under heavy I/O load for my scsi-emulated cdrom 2.4.20aa1 crashes at
drivers/scsi/scsi_dma:155 with
panic("scsi_free:Trying to free unused memory")
panic(..) somehow refuses to print the call trace because "IEEE in interrupt
handler - no sync".
The only scsi module I'm using is ide-scsi. As I browsed the aa patch I
recognized that a few &io_request_lock have been exchanged for
"q->queue_lock". But ide-scsi is still locking on io_request_lock. This is
probably the source of the race condition. However I'm not sure because I
think q->queue_lock is being initialized to &io_request_lock, so it should
still be the same lock.
See drivers/scsi/ide-scsi:295 or
drivers/scsi/ide-scsi:850 (Why isn't there a lock in that case?)
(done) referrs to sr.c:rw_intr which calls scsi_io_completion which calls
the panic(..)-ing scsi_free)
Any guesses?
Regards, Clemens
Please CC answers, /me not on list.