Re: [PATCH] scsi: let __scsi_remove_device do the blk_put_queue in one place

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2018-06-20 at 18:58 +0200, Anthoine Bourgeois wrote:
> On Wed, Jun 20, 2018 at 01:50:38PM +0000, Bart Van Assche wrote:
> > On Wed, 2018-06-20 at 11:57 +0200, anthoine.bourgeois@xxxxxxxxx wrote:
> > > The function scsi_device_dev_release_usercontext calls blk_put_queue
> > > with request_queue then set request_queue to NULL. If the function
> > > scsi_device_dev_release_usercontext is racy then the next call to
> > > blk_put_queue will trigger the NULL pointer dereference below.
> > 
> > How did you trigger this bug? Which SCSI LLD drivers were involved, and
> > which scenario or workload triggered this kernel oops?
> > 
> 
> I think iscsi_tcp is my LLD driver. Here a list of my modules with
> 'scsi' name:
> # lsmod|grep scsi
> iscsi_tcp              20480  4
> libiscsi_tcp           24576  1 iscsi_tcp
> libiscsi               57344  3 ib_iser,libiscsi_tcp,iscsi_tcp
> scsi_transport_iscsi   106496  4 ib_iser,libiscsi,iscsi_tcp
> 
> The bug is trigger by a 'iscsiadm -m node -T targetname --logout' but it
> occurs maybe 1-2% of the times.

Hello Anthoine,

As far as I know the same scsi_device_dev_release_usercontext() function
works reliably for other SCSI LLDs. So you may want to report this to the
iSCSI initiator driver maintainers.

Thanks,

Bart.







[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux