On "what was the actual error": it is deref of an invalid address, not
NULL. Attaching crash dump analysis for the reference.

On module reference count: good point. I decided against it at first,
but I can reconsider. "modprobe -r qla2xxx" will fail if there is an
extra reference to the module, and the module_exit function will not
even run, right? Waiting for references to go away would be more
convenient for me. But I can see why the module reference count is a
better approach in general. I can work around and retry "modprobe -r
qla2xxx" multiple times in my scripts.

I think that it is still a SCSI mid-layer job to do the references.
There is no way qla2xxx can reference itself and then dereference at
the right time.

qla2xxx (or any other driver) provides a pointer to its module in
scsi_host_template when it requests Scsi_Host creation. As far as I
can see, no one ever takes a reference on that module. SCSI mid-layer
just relies on the module to be around. Scsi_Host is a device itself;
that is the device that is referenced on open/close from user mode,
and not the bus driver that triggered the Scsi_Host creation.

SCSI mid layer taking a reference on the template's module at
Scsi_Host creation in scsi_host_alloc(..) and dropping it in
scsi_host_dev_release (called when the last reference to Scsi_Host is
gone) will not work. Assuming that the module_exit function does not
run at an attempt to unload a referenced module, qla2xxx's Scsi_Host-s
corresponding to the adapter's ports will stay forever.

Let me think more about it; the idea is to intercept open/close at
Scsi_Host and increment/decrement module reference at that time.

Thanks a lot for the input!


On Wed, Apr 11, 2018 at 1:12 PM, James Bottomley
<james.bottom...@hansenpartnership.com> wrote:
> On Wed, 2018-04-11 at 12:22 -0700, Anatoliy Glagolev wrote:
>> Hannes, James, thanks a lot for taking a look!
>>
>> On the problem the patch is solving: it is in the "Description" part
>> of my initial e-mail. If you agree that a Scsi_Host may be around
>> after a driver has unloaded, the problem applies to any driver
>> creating a new Scsi_Host.
>
> No, I don't agree: as I said, the template is part of the module and
> the module should be reference counted.  Any use after free of the
> template means there's a refcounting bug somewhere.
>
>>  I fixed it in qla2xxx to illustrate the usage of the new function
>> and scsi_host_template's flag; also, qla2xxx is where I actually
>> observe crashes. Other drivers may do the same if they want to
>> address the problem.
>>
>> Here are details on the qla2xxx crash repro, if that is what you were
>> asking about. If I run "qaucli" utility that retrieves some info from
>> the driver via SCSI mid-layer, and unload the driver in parallel, the
>> kernel crashes with the following stack:
>>
>> [16834.636216,07] Call Trace:
>>                                                           ...
>> scsi_proc_hostdir_rm
>> [16834.641944,07]  [<ffffffff8141723f>]
>> scsi_host_dev_release+0x3f/0x130
>> [16834.647740,07]  [<ffffffff813e4f82>] device_release+0x32/0xa0
>> [16834.653423,07]  [<ffffffff812dc6c7>] kobject_cleanup+0x77/0x190
>> [16834.659002,07]  [<ffffffff812dc585>] kobject_put+0x25/0x50
>> [16834.664430,07]  [<ffffffff813e5277>] put_device+0x17/0x20
>> [16834.669740,07]  [<ffffffff812d0334>]
>> bsg_kref_release_function+0x24/0x30
>> [16834.675007,07]  [<ffffffff812d14a6>] bsg_release+0x166/0x1d0
>> [16834.680148,07]  [<ffffffff8119ba2b>] __fput+0xcb/0x1d0
>> [16834.685156,07]  [<ffffffff8119bb6e>] ____fput+0xe/0x10
>> [16834.690017,07]  [<ffffffff81077476>] task_work_run+0x86/0xb0
>> [16834.694781,07]  [<ffffffff81057043>]
>> exit_to_usermode_loop+0x6b/0x9a
>> [16834.699466,07]  [<ffffffff81002875>]
>> syscall_return_slowpath+0x55/0x60
>> [16834.704110,07]  [<ffffffff8172d615>]
>> int_ret_from_sys_call+0x25/0x9f
>
> This one's a bit baffling: open of the bsg device should have already
> taken the module reference.  What was the actual error: NULL deref?
>
> The thing which is supposed to hold the module is the device open/close
> which does scsi_device_put on sd_release ... unless this is some sort
> of non-scsi device and qlogic forgot how to refcount?
>
>> On refcount for scsi_host_template: valid point, I did consider it.
>> Existing drivers allocate scsi_host_template statically. We cannot
>> change them all at once. So we have to allow 2 ways of allocating
>> scsi_host_template: the dynamic one with refcounts and the static one
>> for legacy driver support. That is kind of ugly, too. In addition,
>> having a refcounted scsi_host_template after driver unload is
>> confusing: the memory of scsi_host_template is OK, but any attempt to
>> call a method from the template still causes a crash.
>
> No, the static template already is part of the module so it should be
> refcounted as a module reference.
>
> James
>
crash 7.0.3
Copyright (C) 2002-2013  Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010  IBM Corporation
Copyright (C) 1999-2006  Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012  Fujitsu Limited
Copyright (C) 2006, 2007  VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011  NEC Corporation
Copyright (C) 1999, 2002, 2007  Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002  Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions.  Enter "help copying" to see the conditions.
This program has absolutely no warranty.  Enter "help warranty" for details.
 
