Bug 18292 - Multiple Requests and Kernel GPFs (descriptor buffer corruption in AT context)
Multiple Requests and Kernel GPFs (descriptor buffer corruption in AT context)
Product: Drivers
Classification: Unclassified
Component: IEEE1394
All Linux
: P1 normal
Assigned To: drivers_ieee1394
Depends on:
  Show dependency treegraph
Reported: 2010-09-12 09:00 UTC by Stefan Richter
Modified: 2010-11-06 08:32 UTC (History)
1 user (show)

See Also:
Kernel Version: 2.6.32, 2.6.34
Tree: Mainline
Regression: No


Description Stefan Richter 2010-09-12 09:00:01 UTC
Reported by Freddie Witherden on August 2 2010:

I have been trying to speed up my forensics library, which currently gets 
around 13MiB/s when reading blocks of data and an effective rate of 100MiB/s 
when reading small 10 byte fragments from fixed page offsets.

One thought was instead of making requests and waiting for a response I 
decided to make multiple requests (so always have several requests on the go) 
and using poll() to read responses back.

The problem is that although the ioctl succeeds it is flakey, very flakey. My 
onboard FireWire controller results in GPFs from the kernel -- and on one 
occasion a hard out crash. My expresscard adapter, however, 'gives up' after a 
few 100 requests, with all subsequent requests giving no data read() gives me 
24 bytes. The target is fine before and after.

Now, the later result could be because of what's going on at the target, 
however the protection faults do concern me. Has anyone else experienced these 
kinds of faults and are there any known problems with having multiple requests 
on the go.

Some further information is in the replies to the initial post, http://thread.gmane.org/gmane.linux.kernel.firewire.user/3989 .  E.g. http://article.gmane.org/gmane.linux.kernel.firewire.user/3993 and http://article.gmane.org/gmane.linux.kernel.firewire.user/3995 show a general protection fault in firewire-ohci's at_context_transmit() -> context_get_descriptors().
Comment 1 Stefan Richter 2010-10-25 13:51:43 UTC
Candidate fixes by Clemens Ladisch:
Comment 2 Stefan Richter 2010-10-31 12:41:34 UTC
The patches from comment 1 work for me.
Comment 3 Stefan Richter 2010-11-06 08:32:26 UTC
Fixes merged into mainline, to appear in 2.6.37-rc2, also submitted for inclusion into currently active stable series.

Note You need to log in before you can comment on or make changes to this bug.