Re: [PATCH RFC 1/9] [SCSI] Detect overflow of sense data buffer

On 01/22/2013 04:08 PM, Ewan Milne wrote: On Fri, 2013-01-18 at 16:46 +, James Bottomley wrote: On Fri, 2013-01-18 at 11:27 -0500, Ewan D. Milne wrote: --- a/drivers/scsi/scsi_error.c +++ b/drivers/scsi/scsi_error.c @@ -241,6 +241,9 @@ static int scsi_check_sense(struct scsi_cmnd *scmd)

Re: [PATCH RFC 1/9] [SCSI] Detect overflow of sense data buffer

On Tue, 2013-01-22 at 10:08 -0500, Ewan Milne wrote: > On Fri, 2013-01-18 at 16:46 +, James Bottomley wrote: > > On Fri, 2013-01-18 at 11:27 -0500, Ewan D. Milne wrote: > > > --- a/drivers/scsi/scsi_error.c > > > +++ b/drivers/scsi/scsi_error.c > > > @@ -241,6 +241,9 @@ static int scsi_check_se

linux-3.7.4: BUG: unable to handle kernel NULL pointer dereference at target_fabric_port_link

Hi, after upgrade from 3.7.3 to 3.7.4, I got NULL pointer dereference at target_fabric_port_link(). Jan 22 23:58:52 kernel: [ 89.333115] BUG: unable to handle kernel NULL pointer dereference at (null) Jan 22 23:58:52 kernel: [ 89.333251] IP: [] target_fabric_port_link+0x18/0x100

[RESEND PATCH] libiscsi: avoid unnecessary multiple NULL assignments

In iscsi_free_task, NULL is assigned to task->sc twice: before and after kfifo_in invocatoin. Allocating and freeing iscsi_task are guarded with session->lock, so multiple NULL assignments cause no trouble. But people reading the source code may be confused. The second NULL assignment comes from c

Re: [PATCH RFC 4/9] [SCSI] Rename scsi_evt_xxx to sdev_evt_xxx and scsi_event to sdev_event

On Tue, 2013-01-22 at 10:38 -0700, Bart Van Assche wrote: > On Fri, Jan 18, 2013 at 9:27 AM, Ewan D. Milne wrote: > > @@ -2206,7 +2206,7 @@ static void scsi_evt_emit(struct scsi_device *sdev, > > struct scsi_event *evt) > > * Dispatch queued events to their associated scsi_device kobjects >

Re: [PATCH RFC 4/9] [SCSI] Rename scsi_evt_xxx to sdev_evt_xxx and scsi_event to sdev_event

On Tue, 2013-01-22 at 10:33 -0700, Bart Van Assche wrote: > On Fri, Jan 18, 2013 at 9:27 AM, Ewan D. Milne wrote: > > > > @@ -2206,7 +2206,7 @@ static void scsi_evt_emit(struct scsi_device *sdev, > > struct scsi_event *evt) > > * Dispatch queued events to their associated scsi_device kobjec

Re: [PATCH RFC 1/9] [SCSI] Detect overflow of sense data buffer

On Wed, 2013-01-23 at 13:06 +, James Bottomley wrote: > On Tue, 2013-01-22 at 10:08 -0500, Ewan Milne wrote: > > On Fri, 2013-01-18 at 16:46 +, James Bottomley wrote: > > > On Fri, 2013-01-18 at 11:27 -0500, Ewan D. Milne wrote: > > > > --- a/drivers/scsi/scsi_error.c > > > > +++ b/drivers/

[PATCH] mpt2sas: prevent double free on error path

I noticed this one when list_del was called with poisoned list pointers, but the real problem is a double-free (and a use-after-free just before that). Both _scsih_probe_boot_devices() and _scsih_sas_device_add() put the sas_device onto a list, thereby giving up control. Next they call mpt2sas_tr

Re: [PATCH RFC 0/9] [SCSI] Enhanced sense and Unit Attention handling

On Fri, Jan 18, 2013 at 9:27 AM, Ewan D. Milne wrote: > This patch set adds changes to the SCSI mid-layer, sysfs and scsi_debug > to provide enhanced support for Unit Attention conditions, as well as > detection of reported sense data overflow conditions and some changes > to sense data processing

Re: [PATCH] mpt2sas: prevent double free on error path

Jörn Engel writes: > diff --git a/drivers/scsi/mpt2sas/mpt2sas_scsih.c > b/drivers/scsi/mpt2sas/mpt2sas_scsih.c > index c6bdc92..43b3a98 100644 > --- a/drivers/scsi/mpt2sas/mpt2sas_scsih.c > +++ b/drivers/scsi/mpt2sas/mpt2sas_scsih.c > @@ -570,6 +570,18 @@ _scsih_sas_device_find_by_handle(struct