Hi,
I'm getting the warning below when starting a KVM the second time with an
Emulex PCI card 'passthroughed' into a KVM. I'm terminating the session
via 'ctrl-a x', not sure if this is relevant.
This is with 5.8-rc1. IIRC, older version didn't have this problem.
modprobe -r lpfc
modprobe vfio-pci ids=10df:f400
qemu-system-x86_64 ... \
-device vfio-pci,host=04:00.0 \
-device vfio-pci,host=04:00.1 \
-device vfio-pci,host=c1:00.0 \
-device vfio-pci,host=c1:00.1 \
...
vfio-pci :04:00.0: vfio_ecap_init: hiding ecap 0x19@0x20c
vfio-pci :04:00.0: vfio_ecap_init: hiding ecap 0x26@0x238
vfio-pci :04:00.0: vfio_ecap_init: hiding ecap 0x27@0x278
[ cut here ]
refcount_t: underflow; use-after-free.
WARNING: CPU: 14 PID: 59978 at lib/refcount.c:28
refcount_warn_saturate+0x8d/0xf0
Modules linked in: rpcsec_gss_krb5(E) auth_rpcgss(E) nfsv4(E) dns_resolver(E)
nfs(E) lockd(E) grace(E) sunrpc(E) fscache(E) vfio_pci(E) vfio_virqfd(E)
vfio_iommu_type1(E) vfio(E) af_packet(E) xt_tcpudp(E) ip6t_rpfilter(E)
ip6t_REJECT(E) ipt_REJECT(E) xt_conntrack(E) ip_set(E) nfnetlink(E)
ebtable_nat(E) ebtable_broute(E) ip6table_nat(E) ip6table_mangle(E)
ip6table_raw(E) ip6table_security(E) iptable_nat(E) nf_nat(E) nf_conntrack(E)
nf_defrag_ipv6(E) nf_defrag_ipv4(E) iptable_mangle(E) iptable_raw(E)
iptable_security(E) ebtable_filter(E) ebtables(E) ip6table_filter(E)
ip6_tables(E) iptable_filter(E) ip_tables(E) iscsi_ibft(E) x_tables(E)
iscsi_boot_sysfs(E) bpfilter(E) rfkill(E) nls_iso8859_1(E) nls_cp437(E) vfat(E)
fat(E) intel_rapl_msr(E) intel_rapl_common(E) sb_edac(E)
x86_pkg_temp_thermal(E) intel_powerclamp(E) coretemp(E) iTCO_wdt(E)
kvm_intel(E) iTCO_vendor_support(E) kvm(E) irqbypass(E) crc32_pclmul(E)
ghash_clmulni_intel(E) aesni_intel(E) crypto_simd(E) cryptd(E)
glue_helper(E) pcspkr(E) ipmi_ssif(E) bnx2x(E) lpc_ich(E) mfd_core(E)
hpwdt(E) mdio(E) acpi_ipmi(E) ioatdma(E) hpilo(E) dca(E) ipmi_si(E) tg3(E)
ipmi_devintf(E) libphy(E) ipmi_msghandler(E) acpi_tad(E) button(E) btrfs(E)
libcrc32c(E) xor(E) raid6_pq(E) dm_service_time(E) sd_mod(E) mgag200(E)
drm_vram_helper(E) drm_kms_helper(E) syscopyarea(E) sysfillrect(E) sysimgblt(E)
fb_sys_fops(E) qla2xxx(E) cec(E) configfs(E) drm_ttm_helper(E) uhci_hcd(E)
ehci_pci(E) nvme_fc(E) ehci_hcd(E) nvme_fabrics(E) ttm(E) nvme_core(E) drm(E)
t10_pi(E) i2c_algo_bit(E) usbcore(E) crc32c_intel(E) scsi_transport_fc(E)
hpsa(E) scsi_transport_sas(E) wmi(E) dm_mirror(E) dm_region_hash(E) dm_log(E)
sg(E) dm_multipath(E) dm_mod(E) scsi_dh_rdac(E) scsi_dh_emc(E) scsi_dh_alua(E)
scsi_mod(E) efivarfs(E) [last unloaded: nvmet]
CPU: 14 PID: 59978 Comm: qemu-system-x86 Kdump: loaded Tainted: GE
5.8.0-rc1-default #28
Hardware name: HP ProLiant DL580 Gen9/ProLiant DL580 Gen9, BIOS U17 07/21/2019
RIP: 0010:refcount_warn_saturate+0x8d/0xf0
Code: 05 2c 11 17 01 01 e8 b2 1b c1 ff 0f 0b c3 80 3d 1f 11 17 01 00 75 ad 48
c7 c7 b8 aa 56 a0 c6 05 0f 11 17 01 01 e8 93 1b c1 ff <0f> 0b c3 80 3d 03 11 17
01 00 75 8e 48 c7 c7 60 aa 56 a0 c6 05 f3
RSP: 0018:a10929087df0 EFLAGS: 00010282
RAX: RBX: 958bdb474b80 RCX:
RDX: 0001 RSI: 958bdf91ac90 RDI: 958bdf91ac90
RBP: 958393e3e0f0 R08: R09: 000e
R10: 003b R11: a10929087c88 R12: 5617ef8baa70
R13: 958405be2650 R14: 0038 R15: 958393e3e060
FS: 7fbeb6c86600() GS:958bdf90() knlGS:
CS: 0010 DS: ES: CR0: 80050033
CR2: 5617edfbe108 CR3: 000f7f5e2004 CR4: 001626e0
DR0: DR1: DR2:
DR3: DR6: fffe0ff0 DR7: 0400
Call Trace:
vfio_pci_set_ctx_trigger_single+0x69/0xc0 [vfio_pci]
vfio_pci_ioctl+0x2ea/0xe80 [vfio_pci]
? _copy_from_user+0x2c/0x60
? ksys_ioctl+0x92/0xb0
? vfio_pci_memory_lock_and_enable+0x80/0x80 [vfio_pci]
ksys_ioctl+0x92/0xb0
__x64_sys_ioctl+0x16/0x20
do_syscall_64+0x4d/0x90
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7fbeb0ca2ac7
Code: Bad RIP value.
RSP: 002b:7ffec9254908 EFLAGS: 0246 ORIG_RAX: 0010
RAX: ffda RBX: 5617ef8baa70 RCX: 7fbeb0ca2ac7
RDX: 5617ef8baa70 RSI: 3b6e RDI: 0038
RBP: 5617ef722a30 R08: R09:
R10: 0001 R11: 0246 R12: 0006
R13: 5617ef722730 R14: 0005 R15: 5617ef721e50
---[ end trace fbd9c0c3c859d391 ]---
irq 17: Affinity broken due to vector space exhaustion.
vfio-pci :c1:00.0: vfio_ecap_init: hiding ecap 0x19@0x20c
vfio-pci :c1:00.0: vfio_ecap_init: hiding ecap 0x26@0x238
vfio-pci :c1:00.0: vfio_ecap_init: hiding ecap 0x27@0x278
vfio-pci :04:00.0: vfio_bar_restore: reset recovery - restoring BARs
vfio-pci :04:00.1: