On Mon, Jun 17, 2019 at 10:33:42AM +0200, Christoph Hellwig wrote: > > drivers/infiniband/hw/cxgb4/qp.c > > 129 static int alloc_host_sq(struct c4iw_rdev *rdev, struct t4_sq *sq) > > 130 { > > 131 sq->queue = dma_alloc_coherent(&(rdev->lldi.pdev->dev), sq->memsize, > > 132 &(sq->dma_addr), GFP_KERNEL); > > 133 if (!sq->queue) > > 134 return -ENOMEM; > > 135 sq->phys_addr = virt_to_phys(sq->queue); > > 136 dma_unmap_addr_set(sq, mapping, sq->dma_addr); > > 137 return 0; > > 138 } > > > > Is this a bug? > > Yes. This will blow up badly on many platforms, as sq->queue > might be vmapped, ioremapped, come from a pool without page backing. Gah, this addr gets fed into io_remap_pfn_range/remap_pfn_range too.. Potnuri, you should fix this.. You probably need to use dma_mmap_from_dev_coherent() in the mmap ? Jason