[bug report][bisected] blktests nvme/tcp nvme/030 failed on latest linux-block/for-next
Chaitanya Kulkarni
chaitanyak at nvidia.com
Wed Aug 3 12:37:27 PDT 2022
(++ Martin Belanger)
Martin,
On 8/3/22 09:43, Yi Zhang wrote:
> So the bisect shows it was introduced from the below commit:
>
> commit 86c2457a8e8112f16af8fd10a3e1dd7a302c3c3e (refs/bisect/bad)
> Author: Martin Belanger <martin.belanger at dell.com>
> Date: Tue Feb 8 14:33:46 2022 -0500
>
> nvme: expose cntrltype and dctype through sysfs
>
> On Mon, Aug 1, 2022 at 8:37 PM Yi Zhang <yi.zhang at redhat.com> wrote:
>>
>> Hello
>>
>> nvme/030 triggered several errors during CKI tests on
>> linux-block/for-next, pls help check it, and feel free to let me know
>> if you need any test/info, thanks.
>>
>> # nvme_trtype=tcp ./check nvme/030
>> nvme/030 (ensure the discovery generation counter is updated appropriately)
>> WARNING: Test did not clean up tcp device: nvme0
>> nvme/030 (ensure the discovery generation counter is updated
>> appropriately) [failed]
>> runtime ... 1.037s
>> --- tests/nvme/030.out 2022-07-31 21:17:30.609784852 -0400
>> +++ /root/blktests/results/nodev/nvme/030.out.bad 2022-08-01
>> 08:27:44.503898074 -0400
>> @@ -1,2 +1,3 @@
>> Running nvme/030
>> +failed to lookup subsystem for controller nvme0
>> Test complete
>>
>> [ 85.915692] run blktests nvme/030 at 2022-08-01 08:27:43
>> [ 86.114525] nvmet: adding nsid 1 to subsystem blktests-subsystem-1
>> [ 86.140842] nvmet_tcp: enabling port 0 (127.0.0.1:4420)
>> [ 86.214420] nvmet: creating discovery controller 1 for subsystem
>> nqn.2014-08.org.nvmexpress.discovery for NQN
>> nqn.2014-08.org.nvmexpress:uuid:03000200-0400-0500-0006-000700080009.
>> [ 86.237110] nvme nvme0: new ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery", addr 127.0.0.1:4420
>> [ 86.253530] nvme nvme0: Removing ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery"
>> [ 86.331176] nvmet: adding nsid 1 to subsystem blktests-subsystem-2
>> [ 86.383550] nvmet: creating discovery controller 1 for subsystem
>> nqn.2014-08.org.nvmexpress.discovery for NQN
>> nqn.2014-08.org.nvmexpress:uuid:03000200-0400-0500-0006-000700080009.
>> [ 86.403330] nvme nvme0: new ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery", addr 127.0.0.1:4420
>> [ 86.434229] nvmet: creating discovery controller 2 for subsystem
>> nqn.2014-08.org.nvmexpress.discovery for NQN
>> nqn.2014-08.org.nvmexpress:uuid:03000200-0400-0500-0006-000700080009.
>> [ 86.454261] nvme nvme1: new ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery", addr 127.0.0.1:4420
>> [ 86.469065] nvme nvme1: Removing ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery"
>> [ 86.493389] nvmet: creating nvm controller 3 for subsystem
>> blktests-subsystem-1 for NQN
>> nqn.2014-08.org.nvmexpress:uuid:03000200-0400-0500-0006-000700080009.
>> [ 86.514580] nvme nvme2: creating 128 I/O queues.
>> [ 86.635316] nvme nvme2: mapped 128/0/0 default/read/poll queues.
>> [ 86.781777] nvme nvme0: starting error recovery
>> [ 86.788446] nvmet_tcp: queue 0 unhandled state 5
>> [ 86.790669] nvmet: connect request for invalid subsystem
>> blktests-subsystem-1!
>> [ 86.794306] nvme nvme0: Reconnecting in 10 seconds...