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...


please wait... (gathering kmem slab cache data)
                                                

please wait... (gathering module symbol data)
                                              

please wait... (gathering task table data)
                                           

please wait... (determining panic task)
                                        
      KERNEL: vmlinux
    DUMPFILE: dump.201803181309  [PARTIAL DUMP]
        CPUS: 48
        DATE: Wed Dec 31 17:00:00 1969
      UPTIME: 1 days, 17:04:03
LOAD AVERAGE: 34.75, 25.58, 23.08
       TASKS: 4870
    NODENAME: gm65-15-ct1
     RELEASE: 4.4.77+
     VERSION: #201802280032+4a6340d.qlogictarget SMP Tue, 27 Feb 2018 16:32:16
     MACHINE: x86_64  (2199 Mhz)
      MEMORY: 383.9 GB
       PANIC: "Oops: 0000 [#1] SMP " (check log for details)
         PID: 247779
     COMMAND: "qaucli"
        TASK: ffff880350279c00  [THREAD_INFO: ffff8804197ac000]
         CPU: 11
       STATE: TASK_RUNNING (PANIC)

crash> bt -a
PID: 251975  TASK: ffff882fbe671c00  CPU: 0   COMMAND: "puredb"
 #0 [ffff8803da79bd38] path_openat at ffffffff811a67e2
 #1 [ffff8803da79bde8] do_filp_open at ffffffff811a8c5e
 #2 [ffff8803da79bee8] do_sys_open at ffffffff8119940b
 #3 [ffff8803da79bf40] sys_open at ffffffff8119959e
 #4 [ffff8803da79bf50] entry_SYSCALL_64_fastpath at ffffffff8172d4b2
    RIP: 00007fa8a1e74170  RSP: 00007ffe8a1f0308  RFLAGS: 00000246
    RAX: ffffffffffffffda  RBX: 0000000001cf6f90  RCX: 00007fa8a1e74170
    RDX: 00000000000001b6  RSI: 0000000000000000  RDI: 0000000001dae580
    RBP: 0000000000000000   R8: 00000000005ba97e   R9: 0000000000000000
    R10: 0000000091908c95  R11: 0000000000000246  R12: 0000000000000000
    R13: 0000000001cf6f90  R14: 0000000001db1e90  R15: 000000005aaac651
    ORIG_RAX: 0000000000000002  CS: 0033  SS: 002b

PID: 239991  TASK: ffff88331be60000  CPU: 1   COMMAND: "java"
 #0 [ffff88330967be80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff88330967bea0] nmi_handle at ffffffff81008d51
 #2 [ffff88330967bef8] default_do_nmi at ffffffff810092a0
 #3 [ffff88330967bf18] do_nmi at ffffffff8100945a
 #4 [ffff88330967bf50] nmi at ffffffff8172f476
    RIP: 00007fedcd01acae  RSP: 00007feda5ed9fb0  RFLAGS: 00000202
    RAX: 00007fedcd72b010  RBX: 00007fec942b4d40  RCX: 00000000000004bb
    RDX: 0000000000000002  RSI: 00000000000004bb  RDI: 00007feda5eda440
    RBP: 00007feda5eda010   R8: 00007fec94505550   R9: 00007fec942b5578
    R10: 0000000000000002  R11: 0000000000000000  R12: 00007feda5eda0c0
    R13: 00007feda5eda0a0  R14: 00007feda5eda440  R15: 00007feda5eda080
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 251751  TASK: ffff880336278000  CPU: 2   COMMAND: "monitord"
 #0 [ffff880336a7fe80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff880336a7fea0] nmi_handle at ffffffff81008d51
 #2 [ffff880336a7fef8] default_do_nmi at ffffffff810092a0
 #3 [ffff880336a7ff18] do_nmi at ffffffff8100945a
 #4 [ffff880336a7ff50] nmi at ffffffff8172f476
    RIP: 00000000005344b0  RSP: 00007fffa28f0b30  RFLAGS: 00000202
    RAX: 00000000008f1320  RBX: 00007f6719511b18  RCX: 000000000000001f
    RDX: 00000000010d3960  RSI: 00000000008d6db0  RDI: 00007f6719511b18
    RBP: 00007f6719511b18   R8: 00000000010d3a98   R9: 000000000000000c
    R10: 00000000010d3a50  R11: 00000000010d3a68  R12: 00000000008d6db0
    R13: 0000000000534490  R14: 00007f6719502c58  R15: 00007f6719502c38
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88017ed4d400  CPU: 3   COMMAND: "swapper/3"
 #0 [ffff88017ed5be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed5bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed5bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed5bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed5bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017ed60000  CPU: 4   COMMAND: "swapper/4"
 #0 [ffff88017ed5fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed5fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed5fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed5fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed5ff38] start_secondary at ffffffff81035219

