Re: sgpool-8 double free

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I wrote:

James Bottomley wrote:

This is a characteristic trace for double done() on the same SCSI
command.


Perhaps. OTOH, maybe there was indeed memory overwritten.


PS: I suspect sbp2 may indeed doubly call done() in corner cases:
http://bugzilla.kernel.org/show_bug.cgi?id=5998
However a double done() is extremely unlikely in the case reported by Dave. AFAICS from the messages at https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182005 , sbp2 does not run any of the code code paths which lead to alternative routes to done(), besides the normal command completion. (These routes are FireWire bus reset handling and SCSI error handling. In theory these routes cannot doubly call done() either...) 
--
Stefan Richter
-=====-=-==- --=- =--==
http://arcgraph.de/sr/
-
: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]
  Powered by Linux