From: Hou Pu <houpu.main@gmail.com>
To: Hannes Reinecke <hare@suse.de>
Cc: Sagi Grimberg <sagi@grimberg.me>,
hch@lst.de, Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>,
linux-nvme@lists.infradead.org
Subject: Re: [PATCH] nvmet: use new ana_log_size instead the old one
Date: Thu, 27 May 2021 19:33:16 +0800 [thread overview]
Message-ID: <CAKHcvQitkVOdjGNxpsfV+45JZ6eiB+J3j9Ujiky-HBcembxsjQ@mail.gmail.com> (raw)
In-Reply-To: <ab5cb841-abd6-16a9-af4f-a4824838d684@suse.de>
On Thu, May 27, 2021 at 7:24 PM Hannes Reinecke <hare@suse.de> wrote:
>
> On 5/13/21 3:04 PM, Hou Pu wrote:
> > The new ana_log_size should be used instead of the old one.
> > Or kernel NULL pointer dereference will happen like below:
> >
> > [ 38.957849][ T69] BUG: kernel NULL pointer dereference, address: 000000000000003c
> > [ 38.975550][ T69] #PF: supervisor write access in kernel mode
> > [ 38.975955][ T69] #PF: error_code(0x0002) - not-present page
> > [ 38.976905][ T69] PGD 0 P4D 0
> > [ 38.979388][ T69] Oops: 0002 [#1] SMP NOPTI
> > [ 38.980488][ T69] CPU: 0 PID: 69 Comm: kworker/0:2 Not tainted 5.12.0+ #54
> > [ 38.981254][ T69] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
> > [ 38.982502][ T69] Workqueue: events nvme_loop_execute_work
> > [ 38.985219][ T69] RIP: 0010:memcpy_orig+0x68/0x10f
> > [ 38.986203][ T69] Code: 83 c2 20 eb 44 48 01 d6 48 01 d7 48 83 ea 20 0f 1f 00 48 83 ea 20 4c 8b 46 f8 4c 8b 4e f0 4c 8b 56 e8 4c 8b 5e e0 48 8d 76 e0 <4c> 89 47 f8 4c 89 4f f0 4c 89 57 e8 4c 89 5f e0 48 8d 7f e0 73 d2
> > [ 38.987677][ T69] RSP: 0018:ffffc900001b7d48 EFLAGS: 00000287
> > [ 38.987996][ T69] RAX: 0000000000000020 RBX: 0000000000000024 RCX: 0000000000000010
> > [ 38.988327][ T69] RDX: ffffffffffffffe4 RSI: ffff8881084bc004 RDI: 0000000000000044
> > [ 38.988620][ T69] RBP: 0000000000000024 R08: 0000000100000000 R09: 0000000000000000
> > [ 38.988991][ T69] R10: 0000000100000000 R11: 0000000000000001 R12: 0000000000000024
> > [ 38.989289][ T69] R13: ffff8881084bc000 R14: 0000000000000000 R15: 0000000000000024
> > [ 38.989845][ T69] FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
> > [ 38.990234][ T69] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > [ 38.990490][ T69] CR2: 000000000000003c CR3: 00000001085b2000 CR4: 00000000000006f0
> > [ 38.991105][ T69] Call Trace:
> > [ 38.994157][ T69] sg_copy_buffer+0xb8/0xf0
> > [ 38.995357][ T69] nvmet_copy_to_sgl+0x48/0x6d
> > [ 38.995565][ T69] nvmet_execute_get_log_page_ana+0xd4/0x1cb
> > [ 38.995792][ T69] nvmet_execute_get_log_page+0xc9/0x146
> > [ 38.995992][ T69] nvme_loop_execute_work+0x3e/0x44
> > [ 38.996181][ T69] process_one_work+0x1c3/0x3c0
> > [ 38.996393][ T69] worker_thread+0x44/0x3d0
> > [ 38.996600][ T69] ? cancel_delayed_work+0x90/0x90
> > [ 38.996804][ T69] kthread+0xf7/0x130
> > [ 38.996961][ T69] ? kthread_create_worker_on_cpu+0x70/0x70
> > [ 38.997171][ T69] ret_from_fork+0x22/0x30
> > [ 38.997705][ T69] Modules linked in:
> > [ 38.998741][ T69] CR2: 000000000000003c
> > [ 39.000104][ T69] ---[ end trace e719927b609d0fa0 ]---
> >
> > Fixes: 5e1f689913a4 ("nvme-multipath: fix double initialization of ANA state")
> > Signed-off-by: Hou Pu <houpu.main@gmail.com>
> > ---
> > drivers/nvme/host/multipath.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c
> > index deb14562c96a..f81871c7128a 100644
> > --- a/drivers/nvme/host/multipath.c
> > +++ b/drivers/nvme/host/multipath.c
> > @@ -817,7 +817,7 @@ int nvme_mpath_init_identify(struct nvme_ctrl *ctrl, struct nvme_id_ctrl *id)
> > if (ana_log_size > ctrl->ana_log_size) {
> > nvme_mpath_stop(ctrl);
> > kfree(ctrl->ana_log_buf);
> > - ctrl->ana_log_buf = kmalloc(ctrl->ana_log_size, GFP_KERNEL);
> > + ctrl->ana_log_buf = kmalloc(ana_log_size, GFP_KERNEL);
> > if (!ctrl->ana_log_buf)
> > return -ENOMEM;
> > }
> >
> Please fixup the subject line; this is _not_ for nvmet, but rather the
> initiator side 'nvme'.
>
> Otherwise:
>
> Reviewed-by: Hannes Reinecke <hare@suse.de>
>
> Christoph, please pull this in; it reliably kills my testbed ...
I found that this patch has been applied to nvme-5.13 already.
I am sorry for the improper subject line.
Thanks,
Hou
>
> Cheers,
>
> Hannes
> --
> Dr. Hannes Reinecke Kernel Storage Architect
> hare@suse.de +49 911 74053 688
> SUSE Software Solutions Germany GmbH, 90409 Nürnberg
> GF: F. Imendörffer, HRB 36809 (AG Nürnberg)
_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme
prev parent reply other threads:[~2021-05-27 11:33 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-13 13:04 [PATCH] nvmet: use new ana_log_size instead the old one Hou Pu
2021-05-27 11:24 ` Hannes Reinecke
2021-05-27 11:33 ` Hou Pu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKHcvQitkVOdjGNxpsfV+45JZ6eiB+J3j9Ujiky-HBcembxsjQ@mail.gmail.com \
--to=houpu.main@gmail.com \
--cc=chaitanya.kulkarni@wdc.com \
--cc=hare@suse.de \
--cc=hch@lst.de \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.