PID: 251742  TASK: ffff88042bf60000  CPU: 5   COMMAND: "platform_framew"
 #0 [ffff880330e6be80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff880330e6bea0] nmi_handle at ffffffff81008d51
 #2 [ffff880330e6bef8] default_do_nmi at ffffffff810092a0
 #3 [ffff880330e6bf18] do_nmi at ffffffff8100945a
 #4 [ffff880330e6bf50] nmi at ffffffff8172f476
    RIP: 00007f503241e174  RSP: 00007ffe20ce8e60  RFLAGS: 00000216
    RAX: ffffffffffffff00  RBX: 00007f5032454000  RCX: 00007f50325d19d8
    RDX: 00007f501d7ee918  RSI: 0000000000000000  RDI: 0000000000000000
    RBP: 00007ffe20ce8f90   R8: 00007f5032632500   R9: 00007f5032632500
    R10: 00007ffe20ce8cb0  R11: 00007f50248770c0  R12: 00007f502418b8c0
    R13: 0000000000000001  R14: 00007f5023a612b0  R15: 00007f5023a32000
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 251681  TASK: ffff88330fd51c00  CPU: 6   COMMAND: "java"
 #0 [ffff88044b26fd60] __ext4_handle_dirty_super at ffffffff8124f06b
 #1 [ffff88044b26fd98] ext4_orphan_del at ffffffff8122ab12
 #2 [ffff88044b26fe10] ext4_evict_inode at ffffffff8122047f
 #3 [ffff88044b26fe30] evict at ffffffff811b2cb7
 #4 [ffff88044b26fe58] iput at ffffffff811b3546
 #5 [ffff88044b26fe90] d_delete at ffffffff811af435
 #6 [ffff88044b26feb8] vfs_rmdir at ffffffff811a526a
 #7 [ffff88044b26fed8] do_rmdir at ffffffff811a8784
 #8 [ffff88044b26ff40] sys_rmdir at ffffffff811a9326
 #9 [ffff88044b26ff50] entry_SYSCALL_64_fastpath at ffffffff8172d4b2
    RIP: 00007fedcdecec47  RSP: 00007fed8c9b9a58  RFLAGS: 00000246
    RAX: ffffffffffffffda  RBX: 00007fea00049460  RCX: 00007fedcdecec47
    RDX: ffffffffffffff60  RSI: 00007febc4002ad8  RDI: 00007fea000216b0
    RBP: 00007fed8c9b9980   R8: 00007fea000216b0   R9: 0000000000000028
    R10: 0000000000000048  R11: 0000000000000246  R12: 00007fe9f80021e0
    R13: 000000000000003c  R14: 00007fea0006d8a0  R15: 00007fed8c9b9940
    ORIG_RAX: 0000000000000054  CS: 0033  SS: 002b

PID: 0      TASK: ffff88017ed65400  CPU: 7   COMMAND: "swapper/7"
 #0 [ffff88017ed7be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed7bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed7bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed7bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed7bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017ed80000  CPU: 8   COMMAND: "swapper/8"
 #0 [ffff88017ed7fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed7fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed7fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed7fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed7ff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017ed81c00  CPU: 9   COMMAND: "swapper/9"
 #0 [ffff88017ed8be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed8bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed8bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed8bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed8bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017ed83800  CPU: 10  COMMAND: "swapper/10"
 #0 [ffff88017ed8fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed8fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed8fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed8fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed8ff38] start_secondary at ffffffff81035219

PID: 247779  TASK: ffff880350279c00  CPU: 11  COMMAND: "qaucli"
 #0 [ffff8804197afa18] machine_kexec at ffffffff8103ed41
 #1 [ffff8804197afa70] crash_kexec at ffffffff810d82b3
 #2 [ffff8804197afb38] oops_end at ffffffff810085e2
 #3 [ffff8804197afb60] no_context at ffffffff81049ec0
 #4 [ffff8804197afbb8] __bad_area_nosemaphore at ffffffff8104a194
 #5 [ffff8804197afc00] bad_area_nosemaphore at ffffffff8104a2a3
 #6 [ffff8804197afc10] __do_page_fault at ffffffff8104aac3
 #7 [ffff8804197afc70] do_page_fault at ffffffff8104ad72
 #8 [ffff8804197afc90] page_fault at ffffffff8172f1a5
    [exception RIP: scsi_proc_hostdir_rm+10]
    RIP: ffffffff8142687a  RSP: ffff8804197afd48  RFLAGS: 00010246
    RAX: ffff88037868c208  RBX: ffff88037868c000  RCX: 0000000000000286
    RDX: ffff88037868c490  RSI: 0000000000000286  RDI: ffffffffa0908140
    RBP: ffff8804197afd50   R8: ffff88034738f200   R9: 00000001802a0001
    R10: ffff882fbfb789a0  R11: ffffea000d1ce380  R12: ffff88522e58d098
    R13: ffff882f81bc1980  R14: ffff88034738f208  R15: ffff880356b5f380
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
 #9 [ffff8804197afd58] scsi_host_dev_release at ffffffff8141723f
#10 [ffff8804197afd80] device_release at ffffffff813e4f82
#11 [ffff8804197afda8] kobject_cleanup at ffffffff812dc6c7
#12 [ffff8804197afdd0] kobject_put at ffffffff812dc585
#13 [ffff8804197afde8] put_device at ffffffff813e5277
#14 [ffff8804197afdf8] bsg_kref_release_function at ffffffff812d0334
#15 [ffff8804197afe10] bsg_release at ffffffff812d14a6
#16 [ffff8804197afe70] __fput at ffffffff8119ba2b
#17 [ffff8804197afeb0] ____fput at ffffffff8119bb6e
#18 [ffff8804197afec0] task_work_run at ffffffff81077476
#19 [ffff8804197aff00] exit_to_usermode_loop at ffffffff81057043
#20 [ffff8804197aff30] syscall_return_slowpath at ffffffff81002875
#21 [ffff8804197aff50] int_ret_from_sys_call at ffffffff8172d615
    RIP: 00007f98a79b83f0  RSP: 00007ffead255f18  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: 0000000000793a90  RCX: 00007f98a79b83f0
    RDX: 0000000000000001  RSI: 00007ffead255ef0  RDI: 0000000000000003
    RBP: 00007ffead256210   R8: 00007ffead255e50   R9: 00007ffead255c90
    R10: 0000000000000008  R11: 0000000000000246  R12: 0000000000000000
    R13: 0000000000000000  R14: 0000000000000004  R15: 000000000048a85e
    ORIG_RAX: 0000000000000003  CS: 0033  SS: 002b

