On Thu, 2019-01-24 at 01:13 -0500, Douglas Gilbert wrote:
> > I can replicate this crash easily. I also noticed that this crash only
> > occurs if
> > the scsi_debug driver is loaded with fake_rw=0. It does not occur with
> > fake_rw=1.
> > It seems like the following code in resp_write_same() assumes that
> > fake_storep != NULL?
> >
> > /* if ndob then zero 1 logical block, else fetch 1 logical block */
> > if (ndob) {
> > memset(fake_storep + lba_off, 0, sdebug_sector_size);
> > ret = 0;
> > } else
> > ret = fetch_to_dev_buffer(scp, fake_storep + lba_off,
> > sdebug_sector_size);
>
> It is table driven. It shouldn't call that function if FF_MEDIA_IO is part of
> that command's flag and fake_storep is NULL. Both WS10 and WS16 have that
> flag.
>
> But there is a problem if virtual_gb > 0 .
>
> Could you try the attached patch, it should wrap cleanly in the virtual_gb > 0
> case.
Hi Doug,
With this patch applied the libiscsi tests no longer cause the scsi_debug to
trigger
a kernel oops.
Thanks!
Bart.
