private_find_iova() returns NULL and this led to BUG_ON(!iova) in iova_magazine_free_pfns()
Issue
Panic is triggered with the following log:
[72674.991494] kernel BUG at drivers/iommu/iova.c:826!
[72675.001054] Internal error: Oops - BUG: 0 [#1] SMP
[72675.031166] Modules linked in: ...
[72675.104848] CPU: 17 PID: 22354 Comm: add-something Tainted: G W OE --------- - - 4.18.0-193.6.3.el8_2.aarch64 #1
[72675.116183] Hardware name: ...
[72675.123370] pstate: a0400089 (NzCv daIf +PAN -UAO)
[72675.128140] pc : iova_magazine_free_pfns+0x90/0xc8
[72675.132910] lr : iova_magazine_free_pfns+0x8c/0xc8
[72675.137677] sp : ffff00002e46f130
[72675.140974] x29: ffff00002e46f130 x28: 0000000000080000
[72675.146259] x27: ffff808f95c07000 x26: 0000000000000000
[72675.151543] x25: ffff80978600c828 x24: 0000000000000000
[72675.156827] x23: 0000000000000011 x22: 0000000000000080
[72675.162111] x21: ffff808f9bb6a000 x20: ffff80978600c008
[72675.167400] x19: 0000000000000000 x18: 0000000000000001
[72675.172684] x17: 0000000000001b00 x16: ffff7fe024403000
[72675.177968] x15: ffffffffffffffff x14: ffff0000115d3708
[72675.183252] x13: 0000000000000000 x12: ffff000011fc6000
[72675.188536] x11: ffff00001160f000 x10: ffff000011fc63d8
[72675.193820] x9 : 0000000000000000 x8 : ffff808f8f665600
[72675.199108] x7 : 0000000000000000 x6 : 0000000000000011
[72675.204392] x5 : ffff0000105fb160 x4 : 0ffffffffffff00f
[72675.209676] x3 : 0000000000000011 x2 : ffffffffffffffff
[72675.214960] x1 : 00000000007fffff x0 : 0000000000000000
[72675.220245] Process add-something (pid: 22354, stack limit = 0x000000009a6aa6c2)
[72675.227779] Call trace:
[72675.230214] iova_magazine_free_pfns+0x90/0xc8
[72675.234636] free_cpu_cached_iovas+0x7c/0xc8
[72675.238885] alloc_iova_fast+0xb0/0x2b0
[72675.242703] iommu_dma_alloc_iova.isra.5+0xcc/0x138
[72675.247555] iommu_dma_map_sg+0x184/0x3a0
[72675.251547] nvme_queue_rq+0x21c/0x878 [nvme]
[72675.255884] __blk_mq_try_issue_directly+0x140/0x1c0
[72675.260824] blk_mq_request_issue_directly+0x60/0xb8
[72675.265765] blk_mq_try_issue_list_directly+0x64/0xe8
[72675.270793] blk_mq_sched_insert_requests+0xe0/0x140
[72675.275734] blk_mq_flush_plug_list+0x180/0x2d0
[72675.280243] blk_flush_plug_list+0xec/0x118
[72675.284408] blk_finish_plug+0x3c/0x4c
[72675.288137] shrink_node_memcg+0x2ac/0x678
[72675.292214] shrink_node+0xbc/0x450
[72675.295683] do_try_to_free_pages+0xe8/0x3d0
[72675.299932] try_to_free_pages+0xe8/0x228
[72675.303921] __alloc_pages_nodemask+0x504/0xd70
[72675.308430] alloc_pages_vma+0x90/0x1f8
[72675.312247] do_anonymous_page+0x1f0/0x508
[72675.316324] __handle_mm_fault+0x4dc/0x590
[72675.320401] handle_mm_fault+0xf8/0x1a0
[72675.324218] __get_user_pages+0x218/0x398
[72675.328207] populate_vma_page_range+0x80/0x90
[72675.332628] __mm_populate+0xc8/0x170
[72675.336273] vm_mmap_pgoff+0x118/0x120
[72675.340003] ksys_mmap_pgoff+0x1d8/0x230
[72675.343909] __arm64_sys_mmap+0x34/0x48
[72675.347726] el0_svc_handler+0xb4/0x188
[72675.351544] el0_svc+0x8/0xc
[72675.354411] Code: aa1403e0 f9400421 97ffff56 b5fffe80 (d4210000)
[72675.360475] ---[ end trace 49abe71ba01215f9 ]---
[72675.369760] Kernel panic - not syncing: Fatal exception
[72675.374960] SMP: stopping secondary CPUs
[72676.456355] SMP: failed to stop secondary CPUs 0-3,12-16,18-59
[72676.462168] Kernel Offset: disabled
[72676.465642] CPU features: 0x0002,2ae08a38
[72676.469630] Memory Limit: none
[72676.473878] Starting crashdump kernel...
Environment
- Red Hat Enterprise Linux release 8
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