PID: 165659  TASK: ffff885fada5d400  CPU: 12  COMMAND: "test.py"
 #0 [ffff885f623efe80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff885f623efea0] nmi_handle at ffffffff81008d51
 #2 [ffff885f623efef8] default_do_nmi at ffffffff810092a0
 #3 [ffff885f623eff18] do_nmi at ffffffff8100945a
 #4 [ffff885f623eff50] nmi at ffffffff8172f476
    RIP: 00000000004c7c5f  RSP: 00007ffdb2bcd500  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: 0000000000e87d80  RCX: 0000000000000000
    RDX: 0000000000000079  RSI: 0000000000000001  RDI: 00007f5ac458a050
    RBP: 00007f5ac458a1c8   R8: 0000000000e2b0a0   R9: 0000000000000000
    R10: 0000000000000071  R11: 0000000000000000  R12: 00007f5ac45e0b7c
    R13: 00007f5ac45e0bf5  R14: 0000000000000079  R15: 0000000000000079
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88522f673800  CPU: 13  COMMAND: "swapper/13"
 #0 [ffff88522f6d7e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6d7ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6d7ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6d7ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6d7f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6d8000  CPU: 14  COMMAND: "swapper/14"
 #0 [ffff88522f6e3e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6e3ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6e3ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6e3ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6e3f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6d9c00  CPU: 15  COMMAND: "swapper/15"
 #0 [ffff88522f6e7e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6e7ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6e7ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6e7ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6e7f38] start_secondary at ffffffff81035219

PID: 251894  TASK: ffff8833152e0000  CPU: 16  COMMAND: "java"
 #0 [ffff88522ecf3e80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff88522ecf3ea0] nmi_handle at ffffffff81008d51
 #2 [ffff88522ecf3ef8] default_do_nmi at ffffffff810092a0
 #3 [ffff88522ecf3f18] do_nmi at ffffffff8100945a
 #4 [ffff88522ecf3f50] nmi at ffffffff8172f476
    RIP: 00007f79bf884470  RSP: 00007f79c21cc250  RFLAGS: 00000202
    RAX: 00000000000001f4  RBX: 00007f79b9336c48  RCX: 0000000000000000
    RDX: 0000000000000000  RSI: 00007f79b9331368  RDI: 00007f79b800f000
    RBP: 00007f79c21cc9d0   R8: 00007f79c21cc650   R9: 00007f79b92fdb20
    R10: 0000000000000000  R11: 00007f79c21cc5c0  R12: 0000000000000000
    R13: 00007f79b9336c18  R14: 00007f79c21cc650  R15: 00007f79b9323d90
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88522f6dd400  CPU: 17  COMMAND: "swapper/17"
 #0 [ffff88522f6efe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6efec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6efed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6efef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6eff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6f0000  CPU: 18  COMMAND: "swapper/18"
 #0 [ffff88522f6fbe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6fbec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6fbed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6fbef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6fbf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6f1c00  CPU: 19  COMMAND: "swapper/19"
 #0 [ffff88522f6ffe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522f6ffec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522f6ffed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522f6ffef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522f6fff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6f3800  CPU: 20  COMMAND: "swapper/20"
 #0 [ffff88522ec03e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec03ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec03ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec03ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec03f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522f6f5400  CPU: 21  COMMAND: "swapper/21"
 #0 [ffff88522ec07e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec07ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec07ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec07ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec07f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec08000  CPU: 22  COMMAND: "swapper/22"
 #0 [ffff88522ec13e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec13ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec13ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec13ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec13f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec09c00  CPU: 23  COMMAND: "swapper/23"
 #0 [ffff88522ec17e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec17ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec17ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec17ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec17f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017eda8000  CPU: 24  COMMAND: "swapper/24"
 #0 [ffff88017ed97e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ed97ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ed97ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ed97ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ed97f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017eda9c00  CPU: 25  COMMAND: "swapper/25"
 #0 [ffff88017edb3e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edb3ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edb3ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edb3ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edb3f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017edab800  CPU: 26  COMMAND: "swapper/26"
 #0 [ffff88017edb7e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edb7ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edb7ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edb7ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edb7f38] start_secondary at ffffffff81035219

