[dm-devel] [PATCH v3 0/8] dm: add request-based blk-mq support

Mike Snitzer snitzer at redhat.com
Wed Dec 24 18:21:43 UTC 2014 

On Wed, Dec 24 2014 at  8:02am -0500,
Bart Van Assche <bvanassche at acm.org> wrote:

> On 12/23/14 22:42, Mike Snitzer wrote:
> > I've rebased with this fix folded into both the 'for-next' and
> > 'dm-for-3.20-blk-mq' branches of linux-dm.git
> 
> Thanks, that's appreciated. However, with this tree I ran into a
> different issue:
> 
> BUG: unable to handle kernel NULL pointer dereference at 00000000000002a0
> IP: [<ffffffff811b2d18>] blk_account_io_completion+0x48/0x90
> PGD 8150b6067 PUD 8150b4067 PMD 0 
> Oops: 0000 [#1] SMP 
...
> Call Trace:
>  <IRQ> 
>  [<ffffffff811b2d9a>] blk_update_request+0x3a/0x300
>  [<ffffffffa000902f>] scsi_end_request+0x2f/0x1e0 [scsi_mod]
>  [<ffffffffa000b451>] scsi_io_completion+0x101/0x690 [scsi_mod]
>  [<ffffffffa000124a>] scsi_finish_command+0xca/0x130 [scsi_mod]
>  [<ffffffffa000abff>] scsi_softirq_done+0x12f/0x160 [scsi_mod]
>  [<ffffffff811ba1de>] __blk_mq_complete_request_remote+0xe/0x10
>  [<ffffffff8109ea6d>] generic_smp_call_function_single_interrupt+0x5d/0x150
>  [<ffffffff8102c382>] smp_call_function_single_interrupt+0x22/0x40
>  [<ffffffff813e925a>] call_function_single_interrupt+0x6a/0x70
>  <EOI> 
>  [<ffffffff812f0b15>] ? cpuidle_enter_state+0x55/0xc0
>  [<ffffffff812f0b07>] ? cpuidle_enter_state+0x47/0xc0
>  [<ffffffff812f0c32>] cpuidle_enter+0x12/0x20
>  [<ffffffff81078bcc>] cpu_startup_entry+0x22c/0x2c0
>  [<ffffffff8102ca1d>] start_secondary+0x14d/0x170
> 
> (gdb) list *(blk_account_io_completion+0x48)
> 0xffffffff811b2d18 is in blk_account_io_completion (block/blk-core.c:2114).
> 2109                    struct hd_struct *part;
> 2110                    int cpu;
> 2111
> 2112                    cpu = part_stat_lock();
> 2113                    part = req->part;
> 2114                    part_stat_add(cpu, part, sectors[rw], bytes >> 9);
> 2115                    part_stat_unlock();
> 2116            }
> 2117    }
> 2118

This is odd considering blk-mq defaults to setting QUEUE_FLAG_IO_STAT,
so each request will have REQ_IO_STAT set.

I'm not sure what would account for this NULL pointer (my code appears
to be slightly different than yours but AFAICT req->part is NULL in your
crash, which shouldn't ever happen if IO stats are enabled).

Are you manually enabling/disabling IO stats via sysfs at all?

More information about the dm-devel mailing list