[bvanassche:block-for-next] [scsi] a034ed36f6: BUG:kernel_NULL_pointer_dereference,address

kernel test robot <oliver.sang@xxxxxxxxx> · Mon, 14 Aug 2023 22:26:07 +0800

Hello,

kernel test robot noticed "BUG:kernel_NULL_pointer_dereference,address" on:

commit: a034ed36f6462d88aeb8738931398a34a0ecf5f8 ("scsi: core: Call .eh_prepare_resubmit() before resubmitting")
https://github.com/bvanassche/linux block-for-next

in testcase: boot

compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)

+---------------------------------------------+------------+------------+
|                                             | e4c5981e9c | a034ed36f6 |
+---------------------------------------------+------------+------------+
| boot_successes                              | 13         | 0          |
| boot_failures                               | 0          | 12         |
| BUG:kernel_NULL_pointer_dereference,address | 0          | 12         |
| Oops:#[##]                                  | 0          | 12         |
| RIP:scsi_call_prepare_resubmit              | 0          | 12         |
| Kernel_panic-not_syncing:Fatal_exception    | 0          | 12         |
+---------------------------------------------+------------+------------+

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202308142205.fe3e80ec-oliver.sang@xxxxxxxxx

[    4.517792][  T681] ata2: found unknown device (class 0)
[    4.519992][  T681] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[    4.525033][   T31] scsi 1:0:0:0: CD-ROM            QEMU     QEMU DVD-ROM     2.5+ PQ: 0 ANSI: 5
[    4.549819][  T681] BUG: kernel NULL pointer dereference, address: 00000000000000c0
[    4.551823][  T681] #PF: supervisor read access in kernel mode
[    4.553329][  T681] #PF: error_code(0x0000) - not-present page
[    4.553794][  T681] PGD 0 P4D 0
[    4.553794][  T681] Oops: 0000 [#1] PREEMPT SMP PTI
[    4.553794][  T681] CPU: 0 PID: 681 Comm: scsi_eh_1 Not tainted 6.5.0-rc5-00182-ga034ed36f646 #1
[    4.553794][  T681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[    4.553794][  T681] RIP: 0010:scsi_call_prepare_resubmit+0x8f/0x152
[    4.553794][  T681] Code: 8b 80 20 02 00 00 31 c0 f3 ab 48 8d 45 08 49 39 c5 74 17 48 8b 45 00 4c 3b 80 20 02 00 00 75 0a 48 8b 6d 08 48 83 ed 08 eb e0 <49> 83 b8
 c0 00 00 00 00 75 0d 48 8b 45 08 48 89 ee 48 8d 50 f8 eb
[    4.553794][  T681] RSP: 0000:ffffc90001307e00 EFLAGS: 00010246
[    4.553794][  T681] RAX: ffff888129413d80 RBX: ffff888129410000 RCX: 0000000000000000
[    4.553794][  T681] RDX: ffff888129413d78 RSI: ffff888129a8d0f0 RDI: ffffc90001307e10
[    4.553794][  T681] RBP: ffff888129413d78 R08: 0000000000000000 R09: 0000000000000000
[    4.553794][  T681] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90001307e00
[    4.553794][  T681] R13: ffff888129413d80 R14: ffff888129413dd8 R15: 0000000000000001
[    4.553794][  T681] FS:  0000000000000000(0000) GS:ffff88842fc00000(0000) knlGS:0000000000000000
[    4.553794][  T681] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    4.553794][  T681] CR2: 00000000000000c0 CR3: 0000000002432000 CR4: 00000000000406f0
[    4.553794][  T681] Call Trace:
[    4.553794][  T681]  <TASK>
[    4.553794][  T681]  ? __die_body+0x1e/0x5c
[    4.553794][  T681]  ? page_fault_oops+0xf3/0x13c
[    4.553794][  T681]  ? kernelmode_fixup_or_oops+0xa4/0xb0
[    4.553794][  T681]  ? __bad_area_nosemaphore+0x43/0x1bc
[    4.553794][  T681]  ? exc_page_fault+0xfd/0x116
[    4.553794][  T681]  ? asm_exc_page_fault+0x26/0x30
[    4.553794][  T681]  ? scsi_call_prepare_resubmit+0x8f/0x152
[    4.553794][  T681]  scsi_eh_flush_done_q+0x15/0x10d
[    4.553794][  T681]  ata_scsi_port_error_handler+0x486/0x4ff
[    4.553794][  T681]  ? scsi_unjam_host+0x1b0/0x1b0
[    4.553794][  T681]  ata_scsi_error+0x95/0xbe
[    4.553794][  T681]  scsi_error_handler+0x14c/0x1ca
[    4.553794][  T681]  kthread+0xf6/0xfe
[    4.553794][  T681]  ? kthread_complete_and_exit+0x1f/0x1f
[    4.553794][  T681]  ret_from_fork+0x25/0x37
[    4.553794][  T681]  ? kthread_complete_and_exit+0x1f/0x1f
[    4.553794][  T681]  ret_from_fork_asm+0x11/0x20
[    4.553794][  T681]  </TASK>
[    4.553794][  T681] Modules linked in:
[    4.553794][  T681] CR2: 00000000000000c0
[    4.553794][  T681] ---[ end trace 0000000000000000 ]---
[    4.553794][  T681] RIP: 0010:scsi_call_prepare_resubmit+0x8f/0x152
[    4.553794][  T681] Code: 8b 80 20 02 00 00 31 c0 f3 ab 48 8d 45 08 49 39 c5 74 17 48 8b 45 00 4c 3b 80 20 02 00 00 75 0a 48 8b 6d 08 48 83 ed 08 eb e0 <49> 83 b8
 c0 00 00 00 00 75 0d 48 8b 45 08 48 89 ee 48 8d 50 f8 eb
[    4.553794][  T681] RSP: 0000:ffffc90001307e00 EFLAGS: 00010246
[    4.553794][  T681] RAX: ffff888129413d80 RBX: ffff888129410000 RCX: 0000000000000000
[    4.553794][  T681] RDX: ffff888129413d78 RSI: ffff888129a8d0f0 RDI: ffffc90001307e10
[    4.553794][  T681] RBP: ffff888129413d78 R08: 0000000000000000 R09: 0000000000000000
[    4.553794][  T681] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90001307e00
[    4.553794][  T681] R13: ffff888129413d80 R14: ffff888129413dd8 R15: 0000000000000001
[    4.553794][  T681] FS:  0000000000000000(0000) GS:ffff88842fc00000(0000) knlGS:0000000000000000
[    4.553794][  T681] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    4.553794][  T681] CR2: 00000000000000c0 CR3: 0000000002432000 CR4: 00000000000406f0
[    4.553794][  T681] Kernel panic - not syncing: Fatal exception
[    4.553794][  T681] Kernel Offset: disabled

The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20230814/202308142205.fe3e80ec-oliver.sang@xxxxxxxxx

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki