On 11/7/22 09:28, Gerd Bayer wrote: > Hi, > > our internal s390 CI pointed us to a potential racy "use after free" or similar > issue in drivers/nvme/host/pci.c by ending one of the tests in the following > kernel panic: > Thanks a lot for reporting this ... [...] > > On a stock kernel from > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tag/?h=next-20221104 > we have been able to reproduce this at will with > this small script > > #!/usr/bin/env bash > > echo $1 > /sys/bus/pci/drivers/nvme/unbind > echo $1 > /sys/bus/pci/drivers/nvme/bind > echo 1 > /sys/bus/pci/devices/$1/remove > > when filling in the NVMe drives' PCI identifier. > Can you please submit a blktests for this ? so this will get tested by everyone at each release ? > We believe this to be a race-condition somewhere, since this sequence does not produce the panic > when executed interactively. > You can try and bisect the code to point out at exact commit. > Could this be linked to the recent (refactoring) work by Christoph Hellwig? > E.g. https://lore.kernel.org/all/20221101150050.3510-3-hch@xxxxxx/ > > Thank you, > Gerd Bayer > > -ck