>> [ 86.814147] nvmet_tcp: queue 60 unhandled state 5
>> [ 86.819045] nvmet_tcp: queue 59 unhandled state 5
>> [ 86.821804] nvmet_tcp: queue 122 unhandled state 5
>> [ 86.823923] nvmet_tcp: queue 58 unhandled state 5
>> [ 86.828818] nvmet_tcp: queue 121 unhandled state 5
>> [ 86.833634] nvmet_tcp: queue 57 unhandled state 5
>> [ 86.838816] nvmet_tcp: queue 126 unhandled state 5
>> [ 86.843361] nvmet_tcp: queue 56 unhandled state 5
>> [ 86.848247] nvmet_tcp: queue 125 unhandled state 5
>> [ 86.853066] nvmet_tcp: queue 55 unhandled state 5
>> [ 86.857953] nvmet_tcp: queue 124 unhandled state 5
>> [ 86.862757] nvmet_tcp: queue 55 unhandled state 5
>> [ 86.862787] nvmet_tcp: queue 54 unhandled state 5
>> [ 86.862842] nvmet_tcp: queue 53 unhandled state 5
>> [ 86.862894] nvmet_tcp: queue 52 unhandled state 5
>> [ 86.862948] nvmet_tcp: queue 51 unhandled state 5
>> [ 86.862999] nvmet_tcp: queue 50 unhandled state 5
>> [ 86.863046] nvmet_tcp: queue 62 unhandled state 5
>> [ 86.863095] nvmet_tcp: queue 61 unhandled state 5
>> [ 86.867681] nvmet_tcp: queue 123 unhandled state 5
>> [ 86.872592] nvmet_tcp: queue 56 unhandled state 5
>> [ 86.872606] nvmet_tcp: queue 57 unhandled state 5
>> [ 86.872616] nvmet_tcp: queue 58 unhandled state 5
>> [ 86.877402] nvmet_tcp: queue 129 unhandled state 5
>> [ 86.882190] nvmet_tcp: queue 59 unhandled state 5
>> [ 86.882202] nvmet_tcp: queue 60 unhandled state 5
>> [ 86.887055] nvmet_tcp: queue 128 unhandled state 5
>> [ 86.891819] nvmet_tcp: queue 61 unhandled state 5
>> [ 86.891830] nvmet_tcp: queue 62 unhandled state 5
>> [ 86.896677] nvmet_tcp: queue 127 unhandled state 5
>> [ 86.901354] nvmet_tcp: queue 121 unhandled state 5
>> [ 86.901365] nvmet_tcp: queue 122 unhandled state 5
>> [ 87.088674] nvme nvme0: Removing ctrl: NQN
>> "nqn.2014-08.org.nvmexpress.discovery"
>> [ 87.096908] nvme nvme0: Property Set error: 880, offset 0x14
>> [ 87.102953] ------------[ cut here ]------------
>> [ 87.107668] DEBUG_LOCKS_WARN_ON(lock->magic != lock)
>> [ 87.107679] WARNING: CPU: 30 PID: 2499 at
>> kernel/locking/mutex.c:582 __mutex_lock+0xf73/0x13a0
>> [ 87.121591] Modules linked in: loop nvmet_tcp nvmet nvme_tcp
>> nvme_fabrics nvme_core intel_rapl_msr intel_rapl_common amd64_edac
>> edac_mce_amd rfkill kvm_amd sunrpc vfat kvm fat ipmi_ssif joydev
>> irqbypass acpi_ipmi rapl e1000e pcspkr ipmi_si ipmi_devintf i2c_piix4
>> k10temp ipmi_msghandler acpi_cpufreq fuse zram xfs libcrc32c ast
>> i2c_algo_bit drm_vram_helper sd_mod t10_pi drm_kms_helper
>> crc64_rocksoft_generic syscopyarea sysfillrect crc64_rocksoft
>> sysimgblt crc64 fb_sys_fops drm_ttm_helper crct10dif_pclmul
>> crc32_pclmul ttm crc32c_intel ahci libahci ghash_clmulni_intel drm
>> libata ccp sp5100_tco dm_mod
>> [ 87.175439] CPU: 30 PID: 2499 Comm: nvme Not tainted 5.19.0-rc8+ #1
>> [ 87.181737] Hardware name: AMD Corporation Speedway/Speedway, BIOS
>> RSW100BB 11/14/2018
>> [ 87.189857] RIP: 0010:__mutex_lock+0xf73/0x13a0
>> [ 87.194388] Code: 08 84 d2 0f 85 0f 04 00 00 8b 05 60 28 f2 01 85
>> c0 0f 85 f4 f1 ff ff 48 c7 c6 a0 46 6a ac 48 c7 c7 20 44 6a ac e8 ad
>> f1 ea ff <0f> 0b e9 da f1 ff ff e8 d1 de 5a fe e9 c6 f1 ff ff 48 c7 c7
>> 80 19
>> [ 87.213587] RSP: 0018:ffff889604037af0 EFLAGS: 00010286
>> [ 87.218916] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
>> [ 87.226184] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffed12c0806f4e
