Bug 235640 - iscsi-initiator to solaris express n59, n60,n61 target leads to kernel panic
iscsi-initiator to solaris express n59, n60,n61 target leads to kernel panic
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Mike Christie
Brock Organ
Depends On:
  Show dependency treegraph
Reported: 2007-04-08 18:23 EDT by Frank Fischer
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version: RHBA-2007-0959
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-11-07 14:46:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0959 normal SHIPPED_LIVE Updated kernel packages for Red Hat Enterprise Linux 5 Update 1 2007-11-07 19:47:37 EST

  None (edit)
Description Frank Fischer 2007-04-08 18:23:29 EDT
Description of problem:
Trying to connect to an iscsi-target leads to kernel panic.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Issue iscsiadm -m node -T NODENAME -p IP -l leads directly to the kernel panic
2.Rebooting leads again to kernel panic (because of the iscsadm command gets
persisted, iscsid ist started at boottime)
Actual results:
------------[ cut here ]------------
kernel BUG at drivers/scsi/iscsi_tcp.c:959!
invalid opcode: 0000 [#1]
last sysfs file: /class/iscsi_connection/connection0:0/exp_statsn
Modules linked in: bridge netloop netbk blktap blkbk autofs4 hidp rfcomm l2cap
bluetooth sunrpc iscsi_tcp libiscsi scsi_transport_iscsi ip_conntrack_netbios_ns
ipt_REJECT iptable_filter ip_tables xt_state ip_conntrack nfnetlink xt_tcpudp
ip6table_filter ip6_tables x_tables ipv6 video sbs i2c_ec button battery
asus_acpi ac parport_pc lp parport floppy sg ide_cd i82875p_edac edac_mc cdrom
e1000 i2c_i801 i2c_core pcspkr serio_raw dm_snapshot dm_zero dm_mirror dm_mod
ata_piix libata sd_mod scsi_mod ext3 jbd ehci_hcd ohci_hcd uhci_hcd
CPU:    0
EIP:    0061:[<ee4c7804>]    Not tainted VLI
EFLAGS: 00010216   (2.6.18-1.2747.el5xen #1)
EIP is at iscsi_tcp_data_recv+0x10f2/0x123b [iscsi_tcp]
eax: 00000170   ebx: ec66496c   ecx: ecbeb2e0   edx: ebaa46c0
esi: ebaa46c0   edi: ebaa46c0   ebp: ebaa46c0   esp: c0766d2c
ds: 007b   es: 007b   ss: 0069
Process kjournald (pid: 375, ti=c0766000 task=c0c92550 task.ti=c0c83000)
Stack: 0000016d ec691800 c0fa7d54 c0fa7d68 ecd10080 c0766dec 00000000 00000000
       ec66496c ebaa46c0 c0fa7d40 eb817480 eba170ac ecd2d700 00000020 00000000
       c05cc44d 00000000 ec691800 c05ca134 80000000 00000000 00000000 eb817480
Call Trace:
 [<c05d20e0>] tcp_read_sock+0x61/0x165
 [<ee4c7cd4>] iscsi_tcp_data_ready+0x32/0x3f [iscsi_tcp]
 [<c05d91e3>] tcp_rcv_established+0x534/0x7d9
 [<c05de630>] tcp_v4_do_rcv+0x28/0x2ce
 [<c05e0bf8>] tcp_v4_rcv+0x8fc/0x944
 [<c05c826a>] ip_local_deliver+0x16e/0x224
 [<c05c80bf>] ip_rcv+0x44c/0x489
 [<c05aca93>] netif_receive_skb+0x30c/0x384
 [<c05ae3d0>] process_backlog+0x97/0xee
 [<c05ae57f>] net_rx_action+0x96/0x185
 [<c0420e3e>] __do_softirq+0x5e/0xc3
 [<c0406cef>] do_softirq+0x59/0xc2
Code: c7 46 44 00 00 00 00 eb 0e 8b 7c 24 24 c7 87 80 00 00 00 00 00 00 00 8b 54
24 24 8b 42 58 2b 44 24 1c 3b 84 24 d8 00 00 00 76 08 <0f> 0b bf 03 bd 80 4c ee
3b 84 24 d8 00 00 00 0f 85 5a ef ff ff
EIP: [<ee4c7804>] iscsi_tcp_data_recv+0x10f2/0x123b [iscsi_tcp] SS:ESP 0069:c0766d2c
 <0>Kernel panic - not syncing: Fatal exception in interrupt
 (XEN) Domain 0 crashed: rebooting machine in 5 seconds.

Expected results:
Working iscsi-initiator

Additional info:

Target is Solaris Express b60 (same effect with b59, b61). RHEL4 iscsi-initiator
is working fine (old cisco-sf stuff)

Same results on non xen kernel!

Contact me, maybe I can give access to the iscsi target and the iscsi-initiator
Comment 1 RHEL Product and Program Management 2007-05-10 09:24:21 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
Comment 2 Mike Christie 2007-05-10 11:11:56 EDT
We have a fix upstream thanks to Frank letting us use his box. We should get
that into 5.1.

The problem was that the data and padding were coming in two network packets and
the initiator assumed they would not cross network packets. The fix is a couple
lines and is being tested upstream for regressions.
Comment 4 Don Zickus 2007-07-19 17:05:11 EDT
in kernel-2.6.18-26.el5
Comment 7 errata-xmlrpc 2007-11-07 14:46:23 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.