PID: 251755  TASK: ffff880388395400  CPU: 27  COMMAND: "python"
 #0 [ffff8803ea79fe80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff8803ea79fea0] nmi_handle at ffffffff81008d51
 #2 [ffff8803ea79fef8] default_do_nmi at ffffffff810092a0
 #3 [ffff8803ea79ff18] do_nmi at ffffffff8100945a
 #4 [ffff8803ea79ff50] nmi at ffffffff8172f476
    RIP: 0000000000534500  RSP: 00007ffeb55b0b60  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: 00007ff9371ca398  RCX: 000000000000007f
    RDX: 0000000000000000  RSI: 00000000008d6db0  RDI: 00007ff9371ca398
    RBP: 00007ff9371ca398   R8: 00000000029c5c40   R9: 0000000000000046
    R10: 00000000029c5c10  R11: 00000000029c5c28  R12: 00000000008d6db0
    R13: 0000000000534490  R14: 00007ff9372204b0  R15: 00007ff937220490
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88017edc0000  CPU: 28  COMMAND: "swapper/28"
 #0 [ffff88017edbfe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edbfec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edbfed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edbfef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edbff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017edc1c00  CPU: 29  COMMAND: "swapper/29"
 #0 [ffff88017edcbe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edcbec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edcbed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edcbef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edcbf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017edc3800  CPU: 30  COMMAND: "swapper/30"
 #0 [ffff88017edcfe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edcfec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edcfed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edcfef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edcff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88017edc5400  CPU: 31  COMMAND: "swapper/31"
 #0 [ffff88017edd3e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edd3ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edd3ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edd3ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edd3f38] start_secondary at ffffffff81035219

PID: 239988  TASK: ffff885f51619c00  CPU: 32  COMMAND: "java"
 #0 [ffff885fb716fe80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff885fb716fea0] nmi_handle at ffffffff81008d51
 #2 [ffff885fb716fef8] default_do_nmi at ffffffff810092a0
 #3 [ffff885fb716ff18] do_nmi at ffffffff8100945a
 #4 [ffff885fb716ff50] nmi at ffffffff8172f476
    RIP: 00007fedcce92c61  RSP: 00007feda61dd130  RFLAGS: 00000202
    RAX: 00007fec7c1f1f88  RBX: 0000000000000001  RCX: 00007fec981bba08
    RDX: 00007fec8c15d4a0  RSI: 00007feda61dde60  RDI: 00007feda61dde60
    RBP: 00007feda61dd2a0   R8: 00007fec8c1378f0   R9: 000000000000004a
    R10: 0000000000000002  R11: 0000000000040000  R12: 00007fec7c1f1f50
    R13: 00007feda61dde60  R14: 00007feda61dde60  R15: 00007fec7c1f1f50
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88017edd9c00  CPU: 33  COMMAND: "swapper/33"
 #0 [ffff88017ede3e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017ede3ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017ede3ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017ede3ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017ede3f38] start_secondary at ffffffff81035219

PID: 251780  TASK: ffff88043ff25400  CPU: 34  COMMAND: "purehost"
 #0 [ffff880306bafe80] crash_nmi_callback at ffffffff81033eb1
 #1 [ffff880306bafea0] nmi_handle at ffffffff81008d51
 #2 [ffff880306bafef8] default_do_nmi at ffffffff810092a0
 #3 [ffff880306baff18] do_nmi at ffffffff8100945a
 #4 [ffff880306baff50] nmi at ffffffff8172f476
    RIP: 00000000004ca910  RSP: 00007ffea04d2360  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: 0000000000c16170  RCX: 0000000000535120
    RDX: 000000000000007e  RSI: 0000000000c16338  RDI: 0000000000c16170
    RBP: 0000000000fc0448   R8: 00000000000000c7   R9: 00000000008fe3e0
    R10: 0000000000000072  R11: 00000000008fe3e0  R12: 0000000000c16170
    R13: 0000000000c73b95  R14: 00000000008f0520  R15: 0000000000c73b95
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b

PID: 0      TASK: ffff88017eddd400  CPU: 35  COMMAND: "swapper/35"
 #0 [ffff88017edebe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88017edebec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88017edebed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88017edebef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88017edebf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec0d400  CPU: 36  COMMAND: "swapper/36"
 #0 [ffff88522ec1be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec1bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec1bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec1bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec1bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec0b800  CPU: 37  COMMAND: "swapper/37"
 #0 [ffff88522ec1fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec1fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec1fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec1fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec1ff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec20000  CPU: 38  COMMAND: "swapper/38"
 #0 [ffff88522ec2be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec2bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec2bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec2bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec2bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec21c00  CPU: 39  COMMAND: "swapper/39"
 #0 [ffff88522ec2fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec2fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec2fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec2fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec2ff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec23800  CPU: 40  COMMAND: "swapper/40"
 #0 [ffff88522ec33e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec33ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec33ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec33ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec33f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec25400  CPU: 41  COMMAND: "swapper/41"
 #0 [ffff88522ec37e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec37ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec37ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec37ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec37f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec38000  CPU: 42  COMMAND: "swapper/42"
 #0 [ffff88522ec43e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec43ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec43ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec43ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec43f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec39c00  CPU: 43  COMMAND: "swapper/43"
 #0 [ffff88522ec47e80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec47ec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec47ed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec47ef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec47f38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec3b800  CPU: 44  COMMAND: "swapper/44"
 #0 [ffff88522ec4be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec4bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec4bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec4bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec4bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec3d400  CPU: 45  COMMAND: "swapper/45"
 #0 [ffff88522ec4fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec4fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec4fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec4fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec4ff38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec50000  CPU: 46  COMMAND: "swapper/46"
 #0 [ffff88522ec5be80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec5bec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec5bed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec5bef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec5bf38] start_secondary at ffffffff81035219

