Bug 58861 - highmem-block patch broken for non-highmem scsi driver (e.g. qla2x00) on highmem machine
highmem-block patch broken for non-highmem scsi driver (e.g. qla2x00) on high...
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
7.2
i686 Linux
high Severity high
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-01-25 18:26 EST by Tim Wright
Modified: 2008-08-01 12:22 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-30 11:39:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Tim Wright 2002-01-25 18:26:25 EST
Description of Problem:
The block-highmem patch applied to the 2.4.9-13 (and -21) kernels is badly
broken for the case of a driver that does not have the 'can_dma_32' flag set on
a machine with 1GB+ memory. The loop to handle the scattergather list in
__init_io() in scsi_merge.c has no code to handle bounce buffers in the case of
a scsi driver for which can_dma_32 == 0.

Version-Release number of selected component (if applicable):
2.4.9-13, 2.4.9-21 (probably 2.4.9-7 as well - haven't checked).

How Reproducible:
100%.

Steps to Reproduce:
1. Construct a machine with 1GB+ memory and a qla2x00 card.
2. Make a filesystem >1GB large on the FC-attached storage.
3. Create a 900MB file using e.g. 'dd if=/dev/zero of=file bs=1M count=900'
4  run four parallel dd processes from this file to four new files.
5  watch the free memory drop in vmstat. As soon as bdflush kicks in and tries
to write a cluster of disk blocks, you will panic in the pci_dma code because
address and page are both zero.

Actual Results:
System panics every time in the same place.


Expected Results:
The system should remain up and the files should be written correctly.

Additional Information:
Around line 922 in scsi_merge.c, the following code is broken:
If can_dma_32 is set, we're OK, because the page representation will always be
valid. If, however, it's not set, the bh->b_data will only be valid for a non
highmem page. If not, we need to allocate a bounce buffer, but we don't:

                if (SCpnt->host->can_dma_32) {
                        sgpnt[count].page = bh->b_page;
                        sgpnt[count].offset = bh_offset(bh);
                        sgpnt[count].address = NULL;
                } else {
BUG HERE ===>>>>
                        sgpnt[count].page = NULL;
                        sgpnt[count].offset = 0;
                        sgpnt[count].address = bh->b_data;
                }
Comment 1 Arjan van de Ven 2002-01-25 18:34:04 EST
for non can_dma_32 case this is actually bounce buffer'd already in the
blocklayer.....

(Note: there's also a qla2200 driver in 2.4.9-21 which is highmem capable)
Comment 2 Arjan van de Ven 2002-01-25 18:35:55 EST
for non can_dma_32 case this is actually bounce buffer'd already in the
blocklayer.....

(Note: there's also a qla2200 driver in 2.4.9-21 which is highmem capable)
Comment 3 Tim Wright 2002-01-29 17:03:48 EST
Ummm... if that were the case, then it wouldn't be crashing. It is. If you can find a
machine with 1GB memory or greater and a qla card, you can reproduce it in
minutes. It dies in pci_map _sg at this check:

                else if (!sg[i].address && !sg[i].page)
                        BUG();

In vanilla 2.4.9 the bounce buffers are unconditionally allocated for high memory
pages. However, after you've applied the blockhighmem patch, that doesn't appear
to be the case. If it were, the non-sg code in __init_io (after single_segment:)
would be pointless. It explicitly checks for PageHighMem and allocated the bounce
buffer there and then.

Tim


Comment 4 Bugzilla owner 2004-09-30 11:39:21 EDT
Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem
persists.

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.