>> [ 87.233453] RBP: ffff889604037c40 R08: 0000000000000001 R09: ffff889c1d7efccb
>> [ 87.240728] R10: ffffed1383afdf99 R11: 0000000000000014 R12: 0000000000000000
>> [ 87.247995] R13: dffffc0000000000 R14: ffff888e01517860 R15: ffff889604037dc0
>> [ 87.255263] FS: 00007f0036b9a780(0000) GS:ffff889c1d600000(0000)
>> knlGS:0000000000000000
>> [ 87.263503] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 87.269359] CR2: 000055f3e1307000 CR3: 00000015c466c000 CR4: 00000000003506e0
>> [ 87.276540] Call Trace:
>> [ 87.279099] <TASK>
>> [ 87.281245] ? mark_held_locks+0xa5/0xf0
>> [ 87.285253] ? nvme_tcp_stop_queue+0x50/0xa0 [nvme_tcp]
>> [ 87.290498] ? mutex_lock_io_nested+0x1220/0x1220
>> [ 87.295352] ? __cancel_work_timer+0x202/0x450
>> [ 87.299800] ? lockdep_hardirqs_on+0x79/0x100
>> [ 87.304306] ? mod_delayed_work_on+0xf0/0xf0
>> [ 87.308575] ? del_timer+0x110/0x110
>> [ 87.312282] ? lockdep_hardirqs_on_prepare.part.0+0x19f/0x390
>> [ 87.318058] ? nvme_tcp_stop_queue+0x50/0xa0 [nvme_tcp]
>> [ 87.323437] nvme_tcp_stop_queue+0x50/0xa0 [nvme_tcp]
>> [ 87.328502] nvme_tcp_delete_ctrl+0x93/0xd0 [nvme_tcp]
>> [ 87.333798] nvme_do_delete_ctrl+0x133/0x13d [nvme_core]
>> [ 87.339224] nvme_sysfs_delete.cold+0x8/0xd [nvme_core]
>> [ 87.344564] kernfs_fop_write_iter+0x359/0x530
>> [ 87.349012] new_sync_write+0x2b9/0x500
>> [ 87.352985] ? new_sync_read+0x4f0/0x4f0
>> [ 87.356990] ? lock_downgrade+0x130/0x130
>> [ 87.361082] ? lock_is_held_type+0xdd/0x130
>> [ 87.365351] ? lock_is_held_type+0xdd/0x130
>> [ 87.369538] vfs_write+0x639/0x9b0
>> [ 87.373063] ksys_write+0x106/0x1e0
>> [ 87.376623] ? __ia32_sys_read+0xa0/0xa0
>> [ 87.380629] ? lockdep_hardirqs_on_prepare.part.0+0x19f/0x390
>> [ 87.386486] ? syscall_enter_from_user_mode+0x20/0x70
>> [ 87.391639] do_syscall_64+0x3a/0x90
>> [ 87.395291] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>> [ 87.400354] RIP: 0033:0x7f0036cb5bd4
>> [ 87.404064] Code: 15 51 72 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff
>> ff eb b7 0f 1f 00 f3 0f 1e fa 80 3d 2d fa 0d 00 00 74 13 b8 01 00 00
>> 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 48 89 54 24
>> 18 48
>> [ 87.423163] RSP: 002b:00007ffea6c242b8 EFLAGS: 00000202 ORIG_RAX:
>> 0000000000000001
>> [ 87.430875] RAX: ffffffffffffffda RBX: 000055f3e1306b30 RCX: 00007f0036cb5bd4
>> [ 87.438059] RDX: 0000000000000001 RSI: 00007f0036de475e RDI: 0000000000000003
>> [ 87.445293] RBP: 000055f3e1306610 R08: 000055f3e1307010 R09: 0000000000000073
>> [ 87.452623] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003
>> [ 87.459890] R13: 0000000000000000 R14: 000055f3e1306610 R15: 00007ffea6c26109
>> [ 87.467164] </TASK>
>> [ 87.469398] irq event stamp: 18139
>> [ 87.472869] hardirqs last enabled at (18139): [<ffffffffa9e7a0e9>]
>> __cancel_work_timer+0x179/0x450
>> [ 87.482082] hardirqs last disabled at (18138): [<ffffffffa9e79a3f>]
>> try_to_grab_pending+0x1ef/0x630
>> [ 87.491294] softirqs last enabled at (18104): [<ffffffffac400693>]
>> __do_softirq+0x693/0xafb
>> [ 87.499890] softirqs last disabled at (17945): [<ffffffffa9e23ea7>]
>> __irq_exit_rcu+0x1c7/0x2c0
>> [ 87.508668] ---[ end trace 0000000000000000 ]---
>> [ 87.546650] nvme nvme2: Removing ctrl: NQN "blktests-subsystem-1"
>> [ 87.553627] nvme nvme2: Connect command failed, error wo/DNR bit: -16388