PID: 0      TASK: ffff88522ec51c00  CPU: 47  COMMAND: "swapper/47"
 #0 [ffff88522ec5fe80] cpuidle_enter_state at ffffffff81603c8d
 #1 [ffff88522ec5fec8] cpuidle_enter at ffffffff81603e97
 #2 [ffff88522ec5fed8] call_cpuidle at ffffffff81095cb2
 #3 [ffff88522ec5fef0] cpu_startup_entry at ffffffff81095f47
 #4 [ffff88522ec5ff38] start_secondary at ffffffff81035219
crash> bt -f
PID: 247779  TASK: ffff880350279c00  CPU: 11  COMMAND: "qaucli"
 #0 [ffff8804197afa18] machine_kexec at ffffffff8103ed41
    ffff8804197afa20: 0000fbff1a200800 ffff880000000000 
    ffff8804197afa30: 0000000016003000 ffff880016003000 
    ffff8804197afa40: 0000000016002000 000000000000000b 
    ffff8804197afa50: ffff8804197afc98 ffff8804197afa78 
    ffff8804197afa60: 0000000000000046 ffff8804197afb30 
    ffff8804197afa70: ffffffff810d82b3 
 #1 [ffff8804197afa70] crash_kexec at ffffffff810d82b3
    ffff8804197afa78: ffff880356b5f380 ffff88034738f208 
    ffff8804197afa88: ffff882f81bc1980 ffff88522e58d098 
    ffff8804197afa98: ffff8804197afd50 ffff88037868c000 
    ffff8804197afaa8: ffffea000d1ce380 ffff882fbfb789a0 
    ffff8804197afab8: 00000001802a0001 ffff88034738f200 
    ffff8804197afac8: ffff88037868c208 0000000000000286 
    ffff8804197afad8: ffff88037868c490 0000000000000286 
    ffff8804197afae8: ffffffffa0908140 ffffffffffffffff 
    ffff8804197afaf8: ffffffff8142687a 0000000000000010 
    ffff8804197afb08: 0000000000010246 ffff8804197afd48 
    ffff8804197afb18: 0000000000000018 0000000000000009 
    ffff8804197afb28: ffff8804197afc98 ffff8804197afb58 
    ffff8804197afb38: ffffffff810085e2 
 #2 [ffff8804197afb38] oops_end at ffffffff810085e2
    ffff8804197afb40: ffff8804197afc98 0000000000000009 
    ffff8804197afb50: 0000000000000000 ffff8804197afbb0 
    ffff8804197afb60: ffffffff81049ec0 
 #3 [ffff8804197afb60] no_context at ffffffff81049ec0
    ffff8804197afb68: 0000000200000018 0000000000000001 
    ffff8804197afb78: 0000000000000046 ffff88017ebd1a40 
    ffff8804197afb88: 0000000000000000 ffff8804197afc98 
    ffff8804197afb98: ffffffffa09081f8 ffff880350279c00 
    ffff8804197afba8: 0000000000030001 ffff8804197afbf8 
    ffff8804197afbb8: ffffffff8104a194 
 #4 [ffff8804197afbb8] __bad_area_nosemaphore at ffffffff8104a194
    ffff8804197afbc0: 000000000000372d 0000000000000759 
    ffff8804197afbd0: ffff882fbd474600 ffffffffa09081f8 
    ffff8804197afbe0: ffff8804197afc98 ffff88034738f208 
    ffff8804197afbf0: ffff880350279c00 ffff8804197afc08 
    ffff8804197afc00: ffffffff8104a2a3 
 #5 [ffff8804197afc00] bad_area_nosemaphore at ffffffff8104a2a3
    ffff8804197afc08: ffff8804197afc68 ffffffff8104aac3 
 #6 [ffff8804197afc10] __do_page_fault at ffffffff8104aac3
    ffff8804197afc18: 0000001400000004 0000000000000018 
    ffff8804197afc28: ffff8804197afc38 ffff882fbd474668 
    ffff8804197afc38: 0000000000000000 0000000000000000 
    ffff8804197afc48: ffff8804197afc98 ffff882f81bc1980 
    ffff8804197afc58: ffff88034738f208 ffff880356b5f380 
    ffff8804197afc68: ffff8804197afc88 ffffffff8104ad72 
 #7 [ffff8804197afc70] do_page_fault at ffffffff8104ad72
    ffff8804197afc78: 0000000000000001 ffff88522e58d098 
    ffff8804197afc88: ffff8804197afd50 ffffffff8172f1a5 
 #8 [ffff8804197afc90] page_fault at ffffffff8172f1a5
    [exception RIP: scsi_proc_hostdir_rm+10]
    RIP: ffffffff8142687a  RSP: ffff8804197afd48  RFLAGS: 00010246
    RAX: ffff88037868c208  RBX: ffff88037868c000  RCX: 0000000000000286
    RDX: ffff88037868c490  RSI: 0000000000000286  RDI: ffffffffa0908140
    RBP: ffff8804197afd50   R8: ffff88034738f200   R9: 00000001802a0001
    R10: ffff882fbfb789a0  R11: ffffea000d1ce380  R12: ffff88522e58d098
    R13: ffff882f81bc1980  R14: ffff88034738f208  R15: ffff880356b5f380
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
