At 01:56 09/01/17, Anirban Chakraborty wrote: >On Jan 15, 2009, at 7:13 PM, Hisashi Hifumi wrote: > >>Hi. >> >>I got double free bug at qla2x00_probe_one's error path and >>kernel was panicked. >>qla2x00_probe_one's probe_failed path is as follows: >> >>qla2x00_free_que(ha, req, rsp); >>qla2x00_free_device(base_vha); >> >>qla2x00_free_device calls qla2x00_free_que through qla2x00_free_queues. >>qla2x00_free_device frees the same pointer of req and rsp that is already >>freed by qla2x00_free_que. >> >>Following patch fixes this problem. >>Thanks. >This has been fixed as a part of the ISP restart bug fix. <http://git.kernel.org/?p=linux/kernel/git/jejb/scsi-rc-fixes-2.6.git;a=commit;h=29bdccbee69c199910b2b39377e66ee5c33f241c>http://git.kernel.org/?p=linux/kernel/git/jejb/scsi-rc-fixes-2.6.git;a=commit;h=29bdccbee69c199910b2b39377e66ee5c33f241c >Thanks, >Anirban Your patch is as follows: probe_failed: - qla2x00_free_que(ha, req, rsp); qla2x00_free_device(base_vha); I think just removing qla2x00_free_que here is wrong, because when qla2x00_request_irqs or qla2x00_alloc_queues fails, no one frees rsp and req. -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
