? cm_rej_handler+0x210/0x210 [ib_cm]
[ 2428.884001] [<ffffffff8164102c>] printk+0x51/0x53
[ 2428.884001] [<ffffffff813f1b7f>] __dev_printk+0x4f/0x90
[ 2428.884001] [<ffffffff813f1f15>] dev_printk+0x45/0x50
[ 2428.884001] [<ffffffffa032d9b3>] srp_cm_handler+0x183/0x1a0 [ib_srp]
[ 2428.884001] [<ffffffffa02d6ae7>] cm_process_work+0x27/0x140 [ib_cm]
[ 2428.884001] [<ffffffffa02d27f4>] ? cm_get_id+0x24/0x50 [ib_cm]
[ 2428.884001] [<ffffffffa02d8c10>] ? cm_rej_handler+0x210/0x210 [ib_cm]
[ 2428.884001] [<ffffffffa02d7ef3>] cm_timewait_handler+0x153/0x1b0 [ib_cm]
[ 2428.884001] [<ffffffffa02d8d45>] cm_work_handler+0x135/0x1dc [ib_cm]
[ 2428.884001] [<ffffffff810849ea>] process_one_work+0x11a/0x480
[ 2428.884001] [<ffffffff81085794>] worker_thread+0x164/0x370
[ 2428.884001] [<ffffffff81085630>] ? manage_workers.isra.29+0x130/0x130
[ 2428.884001] [<ffffffff81089fbc>] kthread+0x8c/0xa0
[ 2428.884001] [<ffffffff81664034>] kernel_thread_helper+0x4/0x10
[ 2428.884001] [<ffffffff81089f30>] ? flush_kthread_worker+0xa0/0xa0
[ 2428.884001] [<ffffffff81664030>] ? gs_change+0x13/0x13
[ 2428.884001] Code: 89 f3 f7 c1 00 00 00 80 0f 85 e5 00 00 00 48 8d 04 c9 4c 8d b4 c7 58 05 00 00 4d 8b 66 10 4d 85 e4 0f 84 a4 00 00 00 0f b6 43 13 <41> 89 84 24 e0 00 00 00 0f b6 43 12 a8 02 74 30 8b 43 1c 8b 4b
[ 2428.884001] RIP [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] RSP <ffff8801bfc83d28>
[ 2428.884001] CR2: 00000000000000e0
---
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu12
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/controlC1', '/dev/snd/hwC1D0', '/dev/snd/pcmC1D3p', '/dev/snd/controlC0', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/pcmC0D1c', '/dev/snd/pcmC0D1p', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info: Error: [Errno 2] No such file or directory
Card0.Amixer.values: Error: [Errno 2] No such file or directory
Card1.Amixer.info: Error: [Errno 2] No such file or directory
Card1.Amixer.values: Error: [Errno 2] No such file or directory
CurrentDmesg: [ 24.240005] eth0: no IPv6 routers present
DistroRelease: Ubuntu 12.04
HibernationDevice: RESUME=UUID=ed6b25d1-0e71-46ec-aae4-502e9ce1cc58
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
IwConfig:
lo no wireless extensions.
eth1 no wireless extensions.
eth0 no wireless extensions.
MachineType: System manufacturer P5Q DELUXE
Package: linux (not installed)
ProcEnviron:
LANGUAGE=en_US:en
TERM=xterm
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcFB: 0 radeondrmfb
ProcKernelCmdLine: root=UUID=45d4f579-9322-4eb0-beda-52b28e754ef3 ro quiet
ProcVersionSignature: Ubuntu 3.2.0-29.46-generic 3.2.24
RelatedPackageVersions:
linux-restricted-modules-3.2.0-29-generic N/A
linux-backports-modules-3.2.0-29-generic N/A
linux-firmware 1.79
RfKill: Error: [Errno 2] No such file or directory
Tags: precise
Uname: Linux 3.2.0-29-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
dmi.bios.date: 07/10/2009
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 2301
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P5Q DELUXE
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr2301:bd07/10/2009:svnSystemmanufacturer:pnP5QDELUXE:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5QDELUXE:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
dmi.product.name: P5Q DELUXE
dmi.product.version: System Version
dmi.sys.vendor: System manufacturer
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1037115/+subscriptions