Date: Fri, 21 Jan 2022 17:33:17 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 261387] Should cam be calling callout drain for struct cam_sim and struct cam_ed? Message-ID: <bug-261387-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261387 Bug ID: 261387 Summary: Should cam be calling callout drain for struct cam_sim and struct cam_ed? Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: Herbie.Robinson@stratus.com The documentation for callout says that callout_drain must be called before destroying any storage containing a callout structure. I noticed the CAM doesn't do that for struct cam_sim and struct cam_id. I pose this bug report as a question, because it does seem a little scary to fix it and it's certainly beyond my level of experience with the FreeBSD kernel. The simple patches to fix this would be --- cam_sim.c +++ cam_sim.c @@ -165,6 +165,7 @@ if (free_devq) cam_simq_free(sim->devq); + callout_drain(&sim->callout); free(sim, M_CAMSIM); } --- cam_xpt.c +++ cam_xpt.c @@ -4831,6 +4831,7 @@ { struct cam_ed *device =3D context; + callout_drain(&device->callout); mtx_lock(&device->device_mtx); mtx_destroy(&device->device_mtx); free(device, M_CAMDEV); This is relative to the main branch https://cgit.freebsd.org/src/commit/?id=3Db252fb24301c1f7e7d83eab631e7d9fa9= 47e227d. The routines patched are cam_sim_free and xpt_destroy_device. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-261387-227>