Re: [PATCH scsi-misc-2.6 01/04] scsi: make scsi_send_eh_cmnd useits own timer instead of scmd->eh_timeout

From: James Bottomley
Date: Wed Apr 27 2005 - 00:36:13 EST

On Wed, 2005-04-27 at 11:22 +0900, Tejun Heo wrote:
> * A command is passed to lldd and starts execution
> * It times out.
> * eh runs
> * abort isn't implemented or fails
> * eh issues eh cmd (TUL, STU...)
> * The command miraculously & stupidly completes just now.

This should be impossible. The error handler API requirement is that
the driver relinquish a command once it returns success from any error
handling callback ... and if it never returns success, we simply offline
the device and never use it again. This is the principle behind the
command reuse: we only try an additional command *after* error handling
succeeds, so the error handler now owns the command absolutely.

> * The lldd succeeds to delete timer and normal completion path runs.
> * We're fucked up now.


