Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750846AbeAOUhg (ORCPT + 1 other); Mon, 15 Jan 2018 15:37:36 -0500 Received: from nibbler.cm4all.net ([82.165.145.151]:60565 "EHLO nibbler.cm4all.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750777AbeAOUhe (ORCPT ); Mon, 15 Jan 2018 15:37:34 -0500 Date: Mon, 15 Jan 2018 21:37:27 +0100 From: Max Kellermann To: "Madhani, Himanshu" Cc: Max Kellermann , Greg KH , linux-scsi , Dept-Eng QLA2xxx Upstream , "max.kellermann@gmail.com" , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH] drivers/scsi/qla2xxx: fix double free bug after firmware timeout Message-ID: <20180115203726.b7igf7rajczllcv7@rabbit.intern.cm-ag> References: <151603716189.28707.13105191089826357709.stgit@rabbit.intern.cm-ag> <13B82B86-8810-4722-97F9-EC5B862ECC76@cavium.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <13B82B86-8810-4722-97F9-EC5B862ECC76@cavium.com> User-Agent: NeoMutt/20170113 (1.7.2) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 2018/01/15 20:58, "Madhani, Himanshu" wrote: > We have patch to prevent this double free in 4.16/scsi-queue > already. No, let me repeat: this is a different bug! Your bug is about the free call after waiting for completion synchronously in qla24xx_els_dcmd_iocb(), after it was already freed by qla2x00_sp_timeout(). My bug is about free in qla2x00_*_sp_done() and again in qla2x00_sp_timeout(). My patch description describes exactly that. And you know what? My patch fixes both bugs. It is superior to the one that was merged 4 weeks later, isn't it? You NACKed my patch 5 weeks ago, and I explained to you that you were talking about a different bug, but you never replied to that. Max