On 23/11/2021 12:04, chenxiang (M) wrote:
ry to say, but I find this hard to read.
sas_task is already released, but sas_free_task() will still be called again.
What are these situations?
For tmf IO, it is failed with stat = SAS_OPEN_REJECT and resp = SAS_TASK_COMPLETE, then it will retry three times. Eevey time sas_task is allocated at the beginning and freed at the end in the loop.
I am looking at hisi_sas_main.c, and for this case on each retry we free the sas_task at the bottom of the loop and then set the pointer to NULL. And after we break out from 3 failed retries we do call sas_free_task() again but task = NULL and sas_free_task() is NULL safe.
But it will free the sas_task again (outside the loop) at the end of the function.
Are you sure? As explained above, I think that this is safe. Thanks, John
But if freed sas_task is allocated by other IO before freeing sas_task at the end of the function, it frees other IO's sas_task actually which will cause memory issue.
thread 1 thread 2 allocate task0 free task0 allocate task0 as task0 is freed already by thread 1 free task0