>> [ 87.560479] nvme nvme2: failed to connect queue: 122 ret=-4
>> [ 87.566195] ==================================================================
>> [ 87.573540] BUG: KASAN: use-after-free in blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.578916] nvme nvme2: failed to send request -32
>> [ 87.580720] Read of size 4 at addr ffff8896046c7604 by task nvme/2308
>>
>> [ 87.580731] CPU: 75 PID: 2308 Comm: nvme Tainted: G W
>> 5.19.0-rc8+ #1
>> [ 87.585689] nvme nvme2: Property Set error: 880, offset 0x14
>> [ 87.592213] Hardware name: AMD Corporation Speedway/Speedway, BIOS
>> RSW100BB 11/14/2018
>> [ 87.592220] Call Trace:
>> [ 87.592224] <TASK>
>> [ 87.619909] ? blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.624695] dump_stack_lvl+0x4c/0x63
>> [ 87.628492] print_address_description.constprop.0+0x1f/0x1e0
>> [ 87.634340] ? blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.639212] ? blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.644083] print_report.cold+0x58/0x26b
>> [ 87.648164] ? rcu_read_lock_sched_held+0x10/0x70
>> [ 87.652950] ? lock_acquired+0x288/0x360
>> [ 87.656945] ? blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.661815] kasan_report+0xe3/0x120
>> [ 87.665451] ? blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.670323] blk_mq_tagset_busy_iter+0xa7c/0xd40
>> [ 87.675020] ? rcu_read_lock_sched_held+0x10/0x70
>> [ 87.679803] ? blk_mq_cancel_work_sync+0x50/0x50
>> [ 87.684500] ? percpu_ref_tryget_many.constprop.0+0x1a0/0x1a0
>> [ 87.690347] ? percpu_ref_tryget_many.constprop.0+0x1a0/0x1a0
>> [ 87.696191] ? wait_for_completion_io_timeout+0x20/0x20
>> [ 87.701512] blk_mq_tagset_wait_completed_request+0x81/0xc0
>> [ 87.707180] ? blk_mq_tagset_busy_iter+0xd40/0xd40
>> [ 87.711966] nvme_tcp_configure_io_queues.cold+0x90c/0xbc9 [nvme_tcp]
>> [ 87.718499] ? nvme_tcp_alloc_queue+0x1e50/0x1e50 [nvme_tcp]
>> [ 87.724326] ? nvme_tcp_configure_admin_queue+0x688/0x840 [nvme_tcp]
>> [ 87.730789] nvme_tcp_setup_ctrl+0x1b8/0x590 [nvme_tcp]
>> [ 87.736103] ? rcu_read_lock_sched_held+0x3f/0x70
>> [ 87.740886] nvme_tcp_create_ctrl+0x92d/0xbb0 [nvme_tcp]
>> [ 87.746291] nvmf_create_ctrl+0x2ee/0x8c0 [nvme_fabrics]
>> [ 87.751697] nvmf_dev_write+0xd3/0x170 [nvme_fabrics]
>> [ 87.756749] vfs_write+0x1bc/0x9b0
>> [ 87.760280] ksys_write+0x106/0x1e0
>> [ 87.763829] ? __ia32_sys_read+0xa0/0xa0
>> [ 87.767818] ? lockdep_hardirqs_on_prepare.part.0+0x19f/0x390
>> [ 87.773660] ? syscall_enter_from_user_mode+0x20/0x70
>> [ 87.778802] do_syscall_64+0x3a/0x90
>> [ 87.782440] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>> [ 87.787492] RIP: 0033:0x7ffb8ff34bd4
>> [ 87.791204] Code: 15 51 72 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff
>> ff eb b7 0f 1f 00 f3 0f 1e fa 80 3d 2d fa 0d 00 00 74 13 b8 01 00 00
>> 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 48 89 54 24
>> 18 48
>> [ 87.810293] RSP: 002b:00007fff0fd6ca18 EFLAGS: 00000202 ORIG_RAX:
>> 0000000000000001
>> [ 87.817904] RAX: ffffffffffffffda RBX: 0000563964c22df0 RCX: 00007ffb8ff34bd4
>> [ 87.825231] RDX: 00000000000000b2 RSI: 0000563964c22df0 RDI: 0000000000000004
>> [ 87.832484] RBP: 0000000000000004 R08: 00000000000000b2 R09: 0000563964c22df0
>> [ 87.839650] R10: 0000000000000000 R11: 0000000000000202 R12: 0000563964c20540
>> [ 87.846978] R13: 00000000000000b2 R14: 00007ffb90063100 R15: 00007ffb9006313d
>> [ 87.854238] </TASK>
>>
>> [ 87.857974] Allocated by task 2308:
>> [ 87.861523] kasan_save_stack+0x2f/0x50
>> [ 87.865425] __kasan_kmalloc+0x88/0xb0
>> [ 87.869237] blk_mq_init_tags+0x59/0x140
>> [ 87.873137] blk_mq_alloc_map_and_rqs+0x96/0x300
>> [ 87.877904] blk_mq_alloc_set_map_and_rqs+0x1b5/0x5d0
>> [ 87.883042] blk_mq_alloc_tag_set+0x4d4/0x920
>> [ 87.887474] nvme_tcp_configure_io_queues.cold+0x708/0xbc9 [nvme_tcp]
>> [ 87.894025] nvme_tcp_setup_ctrl+0x1b8/0x590 [nvme_tcp]
>> [ 87.899341] nvme_tcp_create_ctrl+0x92d/0xbb0 [nvme_tcp]
>> [ 87.904746] nvmf_create_ctrl+0x2ee/0x8c0 [nvme_fabrics]
>> [ 87.910149] nvmf_dev_write+0xd3/0x170 [nvme_fabrics]
>> [ 87.915288] vfs_write+0x1bc/0x9b0
>> [ 87.918747] ksys_write+0x106/0x1e0
>> [ 87.922294] do_syscall_64+0x3a/0x90
>> [ 87.925928] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>>
>> [ 87.932579] Freed by task 2504:
>> [ 87.935771] kasan_save_stack+0x2f/0x50
>> [ 87.939669] kasan_set_track+0x21/0x30
>> [ 87.943479] kasan_set_free_info+0x20/0x40
>> [ 87.947642] __kasan_slab_free+0x108/0x170
>> [ 87.951806] slab_free_freelist_hook+0x11e/0x1d0
>> [ 87.956502] kfree+0xe1/0x320
>> [ 87.959518] __blk_mq_free_map_and_rqs+0x15c/0x240
>> [ 87.964390] blk_mq_free_tag_set+0x65/0x3a0
>> [ 87.968644] nvme_tcp_teardown_io_queues.part.0+0x20a/0x2a0 [nvme_tcp]
>> [ 87.975282] nvme_tcp_delete_ctrl+0x47/0xd0 [nvme_tcp]
>> [ 87.980507] nvme_do_delete_ctrl+0x133/0x13d [nvme_core]
>> [ 87.985919] nvme_sysfs_delete.cold+0x8/0xd [nvme_core]
>> [ 87.991242] kernfs_fop_write_iter+0x359/0x530
>> [ 87.995765] new_sync_write+0x2b9/0x500
>> [ 87.999663] vfs_write+0x639/0x9b0
>> [ 88.003121] ksys_write+0x106/0x1e0
>> [ 88.006578] do_syscall_64+0x3a/0x90
>> [ 88.010198] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>>
>> [ 88.016920] The buggy address belongs to the object at ffff8896046c7600
>> which belongs to the cache kmalloc-256 of size 256
>> [ 88.029648] The buggy address is located 4 bytes inside of
>> 256-byte region [ffff8896046c7600, ffff8896046c7700)
>>
>> [ 88.042919] The buggy address belongs to the physical page:
>> [ 88.048583] page:000000003565eedb refcount:1 mapcount:0
>> mapping:0000000000000000 index:0xffff8896046c5e00 pfn:0x16046c0
>> [ 88.059561] head:000000003565eedb order:3 compound_mapcount:0
>> compound_pincount:0
>> [ 88.067172] flags:
>> 0xd7ffffc0010200(slab|head|node=3|zone=2|lastcpupid=0x1fffff)
>> [ 88.074701] raw: 00d7ffffc0010200 ffff889480000950 ffff889480000950
>> ffff88810004cd80
>> [ 88.082486] raw: ffff8896046c5e00 0000000000400010 00000001ffffffff
>> 0000000000000000
>> [ 88.090432] page dumped because: kasan: bad access detected
>>
>> [ 88.097608] Memory state around the buggy address:
>> [ 88.102478] ffff8896046c7500: fc fc fc fc fc fc fc fc fc fc fc fc
>> fc fc fc fc
>> [ 88.109821] ffff8896046c7580: fc fc fc fc fc fc fc fc fc fc fc fc
>> fc fc fc fc
>> [ 88.117164] >ffff8896046c7600: fa fb fb fb fb fb fb fb fb fb fb fb
>> fb fb fb fb
>> [ 88.124507] ^
>> [ 88.127790] ffff8896046c7680: fb fb fb fb fb fb fb fb fb fb fb fb
>> fb fb fb fb
>> [ 88.135133] ffff8896046c7700: fc fc fc fc fc fc fc fc fc fc fc fc
>> fc fc fc fc
>> [ 88.142476] ==================================================================
>> [ 88.149905] ------------[ cut here ]------------
>> [ 88.154619] refcount_t: underflow; use-after-free.
