Public bug reported:
How to reproduce:
1. Install ib_srpt r4468 from the SCST trunk on a target system.
2. On an initiator system connected via InfiniBand to the target system,
install Ubuntu 12.04.
3. Run the following commands on the initiator system (where the login string
must be modified according to the target login details):
modprobe ib_srp
for ((i=0;i<100;i++)); do echo -n "$i "; echo
'id_ext=0002c9030005f34e,ioc_guid=0002c9030005f34e,dgid=fe800000000000000002c9030005f350,pkey=ffff,service_id=0002c9030005f34e'
>/sys/class/infiniband_srp/srp-mlx4_0-1/add_target; done
Initiator details:
# lsb_release -rd
Description: Ubuntu 12.04.1 LTS
Release: 12.04
# cat /proc/version_signature
Ubuntu 3.2.0-29.46-generic 3.2.24
Resulting kernel messages:
[ 2428.880007] scsi host51: ib_srp: connection closed
[ 2428.880015] scsi host64: ib_srp: connection closed
[ 2428.881570] scsi host107: Null scmnd for RSP w/tag 0000000000000019
[ 2428.882380] BUG: unable to handle kernel NULL pointer dereference at
00000000000000e0
[ 2428.883210] IP: [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] PGD 1b116d067 PUD 1b45a3067 PMD 0
[ 2428.884001] Oops: 0002 [#1] SMP
[ 2428.884001] CPU 1
[ 2428.884001] Modules linked in: netconsole configfs ib_srp scsi_transport_srp
scsi_tgt ib_uverbs ib_umad ib_ipoib ib_cm ib_sa mlx4_ib ib_mad ib_core
snd_hda_codec_hdmi radeon snd_hda_codec_analog ttm snd_hda_intel snd_hda_codec
lp drm_kms_helper psmouse drm snd_hwdep snd_pcm i2c_algo_bit serio_raw
snd_timer snd mac_hid asus_atk0110 parport soundcore snd_page_alloc
firewire_ohci usbhid sky2 floppy hid firewire_core crc_itu_t skge pata_marvell
mlx4_core
[ 2428.884001]
[ 2428.884001] Pid: 3488, comm: kworker/1:6 Not tainted 3.2.0-29-generic
#46-Ubuntu System manufacturer P5Q DELUXE/P5Q DELUXE
[ 2428.884001] RIP: 0010:[<ffffffffa032b270>] [<ffffffffa032b270>]
srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] RSP: 0018:ffff8801bfc83d28 EFLAGS: 00010096
[ 2428.884001] RAX: 0000000000000002 RBX: ffff88017cf48000 RCX: ffffffff81e1fbb6
[ 2428.884001] RDX: 0000000000000000 RSI: 0000000000000086 RDI: 0000000000000046
[ 2428.884001] RBP: ffff8801bfc83d48 R08: 0000000000000000 R09: 0000000000000000
[ 2428.884001] R10: ffff8801b1d29000 R11: 0000000000000000 R12: 0000000000000000
[ 2428.884001] R13: ffff88017ce52690 R14: ffff88017ce532f0 R15: 0000000000000000
[ 2428.884001] FS: 0000000000000000(0000) GS:ffff8801bfc80000(0000)
knlGS:0000000000000000
[ 2428.884001] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 2428.884001] CR2: 00000000000000e0 CR3: 00000001b26db000 CR4: 00000000000406e0
[ 2428.884001] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2428.884001] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 2428.904005] scsi host55: ib_srp: connection closed
[ 2428.884001] Process kworker/1:6 (pid: 3488, threadinfo ffff88017defe000,
task ffff88017de39700)
[ 2428.884001] Stack:
[ 2428.884001] ffff88017ce52690 ffff88017d1db480 ffff8801b1a9e000
ffff8801b0d4f600
[ 2428.884001] ffff8801bfc83dc8 ffffffffa032cd2a 0000000000000082
0000000000000001
