Bug#445987: Oops reproducable with iSCSI

To: 445987@bugs.debian.org
Subject: Bug#445987: Oops reproducable with iSCSI
From: weinholt@csbnet.se, @liszt.debian.org (Göran Weinholt)
Date: Wed, 02 Jul 2008 16:16:58 +0200
Message-id: <[🔎] ln3amsz7z9.fsf@desktop2.mgn>
Reply-to: weinholt@csbnet.se, @liszt.debian.org (Göran Weinholt), 445987@bugs.debian.org

This bug is reproducable with iSCSI as well. iSCSI works in dom0 but
oopses in domU.

Since I need to get this working, I can help you test patches. Here is
a post that suggests a patch exists:
http://groups.google.com/group/open-iscsi/browse_thread/thread/c4ddd07c06546864

Here is the oops I got with linux-image-2.6.18-6-xen-amd64 2.6.18.dfsg.1-18etch6:

scsi0 : iSCSI Initiator over TCP/IP 
Unable to handle kernel NULL pointer dereference at 0000000000000078 RIP:  
[<ffffffff881ae3a2>] :scsi_mod:scsi_calculate_bounce_limit+0x15/0x49 
PGD 4dbb067 PUD 4db9067 PMD 0  
Oops: 0000 [1] SMP  
CPU 0  
Modules linked in: ib_iser rdma_cm ib_addr ib_cm ib_sa ib_mad ib_core iscsi_tcp libiscsi scsi_transport_iscsi scsi_mod nfs lockd nfs_acl sunrpc ip6t_REJECT xt_tcpudp ipt_REJECT xt_state ip_conntrack nfnetlink ip6table_filter ip6_tables ipt
able_filter ip_tables x_tables dm_snapshot dm_mirror ipv6 8021q dm_multipath dm_mod evdev pcspkr 8250 serial_core ext3 jbd mbcache bridge unionfs 
Pid: 1690, comm: iscsid Not tainted 2.6.18-6-xen-amd64 #1 
RIP: e030:[<ffffffff881ae3a2>]  [<ffffffff881ae3a2>] :scsi_mod:scsi_calculate_bounce_limit+0x15/0x49 
RSP: e02b:ffff880004d2dc30  EFLAGS: 00010246 
RAX: 0000000000000000 RBX: ffff88000725c048 RCX: 0000000000000071 
RDX: 0000000000000067 RSI: 0000000000000400 RDI: ffff8800071b3800 
RBP: ffff8800071b3800 R08: ffff880007194000 R09: 0000000000000014 
R10: ffffffff881af8d0 R11: 0000000000000048 R12: ffff880004ca3828 
R13: ffff8800071b3800 R14: 0000000000000000 R15: ffff880004ca3800 
FS:  00002b4797f056d0(0000) GS:ffffffff804c3000(0000) knlGS:0000000000000000 
CS:  e033 DS: 0000 ES: 0000 
Process iscsid (pid: 1690, threadinfo ffff880004d2c000, task ffff88000722d0c0) 
Stack:  ffffffff881ae9f2  ffff880004cf2800  ffff880004cf2800  ffff880004ca3800  
ffffffff881b0641  ffff8800071b3968  00000001881aa1fe  ffff8800071b3800  
0000000000000000  0000000000000000  
Call Trace: 
[<ffffffff881ae9f2>] :scsi_mod:scsi_alloc_queue+0x65/0xb6 
[<ffffffff881b0641>] :scsi_mod:scsi_alloc_sdev+0x12e/0x1d2 
[<ffffffff881b0870>] :scsi_mod:scsi_probe_and_add_lun+0x10d/0x9c6 
[<ffffffff881b146c>] :scsi_mod:scsi_alloc_target+0x21e/0x327 
[<ffffffff881b16b8>] :scsi_mod:__scsi_scan_target+0xc3/0x5e7 
[<ffffffff8020ba57>] do_page_fault+0xdce/0x112f 
[<ffffffff8024c23e>] sscanf+0x49/0x51 
[<ffffffff881b1e86>] :scsi_mod:scsi_scan_target+0x6c/0x83 
[<ffffffff881d1e2a>] :scsi_transport_iscsi:iscsi_user_scan+0x65/0x94 
[<ffffffff881b26f9>] :scsi_mod:store_scan+0x9b/0xc5 
[<ffffffff802da599>] sysfs_write_file+0xb4/0xe3 
[<ffffffff80216ac9>] vfs_write+0xce/0x174 
[<ffffffff802172ec>] sys_write+0x45/0x6e 
[<ffffffff8025be4a>] system_call+0x86/0x8b 
[<ffffffff8025bdc4>] system_call+0x0/0x8b 
 
 
Code: 83 78 78 00 75 0c 48 8b 05 59 fa 39 f8 48 c1 e0 0c c3 48 8b  
RIP  [<ffffffff881ae3a2>] :scsi_mod:scsi_calculate_bounce_limit+0x15/0x49 
RSP <ffff880004d2dc30> 
CR2: 0000000000000078 

-- 
Göran Weinholt <weinholt@csbnet.se>

Reply to:

Follow-Ups:
- Bug#445987: Found a patch [was: Oops reproducable with iSCSI]
  - From: weinholt@csbnet.se, @liszt.debian.org (Göran Weinholt)

Prev by Date: Bug#448503: NFS client problem - writing with group-access fails
Next by Date: Bug#457226: marked as done (linux-image-2.6.22-3-amd64: repeated kernel BUGs in free_buffer_head)
Previous by thread: Bug#448503: NFS client problem - writing with group-access fails
Next by thread: Bug#445987: Found a patch [was: Oops reproducable with iSCSI]
Index(es):
- Date
- Thread