From: James Bottomley <James.Bottomley@SteelEye.com>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: "Dailey, Nate" <Nate.Dailey@stratus.com>,
SCSI development list <linux-scsi@vger.kernel.org>
Subject: Re: [PATCH] SCSI core: fix leakage of scsi_cmnd's
Date: Thu, 08 Sep 2005 12:13:01 -0500 [thread overview]
Message-ID: <1126199581.4845.49.camel@mulgrave> (raw)
In-Reply-To: <Pine.LNX.4.44L0.0509081210160.4607-100000@iolanthe.rowland.org>
On Thu, 2005-09-08 at 12:44 -0400, Alan Stern wrote:
> You _are_ missing something: scsi_requeue_command turns off the
> REQ_DONTPREP flag before calling blk_requeue_request. So requeued
> requests do indeed get re-prepped. This is needed for allocating
> scatter-gather lists and so on; the original ones get deallocated the
> first time the command finishes, so new ones are needed when the command
> is requeued.
Sigh, I might have guessed we'd have a leak somewhere ...
Is not a better way to fix this actually to have the
scsi_requeue_command put the command and reset req->special to NULL?
That way the command gets reprepared as well and the prep fn assumptions
should be fully valid. This would also correct what looks like a bug in
the command transformation routines (The ones that convert ten byte
commands to six byte ones if we get an illegal request response) ...
they look to be assuming that scsi_requeue_command() will actually
reissue the correct command instead of simply reusing the existing one.
> > The second problem is a bug (also spotted by Nate). However, what I
> > think we should be doing in this case is calling __scsi_done with
> > DID_NO_CONNECT which should clean up correctly and also send the error
> > indications back up the stack to the correct sources (that's what we do
> > in scsi_dispatch_cmd() for this problem).
>
> Is there some reason for not doing this same sort of thing from within
> scsi_prep_fn when rejecting a request? Obviously most of the cleanup
> won't be needed, but you still want to send the error indications back to
> the correct sources. It seems that prep_fn and request_fn should be
> consistent in the way they handle problems.
No real reason except that in the prep_fn() you often don't have a
command to call __scsi_done() on. Both methods are fully valid and
(with the all commands go via bios merger) supply the indications at all
the correct stack levels.
James
next prev parent reply other threads:[~2005-09-08 17:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-08 14:56 [PATCH] SCSI core: fix leakage of scsi_cmnd's Alan Stern
2005-09-08 15:56 ` James Bottomley
2005-09-08 16:44 ` Alan Stern
2005-09-08 17:13 ` James Bottomley [this message]
2005-09-08 20:49 ` Alan Stern
2005-09-09 18:40 ` James Bottomley
2005-09-13 17:00 ` Alan Stern
2005-09-13 21:34 ` James Bottomley
2005-09-14 13:59 ` Alan Stern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1126199581.4845.49.camel@mulgrave \
--to=james.bottomley@steeleye.com \
--cc=Nate.Dailey@stratus.com \
--cc=linux-scsi@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox