null-ptr-deref in nvmet_execute_disc_get_log_page

Daniel Wagner dwagner at suse.de
Mon Feb 20 09:58:24 PST 2023 

FYI, while trying to get the block test running with the fc transport, I was greeted
with a NULL pointer:


 run blktests nvme/012 at 2023-02-20 18:47:35
 nvme nvme0: NVME-FC{0}: connectivity re-established. Attempting reconnect
 loop1: detected capacity change from 0 to 2097152
 nvmet: adding nsid 1 to subsystem blktests-subsystem-1
 nvme nvme0: NVME-FC{0}: create association : host wwpn 0x20001100aa000002  rport wwpn 0x20001100aa000001: NQN "nqn.2014-08.org.nvmexpress.discovery"
 (NULL device *): {1:0} Association created
 nvmet: creating discovery controller 1 for subsystem nqn.2014-08.org.nvmexpress.discovery for NQN nqn.2014-08.org.nvmexpress:uuid:2cd2c43b-a90a-45c1-a8cd-86b33ab273b5.
 nvme nvme0: NVME-FC{0}: controller connect complete
 nvme nvme3: NVME-FC{1}: create association : host wwpn 0x20001100aa000002  rport wwpn 0x20001100aa000001: NQN "blktests-subsystem-1"
 (NULL device *): {1:1} Association created
 nvmet: creating nvm controller 2 for subsystem blktests-subsystem-1 for NQN nqn.2014-08.org.nvmexpress:uuid:2cd2c43b-a90a-45c1-a8cd-86b33ab273b5.
 nvme nvme3: NVME-FC{1}: controller connect complete
 nvme nvme3: NVME-FC{1}: new ctrl: NQN "blktests-subsystem-1"
 XFS (nvme3n1): Mounting V5 Filesystem 956f6501-fcdc-4059-8d9d-1f759e9e0be0
 XFS (nvme3n1): Ending clean mount
 xfs filesystem being mounted at /mnt/blktests supports timestamps until 2038 (0x7fffffff)
 XFS (nvme3n1): Unmounting Filesystem 956f6501-fcdc-4059-8d9d-1f759e9e0be0
 nvme nvme3: Removing ctrl: NQN "blktests-subsystem-1"
 (NULL device *): {1:1} Association deleted
 (NULL device *): {1:1} Association freed
 (NULL device *): Disconnect LS failed: No Association
 ==================================================================
 BUG: KASAN: null-ptr-deref in nvmet_execute_disc_get_log_page+0x19b/0x5a0 [nvmet]
 Read of size 8 at addr 0000000000000520 by task kworker/2:0/2553

 CPU: 2 PID: 2553 Comm: kworker/2:0 Kdump: loaded Not tainted 6.2.0+ #4 7ac3eece8c11633fa2815efb5a20b1c5b55011f5
 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015
 Workqueue: nvmet-wq fcloop_fcp_recv_work [nvme_fcloop]
 Call Trace:
  <TASK>
  dump_stack_lvl+0x5a/0x80
  print_report+0x103/0x220
  ? __virt_addr_valid+0x2a/0x170
  ? trace_lock_acquired+0x55/0x130
  ? trace_lock_acquired+0x55/0x130
  ? nvmet_execute_disc_get_log_page+0x19b/0x5a0 [nvmet b6cfd0efddc3f6e687219ea59b5a92b951bb0ddd]


I try to figure out what's happening here but maybe someone has already an idea
what it could be.

More information about the Linux-nvme mailing list