    ffff8804197afc98: ffff880356b5f380 ffff88034738f208 
    ffff8804197afca8: ffff882f81bc1980 ffff88522e58d098 
    ffff8804197afcb8: ffff8804197afd50 ffff88037868c000 
    ffff8804197afcc8: ffffea000d1ce380 ffff882fbfb789a0 
    ffff8804197afcd8: 00000001802a0001 ffff88034738f200 
    ffff8804197afce8: ffff88037868c208 0000000000000286 
    ffff8804197afcf8: ffff88037868c490 0000000000000286 
    ffff8804197afd08: ffffffffa0908140 ffffffffffffffff 
    ffff8804197afd18: ffffffff8142687a 0000000000000010 
    ffff8804197afd28: 0000000000010246 ffff8804197afd48 
    ffff8804197afd38: 0000000000000018 ffff88037868c208 
    ffff8804197afd48: ffff88037868c000 ffff8804197afd78 
    ffff8804197afd58: ffffffff8141723f 
 #9 [ffff8804197afd58] scsi_host_dev_release at ffffffff8141723f
    ffff8804197afd60: ffff88037868c218 ffff88037868c208 
    ffff8804197afd70: ffff882f81bc1980 ffff8804197afda0 
    ffff8804197afd80: ffffffff813e4f82 
#10 [ffff8804197afd80] device_release at ffffffff813e4f82
    ffff8804197afd88: ffff88037868c218 ffffffff81ea5500 
    ffff8804197afd98: ffff885fb3ee17c8 ffff8804197afdc8 
    ffff8804197afda8: ffffffff812dc6c7 
#11 [ffff8804197afda8] kobject_cleanup at ffffffff812dc6c7
    ffff8804197afdb0: ffff88037868c218 ffff88034738f200 
    ffff8804197afdc0: 0000000000000000 ffff8804197afde0 
    ffff8804197afdd0: ffffffff812dc585 
#12 [ffff8804197afdd0] kobject_put at ffffffff812dc585
    ffff8804197afdd8: ffff88037868c208 ffff8804197afdf0 
    ffff8804197afde8: ffffffff813e5277 
#13 [ffff8804197afde8] put_device at ffffffff813e5277
    ffff8804197afdf0: ffff8804197afe08 ffffffff812d0334 
#14 [ffff8804197afdf8] bsg_kref_release_function at ffffffff812d0334
    ffff8804197afe00: 0000000000000001 ffff8804197afe68 
    ffff8804197afe10: ffffffff812d14a6 
#15 [ffff8804197afe10] bsg_release at ffffffff812d14a6
    ffff8804197afe18: 0000100000000008 0000000000000008 
    ffff8804197afe28: 0000000000795210 0000000000000000 
    ffff8804197afe38: 0000000000000000 ffff880390779200 
    ffff8804197afe48: 0000000000000008 ffff8802ed730d30 
    ffff8804197afe58: ffff88342e904d80 ffff88522e5fc4a0 
    ffff8804197afe68: ffff8804197afea8 ffffffff8119ba2b 
#16 [ffff8804197afe70] __fput at ffffffff8119ba2b
    ffff8804197afe78: ffff880390779210 ffff880390779200 
    ffff8804197afe88: ffff880350279c00 ffffffff82089eb0 
    ffff8804197afe98: 0000000000000000 ffff88035027a240 
    ffff8804197afea8: ffff8804197afeb8 ffffffff8119bb6e 
#17 [ffff8804197afeb0] ____fput at ffffffff8119bb6e
    ffff8804197afeb8: ffff8804197afef8 ffffffff81077476 
#18 [ffff8804197afec0] task_work_run at ffffffff81077476
    ffff8804197afec8: ffff88035027a25c 0000000000000002 
    ffff8804197afed8: ffff8804197aff58 ffff8804197ac000 
    ffff8804197afee8: ffff880350279c00 000000000048a85e 
    ffff8804197afef8: ffff8804197aff28 ffffffff81057043 
#19 [ffff8804197aff00] exit_to_usermode_loop at ffffffff81057043
    ffff8804197aff08: ffff8804197aff58 ffff8804197ac000 
    ffff8804197aff18: 0000000000000000 0000000000000004 
    ffff8804197aff28: ffff8804197aff48 ffffffff81002875 
#20 [ffff8804197aff30] syscall_return_slowpath at ffffffff81002875
    ffff8804197aff38: 0000000000793a90 0000000000000000 
    ffff8804197aff48: 00007ffead256210 ffffffff8172d615 
#21 [ffff8804197aff50] int_ret_from_sys_call at ffffffff8172d615
    RIP: 00007f98a79b83f0  RSP: 00007ffead255f18  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: 0000000000793a90  RCX: 00007f98a79b83f0
    RDX: 0000000000000001  RSI: 00007ffead255ef0  RDI: 0000000000000003
    RBP: 00007ffead256210   R8: 00007ffead255e50   R9: 00007ffead255c90
    R10: 0000000000000008  R11: 0000000000000246  R12: 0000000000000000
    R13: 0000000000000000  R14: 0000000000000004  R15: 000000000048a85e
    ORIG_RAX: 0000000000000003  CS: 0033  SS: 002b
crash> q

crash 7.0.3
Copyright (C) 2002-2013  Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010  IBM Corporation
Copyright (C) 1999-2006  Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012  Fujitsu Limited
Copyright (C) 2006, 2007  VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011  NEC Corporation
Copyright (C) 1999, 2002, 2007  Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002  Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions.  Enter "help copying" to see the conditions.
This program has absolutely no warranty.  Enter "help warranty" for details.
 
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...

crash> 
crash> dir ~/puredev/bld_linux/linux-2.6.git
Source directories searched: 
/home/aglagolev/puredev/bld_linux/linux-2.6.git:$cdir:$cwd
crash> 
crash> dir ~/puredev/bld_linux/linux-2.6.git
crash> l *( scsi_proc_hostdir_rm+10)
0xffffffff8142687a is in scsi_proc_hostdir_rm (drivers/scsi/scsi_proc.c:121).
116      * scsi_proc_hostdir_rm - remove directory in /proc for a scsi host
117      * @sht: owner of directory
118      */
119     void scsi_proc_hostdir_rm(struct scsi_host_template *sht)
120     {
121             if (!sht->show_info)
122                     return;
123     
124             mutex_lock(&global_host_template_mutex);
125             if (!--sht->present && sht->proc_dir) {
crash> 
crash> sym scsi_proc_hostdir_rm
ffffffff81426870 (T) scsi_proc_hostdir_rm 
/home/os76/hudsonworkspace/workspace/p_builder/bld_linux/linux-2.6.git/drivers/scsi/scsi_proc.c:
 120
crash> 
crash> gdb disas ffffffff81426870,+100
No symbol "ffffffff81426870" in current context.
gdb: gdb request failed: disas ffffffff81426870,+100
crash> gdb disas ffffffff81426870,+100
Dump of assembler code from 0xffffffff81426870 to 0xffffffff814268d4:
   0xffffffff81426870 <scsi_proc_hostdir_rm+0>: nopl   0x0(%rax,%rax,1)
   0xffffffff81426875 <scsi_proc_hostdir_rm+5>: push   %rbp
   0xffffffff81426876 <scsi_proc_hostdir_rm+6>: mov    %rsp,%rbp
   0xffffffff81426879 <scsi_proc_hostdir_rm+9>: push   %rbx
   0xffffffff8142687a <scsi_proc_hostdir_rm+10>:        cmpq   $0x0,0xb8(%rdi)
   0xffffffff81426882 <scsi_proc_hostdir_rm+18>:        mov    %rdi,%rbx
   0xffffffff81426885 <scsi_proc_hostdir_rm+21>:        je     
0xffffffff814268d0 <scsi_proc_hostdir_rm+96>
   0xffffffff81426887 <scsi_proc_hostdir_rm+23>:        mov    
$0xffffffff81eae100,%rdi
   0xffffffff8142688e <scsi_proc_hostdir_rm+30>:        callq  
0xffffffff8172b430 <mutex_lock>
   0xffffffff81426893 <scsi_proc_hostdir_rm+35>:        subb   $0x1,0x102(%rbx)
   0xffffffff8142689a <scsi_proc_hostdir_rm+42>:        jne    
0xffffffff814268c4 <scsi_proc_hostdir_rm+84>
   0xffffffff8142689c <scsi_proc_hostdir_rm+44>:        cmpq   $0x0,0xe0(%rbx)
   0xffffffff814268a4 <scsi_proc_hostdir_rm+52>:        je     
0xffffffff814268c4 <scsi_proc_hostdir_rm+84>
   0xffffffff814268a6 <scsi_proc_hostdir_rm+54>:        mov    0xd8(%rbx),%rdi
   0xffffffff814268ad <scsi_proc_hostdir_rm+61>:        mov    
0x1d003c4(%rip),%rsi        # 0xffffffff83126c78 <proc_scsi>
   0xffffffff814268b4 <scsi_proc_hostdir_rm+68>:        callq  
0xffffffff81200630 <remove_proc_entry>
   0xffffffff814268b9 <scsi_proc_hostdir_rm+73>:        movq   $0x0,0xe0(%rbx)
   0xffffffff814268c4 <scsi_proc_hostdir_rm+84>:        mov    
$0xffffffff81eae100,%rdi
   0xffffffff814268cb <scsi_proc_hostdir_rm+91>:        callq  
0xffffffff8172b2d0 <mutex_unlock>
   0xffffffff814268d0 <scsi_proc_hostdir_rm+96>:        pop    %rbx
   0xffffffff814268d1 <scsi_proc_hostdir_rm+97>:        pop    %rbp
   0xffffffff814268d2 <scsi_proc_hostdir_rm+98>:        retq   
   0xffffffff814268d3:  data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
End of assembler dump.
crash> q

Reply via email to