Dave Jones wrote:
If the scsi_alloc_queue or the slave_alloc calls in scsi_alloc_device fail, we forget to release the locally allocated sdev on the failure path.
Actually, I think the slave_alloc failure path works today, and this patch breaks it. Today, in the slave_alloc failure path, the release function called as a result of the put_device in out_device_destroy should end up freeing the sdev. Your patch will result in a double free in this path.
--- linux-2.6/drivers/scsi/scsi_scan.c~ 2006-03-08 22:28:50.000000000 -0500 +++ linux-2.6/drivers/scsi/scsi_scan.c 2006-03-08 22:31:38.000000000 -0500 @@ -252,7 +252,7 @@ static struct scsi_device *scsi_alloc_sd /* release fn is set up in scsi_sysfs_device_initialise, so * have to free and put manually here */ put_device(&starget->dev); - goto out; + goto out_free;
Rather than this change, I think just adding a kfree(sdev) before the goto out would accomplish what you want. Brian -- Brian King eServer Storage I/O IBM Linux Technology Center - : send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