[ 2428.884001] ffff8801bfc83dc8 ffffffffa01f07c1 ffff880100000000
0000000000000082
[ 2428.912006] scsi host74: ib_srp: connection closed
[ 2428.884001] Call Trace:
[ 2428.884001] <IRQ>
[ 2428.884001] [<ffffffffa032cd2a>] srp_handle_recv.isra.22+0x17a/0x2c0
[ib_srp]
[ 2428.884001] [<ffffffffa01f07c1>] ? mlx4_ib_poll_cq+0x81/0xd0 [mlx4_ib]
[ 2428.884001] [<ffffffff810829b5>] ? __queue_work+0xe5/0x320
[ 2428.884001] [<ffffffffa032ceb3>] srp_recv_completion+0x43/0xb0 [ib_srp]
[ 2428.884001] [<ffffffffa01ef517>] mlx4_ib_cq_comp+0x17/0x20 [mlx4_ib]
[ 2428.884001] [<ffffffffa0002461>] mlx4_cq_completion+0x41/0x80 [mlx4_core]
[ 2428.884001] [<ffffffffa0002d34>] mlx4_eq_int+0x224/0x280 [mlx4_core]
[ 2428.884001] [<ffffffffa0002da4>] mlx4_msi_x_interrupt+0x14/0x20 [mlx4_core]
[ 2428.884001] [<ffffffff810d88f5>] handle_irq_event_percpu+0x55/0x220
[ 2428.884001] [<ffffffff8106e4fd>] ? __do_softirq+0xfd/0x210
[ 2428.884001] [<ffffffff810d8b11>] handle_irq_event+0x51/0x80
[ 2428.884001] [<ffffffff810dbc67>] handle_edge_irq+0x87/0x140
[ 2428.884001] [<ffffffff81015282>] handle_irq+0x22/0x40
[ 2428.884001] [<ffffffff816649da>] do_IRQ+0x5a/0xe0
[ 2428.884001] [<ffffffff81659d6e>] common_interrupt+0x6e/0x6e
[ 2428.884001] <EOI>
[ 2428.884001] [<ffffffff8106780f>] ? vprintk+0x1ef/0x4a0
[ 2428.884001] [<ffffffffa02d8c10>] ? cm_rej_handler+0x210/0x210 [ib_cm]
[ 2428.884001] [<ffffffff8164102c>] printk+0x51/0x53
[ 2428.884001] [<ffffffff813f1b7f>] __dev_printk+0x4f/0x90
[ 2428.884001] [<ffffffff813f1f15>] dev_printk+0x45/0x50
[ 2428.884001] [<ffffffffa032d9b3>] srp_cm_handler+0x183/0x1a0 [ib_srp]
[ 2428.884001] [<ffffffffa02d6ae7>] cm_process_work+0x27/0x140 [ib_cm]
[ 2428.884001] [<ffffffffa02d27f4>] ? cm_get_id+0x24/0x50 [ib_cm]
[ 2428.884001] [<ffffffffa02d8c10>] ? cm_rej_handler+0x210/0x210 [ib_cm]
[ 2428.884001] [<ffffffffa02d7ef3>] cm_timewait_handler+0x153/0x1b0 [ib_cm]
[ 2428.884001] [<ffffffffa02d8d45>] cm_work_handler+0x135/0x1dc [ib_cm]
[ 2428.884001] [<ffffffff810849ea>] process_one_work+0x11a/0x480
[ 2428.884001] [<ffffffff81085794>] worker_thread+0x164/0x370
[ 2428.884001] [<ffffffff81085630>] ? manage_workers.isra.29+0x130/0x130
[ 2428.884001] [<ffffffff81089fbc>] kthread+0x8c/0xa0
[ 2428.884001] [<ffffffff81664034>] kernel_thread_helper+0x4/0x10
[ 2428.884001] [<ffffffff81089f30>] ? flush_kthread_worker+0xa0/0xa0
[ 2428.884001] [<ffffffff81664030>] ? gs_change+0x13/0x13
[ 2428.884001] Code: 89 f3 f7 c1 00 00 00 80 0f 85 e5 00 00 00 48 8d 04 c9 4c
8d b4 c7 58 05 00 00 4d 8b 66 10 4d 85 e4 0f 84 a4 00 00 00 0f b6 43 13 <41> 89
84 24 e0 00 00 00 0f b6 43 12 a8 02 74 30 8b 43 1c 8b 4b
[ 2428.884001] RIP [<ffffffffa032b270>] srp_process_rsp+0x50/0x170 [ib_srp]
[ 2428.884001] RSP <ffff8801bfc83d28>
[ 2428.884001] CR2: 00000000000000e0
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Incomplete
** Tags: precise
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1037115
Title:
Repeated SRP logins trigger a kernel crash
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1037115/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
