On 07/10/2011 01:59 AM, FUJITA Tomonori wrote: > On Mon, 4 Jul 2011 23:36:39 +0800 > Kiefer Chang <zapchang@xxxxxxxxx> wrote: > >> Dear Tomonori, >> >> We got segfault error on heavy I/O. Hope you can give some suggestion. >> Seems *task* is freed and referenced again. > > This is related with tmf (aborting task, etc)? Your next report is. Hello Tomo-san, We are also seeing this issue reported, yes based on aborting tasks: https://bugzilla.redhat.com/show_bug.cgi?id=719687 >From looking at the code, it looks like target_cmd_io_done() may be called twice for the same command, which leads to iscsi_scsi_cmd_done being called twice, and double-freeing the iscsi_task? 1st: abort_task_set -> abort_cmd -> target_cmd_io_done 2nd: abort_task_set -> abort_cmd -> cmd->dev->cmd_done() [__cmd_done] -> post_cmd_done -> target_cmd_io_done Thanks -- Regards -- Andy -- To unsubscribe from this list: send the line "unsubscribe stgt" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
