On Fri, 2017-06-02 at 18:14 +0000, Bart Van Assche wrote:
> Hello Nic,
>
> When I reran the libiscsi test suite against your for-next branch a kernel oops
> appeared in the system log that I hadn't seen before. There are no iSCSI patches
> from me on that branch so this crash was likely introduced by one of the iSCSI
> target driver patches that were added to your for-next branch after kernel v4.11
> was released. The topmost commit in the kernel tree that triggered this oops is
> commit acdd4716bc86 ("target: reject COMPARE_AND_WRITE if emulate_caw is not set").
>
Yep, nothing immediate comes to mind in the explicit logout path that
has changed recently.
> [ 321.546438] iscsi_target_mod:lio_release_cmd: Entering lio_release_cmd for se_cmd: ffff880063134890
> [ 323.013563] 1 connection(s) still exist for iSCSI session to iqn.2007-10.com.github:sahlberg:libiscsi:iscsi-test-2
> [ 323.014358] ------------[ cut here ]------------
> [ 323.014864] kernel BUG at drivers/target/iscsi/iscsi_target.c:4346!
> [ 323.015339] invalid opcode: 0000 [#1] SMP
> [ 323.015730] Modules linked in: target_core_user uio target_core_iblock target_core_file iscsi_target_mod target_core_mod brd netconsole configfs crct10dif_pclmul crc32_pclmul ghash_clmulni_intel
> aesni_intel aes_x86_64 crypto_simd cryptd glue_helper serio_raw virtio_rng virtio_console virtio_balloon i2c_piix4 button acpi_cpufreq iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ext4 jbd2
> mbcache virtio_blk virtio_net floppy psmouse virtio_pci
> [ 323.018009] CPU: 1 PID: 2292 Comm: iscsi_ttx Tainted: G W 4.12.0-rc1-dbg+ #1
> [ 323.018669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014
> [ 323.019139] task: ffff8801381b27c0 task.stack: ffffc90002a98000
> [ 323.019428] RIP: 0010:iscsit_close_session+0x1fd/0x200 [iscsi_target_mod]
> [ 323.019705] RSP: 0018:ffffc90002a9bd68 EFLAGS: 00010296
> [ 323.019960] RAX: 0000000000000066 RBX: ffff880067a412a8 RCX: 0000000000000006
> [ 323.020243] RDX: 0000000000000007 RSI: 0000000000000001 RDI: ffff88013fc8ce80
> [ 323.020525] RBP: ffffc90002a9bd80 R08: 0000000000000001 R09: 0000000000000000
> [ 323.020808] R10: 0000000000000000 R11: 0000000000000000 R12: ffff880138edb3f8
> [ 323.021092] R13: ffff880067a412a8 R14: 000000000000000f R15: 0000000000000005
> [ 323.021376] FS: 0000000000000000(0000) GS:ffff88013fc80000(0000) knlGS:0000000000000000
> [ 323.021820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 323.022082] CR2: 00007f9d1a3ab020 CR3: 0000000069ce8000 CR4: 00000000001406e0
> [ 323.022364] Call Trace:
> [ 323.022646] iscsit_logout_post_handler+0xb3/0x200 [iscsi_target_mod]
> [ 323.022925] iscsit_response_queue+0x3b5/0x7b0 [iscsi_target_mod]
> [ 323.024217] iscsi_target_tx_thread+0x11b/0x1e0 [iscsi_target_mod]
> [ 323.024998] kthread+0x109/0x140
> [ 323.025742] ret_from_fork+0x31/0x40
> [ 323.025970] Code: 00 00 00 00 00 48 89 df e8 c1 e0 fe ff e9 54 ff ff ff 8b b7 10 01 00 00 48 8b 97 08 04 00 00 48 c7 c7 b0 0d 25 a0 e8 73 84 ee e0 <0f> 0b 90 55 48 89 e5 41 57 41 56 41 55 4c 8d af
> 60 01 00 00 41
> [ 323.026680] RIP: iscsit_close_session+0x1fd/0x200 [iscsi_target_mod] RSP: ffffc90002a9bd68
> [ 323.027126] ---[ end trace 460f7ed74ba9e280 ]---
No luck reproducing with libiscsi yet, is there anything different about
how it's run than the earlier refcount_t warning..?
Eg: Just ./iscsi-test-cu --dataloss --allow-sanitize iscsi://$IP/$IQN1 iscsi://$IP/$IQN2
How many libiscsi test runs does it take to reproduce..?
--
To unsubscribe from this list: send the line "unsubscribe target-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
