Vasu Dev wrote: > Removed storing of aborted_ep in rrq_ep since fc_exch_reset() can > occur on rrq_ep before aborted_ep is stored, in that case rrq_ep > will be a dangling reference and won't be good to store aborted_ep. > Therefore storing aborted_ep had racing issue and also this race would > have left aborted_ep un-freed if rrq_ep is freed before aborted_ep > could be stored in rrq_ep. > > This patch removed storing of aborted_ep to fix this race and > instead used aborted_ep from passed ep argument to rrq resp handler, > so that rrq resp handler will certainly free the aborted_ep before > rrq ep is freed. > > Also modified fc_exch_rrq() to finish sending rrq with exch lock > held to prevent fc_exch_reset() running while rrq send is in progess. > This will eliminate possibility of race with fc_exch_reset() and it > does saves extra exch locking and unlocking statements in > fc_exch_rrq() error cases. >
I swear there was a good reason for adding the aborted_ep field :) Maybe it was from when I was thinking about using del_timer_sync (this was before you were going to fix the locking). Oh well. The description and patch look good to me. Thanks. _______________________________________________ devel mailing list [email protected] http://www.open-fcoe.org/mailman/listinfo/devel
