Hi, I found I can reliably crash a 3.0 system by pulling the USB cable of a mounted USB cdrom (or rather a USB device which has a builtin fake CD-ROM) I suspect it's a regression too. It ends with a NULL pointer reference on a NULL sdev in scsi_prep_state_check. Here's a somewhat incomplete backtrace (written down by hand) scsi_prep_state_check scsi_setup_blk_pc_cmnd blk_peek_request ... scsi_request_fn ... ioctl_internal_command ... scsi_set_medium_removal sr_lock_door cdrom_release ... umount I tried adding a if (!sdev) return BLKPREP_KILL; to scsi_prep_state_check, but that caused a RCU CPU stall and a generally unhappy system instead. The sdev must be still there in scsi_set_medium_removal because it's referenced, so it must get lost somewhere in SCSI or in the block layer. Any ideas how to fix this? -Andi -- ak@xxxxxxxxxxxxxxx -- Speaking for myself only -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