>> [ 88.159439] WARNING: CPU: 75 PID: 2308 at lib/refcount.c:28
>> refcount_warn_saturate+0x12a/0x190
>> [ 88.168241] Modules linked in: loop nvmet_tcp(-) nvmet nvme_tcp
>> nvme_fabrics nvme_core intel_rapl_msr intel_rapl_common amd64_edac
>> edac_mce_amd rfkill kvm_amd sunrpc vfat kvm fat ipmi_ssif joydev
>> irqbypass acpi_ipmi rapl e1000e pcspkr ipmi_si ipmi_devintf i2c_piix4
>> k10temp ipmi_msghandler acpi_cpufreq fuse zram xfs libcrc32c ast
>> i2c_algo_bit drm_vram_helper sd_mod t10_pi drm_kms_helper
>> crc64_rocksoft_generic syscopyarea sysfillrect crc64_rocksoft
>> sysimgblt crc64 fb_sys_fops drm_ttm_helper crct10dif_pclmul
>> crc32_pclmul ttm crc32c_intel ahci libahci ghash_clmulni_intel drm
>> libata ccp sp5100_tco dm_mod
>> [ 88.222334] CPU: 75 PID: 2308 Comm: nvme Tainted: G B W
>> 5.19.0-rc8+ #1
>> [ 88.230129] Hardware name: AMD Corporation Speedway/Speedway, BIOS
>> RSW100BB 11/14/2018
>> [ 88.238187] RIP: 0010:refcount_warn_saturate+0x12a/0x190
>> [ 88.243602] Code: eb a1 0f b6 1d 87 59 2c 03 80 fb 01 0f 87 85 9e
>> 30 01 83 e3 01 75 8c 48 c7 c7 60 99 8a ac c6 05 6b 59 2c 03 01 e8 c6
>> 98 29 01 <0f> 0b e9 72 ff ff ff 0f b6 1d 56 59 2c 03 80 fb 01 0f 87 42
>> 9e 30
>> [ 88.262611] RSP: 0018:ffff8881695cfc68 EFLAGS: 00010282
>> [ 88.267995] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
>> [ 88.275261] RDX: 0000000000000001 RSI: ffffffffac8ae120 RDI: ffffed102d2b9f7d
>> [ 88.282525] RBP: 0000000000000003 R08: 0000000000000001 R09: ffff888c2ebfd387
>> [ 88.289707] R10: ffffed1185d7fa70 R11: 0000000063666572 R12: ffff8888875e0490
>> [ 88.297031] R13: ffff8888875e0000 R14: 00000000fffffffc R15: 0000000000000000
>> [ 88.304208] FS: 00007ffb8fe39780(0000) GS:ffff888c2ea00000(0000)
>> knlGS:0000000000000000
>> [ 88.312417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 88.318334] CR2: 0000563964c22860 CR3: 0000000dc1fb0000 CR4: 00000000003506e0
>> [ 88.325510] Call Trace:
>> [ 88.328073] <TASK>
>> [ 88.330218] nvme_tcp_configure_io_queues.cold+0xb5c/0xbc9 [nvme_tcp]
>> [ 88.336782] ? nvme_tcp_alloc_queue+0x1e50/0x1e50 [nvme_tcp]
>> [ 88.342464] ? nvme_tcp_configure_admin_queue+0x688/0x840 [nvme_tcp]
>> [ 88.348999] nvme_tcp_setup_ctrl+0x1b8/0x590 [nvme_tcp]
>> [ 88.354331] ? rcu_read_lock_sched_held+0x3f/0x70
>> [ 88.359127] nvme_tcp_create_ctrl+0x92d/0xbb0 [nvme_tcp]
>> [ 88.364477] nvmf_create_ctrl+0x2ee/0x8c0 [nvme_fabrics]
>> [ 88.369843] nvmf_dev_write+0xd3/0x170 [nvme_fabrics]
>> [ 88.375051] vfs_write+0x1bc/0x9b0
>> [ 88.378524] ksys_write+0x106/0x1e0
>> [ 88.382084] ? __ia32_sys_read+0xa0/0xa0
>> [ 88.386085] ? lockdep_hardirqs_on_prepare.part.0+0x19f/0x390
>> [ 88.391939] ? syscall_enter_from_user_mode+0x20/0x70
>> [ 88.397091] do_syscall_64+0x3a/0x90
>> [ 88.400737] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>> [ 88.405888] RIP: 0033:0x7ffb8ff34bd4
>> [ 88.409446] Code: 15 51 72 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff
>> ff eb b7 0f 1f 00 f3 0f 1e fa 80 3d 2d fa 0d 00 00 74 13 b8 01 00 00
>> 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 48 89 54 24
