Description of problem: Trying to connect to an iscsi-target leads to kernel panic. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1.Issue iscsiadm -m node -T NODENAME -p IP -l leads directly to the kernel panic 2.Rebooting leads again to kernel panic (because of the iscsadm command gets persisted, iscsid ist started at boottime) 3. Actual results: ------------[ cut here ]------------ kernel BUG at drivers/scsi/iscsi_tcp.c:959! invalid opcode: 0000 [#1] SMP last sysfs file: /class/iscsi_connection/connection0:0/exp_statsn Modules linked in: bridge netloop netbk blktap blkbk autofs4 hidp rfcomm l2cap bluetooth sunrpc iscsi_tcp libiscsi scsi_transport_iscsi ip_conntrack_netbios_ns ipt_REJECT iptable_filter ip_tables xt_state ip_conntrack nfnetlink xt_tcpudp ip6table_filter ip6_tables x_tables ipv6 video sbs i2c_ec button battery asus_acpi ac parport_pc lp parport floppy sg ide_cd i82875p_edac edac_mc cdrom e1000 i2c_i801 i2c_core pcspkr serio_raw dm_snapshot dm_zero dm_mirror dm_mod ata_piix libata sd_mod scsi_mod ext3 jbd ehci_hcd ohci_hcd uhci_hcd CPU: 0 EIP: 0061:[<ee4c7804>] Not tainted VLI EFLAGS: 00010216 (2.6.18-1.2747.el5xen #1) EIP is at iscsi_tcp_data_recv+0x10f2/0x123b [iscsi_tcp] eax: 00000170 ebx: ec66496c ecx: ecbeb2e0 edx: ebaa46c0 esi: ebaa46c0 edi: ebaa46c0 ebp: ebaa46c0 esp: c0766d2c ds: 007b es: 007b ss: 0069 Process kjournald (pid: 375, ti=c0766000 task=c0c92550 task.ti=c0c83000) Stack: 0000016d ec691800 c0fa7d54 c0fa7d68 ecd10080 c0766dec 00000000 00000000 ec66496c ebaa46c0 c0fa7d40 eb817480 eba170ac ecd2d700 00000020 00000000 c05cc44d 00000000 ec691800 c05ca134 80000000 00000000 00000000 eb817480 Call Trace: [<c05d20e0>] tcp_read_sock+0x61/0x165 [<ee4c7cd4>] iscsi_tcp_data_ready+0x32/0x3f [iscsi_tcp] [<c05d91e3>] tcp_rcv_established+0x534/0x7d9 [<c05de630>] tcp_v4_do_rcv+0x28/0x2ce [<c05e0bf8>] tcp_v4_rcv+0x8fc/0x944 [<c05c826a>] ip_local_deliver+0x16e/0x224 [<c05c80bf>] ip_rcv+0x44c/0x489 [<c05aca93>] netif_receive_skb+0x30c/0x384 [<c05ae3d0>] process_backlog+0x97/0xee [<c05ae57f>] net_rx_action+0x96/0x185 [<c0420e3e>] __do_softirq+0x5e/0xc3 [<c0406cef>] do_softirq+0x59/0xc2 ======================= Code: c7 46 44 00 00 00 00 eb 0e 8b 7c 24 24 c7 87 80 00 00 00 00 00 00 00 8b 54 24 24 8b 42 58 2b 44 24 1c 3b 84 24 d8 00 00 00 76 08 <0f> 0b bf 03 bd 80 4c ee 3b 84 24 d8 00 00 00 0f 85 5a ef ff ff EIP: [<ee4c7804>] iscsi_tcp_data_recv+0x10f2/0x123b [iscsi_tcp] SS:ESP 0069:c0766d2c <0>Kernel panic - not syncing: Fatal exception in interrupt (XEN) Domain 0 crashed: rebooting machine in 5 seconds. Expected results: Working iscsi-initiator Additional info: Target is Solaris Express b60 (same effect with b59, b61). RHEL4 iscsi-initiator is working fine (old cisco-sf stuff) Same results on non xen kernel! Contact me, maybe I can give access to the iscsi target and the iscsi-initiator machines!
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
We have a fix upstream thanks to Frank letting us use his box. We should get that into 5.1. The problem was that the data and padding were coming in two network packets and the initiator assumed they would not cross network packets. The fix is a couple lines and is being tested upstream for regressions.
in kernel-2.6.18-26.el5
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-0959.html