On Fri, 2012-04-06 at 17:01 +0000, Bart Van Assche wrote: > On 04/06/12 16:35, James Bottomley wrote: > > > On Fri, 2012-04-06 at 16:15 +0000, Bart Van Assche wrote: > >> As far as I can see the queuecommand call in scsi_dispatch_cmd() can > >> race with module removal - that call can be triggered while the host > >> template is being unloaded. I'm not sure though what the best approach > >> is to fix that race. > > > > Um, it's a bit hard to see how. It's not really possible to trigger > > queuecommand except in the initial probe without an open device ... and > > opening the device holds the module. > > > Sorry, but I forgot to mention that it's not just scsi_dispatch_cmd() > that invokes queuecommand via the host template. The SCSI error handler > does that too. As far as I can see there is no protection in the SCSI > error handler against LLD module removal. But maybe I overlooked something. Consider where the command came from: either it's come from startup (the current problem), operation (in which case the device must be open to send and receive it) or teardown (which is synchronous). James -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