>> 18 48
>> [ 88.428608] RSP: 002b:00007fff0fd6ca18 EFLAGS: 00000202 ORIG_RAX:
>> 0000000000000001
>> [ 88.436319] RAX: ffffffffffffffda RBX: 0000563964c22df0 RCX: 00007ffb8ff34bd4
>> [ 88.443583] RDX: 00000000000000b2 RSI: 0000563964c22df0 RDI: 0000000000000004
>> [ 88.450760] RBP: 0000000000000004 R08: 00000000000000b2 R09: 0000563964c22df0
>> [ 88.458001] R10: 0000000000000000 R11: 0000000000000202 R12: 0000563964c20540
>> [ 88.465328] R13: 00000000000000b2 R14: 00007ffb90063100 R15: 00007ffb9006313d
>> [ 88.472509] </TASK>
>> [ 88.474798] irq event stamp: 160688
>> [ 88.478354] hardirqs last enabled at (160687):
>> [<ffffffffac0a20d0>] _raw_spin_unlock_irqrestore+0x30/0x60
>> [ 88.488184] hardirqs last disabled at (160688):
>> [<ffffffffac08bae7>] __schedule+0xb37/0x1820
>> [ 88.496781] softirqs last enabled at (160660):
>> [<ffffffffac400693>] __do_softirq+0x693/0xafb
>> [ 88.505459] softirqs last disabled at (160651):
>> [<ffffffffa9e23ea7>] __irq_exit_rcu+0x1c7/0x2c0
>> [ 88.514318] ---[ end trace 0000000000000000 ]---
>> [ 88.518959] general protection fault, probably for non-canonical
>> address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI
>> [ 88.530580] KASAN: null-ptr-deref in range
>> [0x0000000000000000-0x0000000000000007]
>> [ 88.538276] CPU: 75 PID: 2308 Comm: nvme Tainted: G B W
>> 5.19.0-rc8+ #1
>> [ 88.546062] Hardware name: AMD Corporation Speedway/Speedway, BIOS
>> RSW100BB 11/14/2018
>> [ 88.554112] RIP: 0010:__blk_mq_free_map_and_rqs+0x88/0x240
>> [ 88.559690] Code: 00 00 48 8b 6b 68 41 89 f4 49 c1 e4 03 4c 01 e5
>> 45 85 ed 0f 85 07 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 e9 48
>> c1 e9 03 <80> 3c 01 00 0f 85 2e 01 00 00 4c 8b 6d 00 4d 85 ed 0f 84 df
>> 00 00
>> [ 88.578774] RSP: 0018:ffff8881695cfc00 EFLAGS: 00010256
>> [ 88.584088] RAX: dffffc0000000000 RBX: ffff8888875e0008 RCX: 0000000000000000
>> [ 88.591254] RDX: 0000000000000080 RSI: 0000000000000000 RDI: ffff8888875e0060
>> [ 88.598583] RBP: 0000000000000000 R08: 0000000000000001 R09: ffff888c2ebfd387
>> [ 88.605837] R10: ffffed1185d7fa70 R11: 0000000063666572 R12: 0000000000000000
>> [ 88.613090] R13: 0000000000000000 R14: ffff8888875e0070 R15: 0000000000000000
>> [ 88.620255] FS: 00007ffb8fe39780(0000) GS:ffff888c2ea00000(0000)
>> knlGS:0000000000000000
>> [ 88.628552] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 88.634394] CR2: 0000563964c22860 CR3: 0000000dc1fb0000 CR4: 00000000003506e0
>> [ 88.641648] Call Trace:
>> [ 88.644046] <TASK>
>> [ 88.646253] blk_mq_free_tag_set+0x65/0x3a0
>> [ 88.650507] ? refcount_warn_saturate+0x12c/0x190
>> [ 88.655291] nvme_tcp_configure_io_queues.cold+0xb86/0xbc9 [nvme_tcp]
>> [ 88.661845] ? nvme_tcp_alloc_queue+0x1e50/0x1e50 [nvme_tcp]
>> [ 88.667602] ? nvme_tcp_configure_admin_queue+0x688/0x840 [nvme_tcp]
>> [ 88.674066] nvme_tcp_setup_ctrl+0x1b8/0x590 [nvme_tcp]
>> [ 88.679381] ? rcu_read_lock_sched_held+0x3f/0x70
>> [ 88.684077] nvme_tcp_create_ctrl+0x92d/0xbb0 [nvme_tcp]
>> [ 88.689553] nvmf_create_ctrl+0x2ee/0x8c0 [nvme_fabrics]
>> [ 88.694957] nvmf_dev_write+0xd3/0x170 [nvme_fabrics]
>> [ 88.700007] vfs_write+0x1bc/0x9b0
>> [ 88.703541] ksys_write+0x106/0x1e0
>> [ 88.707000] ? __ia32_sys_read+0xa0/0xa0
>> [ 88.711063] ? lockdep_hardirqs_on_prepare.part.0+0x19f/0x390
>> [ 88.716907] ? syscall_enter_from_user_mode+0x20/0x70
>> [ 88.722045] do_syscall_64+0x3a/0x90
>> [ 88.725682] entry_SYSCALL_64_after_hwframe+0x63/0xcd
>> [ 88.730819] RIP: 0033:0x7ffb8ff34bd4
>> [ 88.734455] Code: 15 51 72 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff
>> ff eb b7 0f 1f 00 f3 0f 1e fa 80 3d 2d fa 0d 00 00 74 13 b8 01 00 00
>> 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 48 89 54 24
>> 18 48
>> [ 88.753451] RSP: 002b:00007fff0fd6ca18 EFLAGS: 00000202 ORIG_RAX:
>> 0000000000000001
>> [ 88.761132] RAX: ffffffffffffffda RBX: 0000563964c22df0 RCX: 00007ffb8ff34bd4
>> [ 88.768371] RDX: 00000000000000b2 RSI: 0000563964c22df0 RDI: 0000000000000004
>> [ 88.775700] RBP: 0000000000000004 R08: 00000000000000b2 R09: 0000563964c22df0
>> [ 88.782865] R10: 0000000000000000 R11: 0000000000000202 R12: 0000563964c20540
>> [ 88.790192] R13: 00000000000000b2 R14: 00007ffb90063100 R15: 00007ffb9006313d
>> [ 88.797452] </TASK>
>> [ 88.799672] Modules linked in: loop nvmet_tcp(-) nvmet nvme_tcp
>> nvme_fabrics nvme_core intel_rapl_msr intel_rapl_common amd64_edac
>> edac_mce_amd rfkill kvm_amd sunrpc vfat kvm fat ipmi_ssif joydev
>> irqbypass acpi_ipmi rapl e1000e pcspkr ipmi_si ipmi_devintf i2c_piix4
>> k10temp ipmi_msghandler acpi_cpufreq fuse zram xfs libcrc32c ast
>> i2c_algo_bit drm_vram_helper sd_mod t10_pi drm_kms_helper
>> crc64_rocksoft_generic syscopyarea sysfillrect crc64_rocksoft
>> sysimgblt crc64 fb_sys_fops drm_ttm_helper crct10dif_pclmul
>> crc32_pclmul ttm crc32c_intel ahci libahci ghash_clmulni_intel drm
>> libata ccp sp5100_tco dm_mod
>> [ 88.853746] ---[ end trace 0000000000000000 ]---
>> [ 88.858451] RIP: 0010:__blk_mq_free_map_and_rqs+0x88/0x240
>> [ 88.863950] Code: 00 00 48 8b 6b 68 41 89 f4 49 c1 e4 03 4c 01 e5
>> 45 85 ed 0f 85 07 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 e9 48
>> c1 e9 03 <80> 3c 01 00 0f 85 2e 01 00 00 4c 8b 6d 00 4d 85 ed 0f 84 df
>> 00 00
>> [ 88.883111] RSP: 0018:ffff8881695cfc00 EFLAGS: 00010256
>> [ 88.888440] RAX: dffffc0000000000 RBX: ffff8888875e0008 RCX: 0000000000000000
>> [ 88.895621] RDX: 0000000000000080 RSI: 0000000000000000 RDI: ffff8888875e0060
>> [ 88.902946] RBP: 0000000000000000 R08: 0000000000000001 R09: ffff888c2ebfd387
>> [ 88.910216] R10: ffffed1185d7fa70 R11: 0000000063666572 R12: 0000000000000000
>> [ 88.917489] R13: 0000000000000000 R14: ffff8888875e0070 R15: 0000000000000000
>> [ 88.924757] FS: 00007ffb8fe39780(0000) GS:ffff888c2ea00000(0000)
>> knlGS:0000000000000000
>> [ 88.932998] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 88.938854] CR2: 0000563964c22860 CR3: 0000000dc1fb0000 CR4: 00000000003506e0
>>
>> --
>> Best Regards,
>> Yi Zhang
>
Please have a look at this.
-ck
More information about the Linux-nvme
mailing list