2.6.18 bug in gdth.c [solved]

From: Jerome Borsboom
Date: Fri Oct 13 2006 - 08:03:32 EST


Recent changes in the gdth.c driver introduced an 'unable to handle
kernel paging request' bug. The offending change seems to be
following change in 'gdth_fill_raw_cmd':

@@ -3022,7 +3148,7 @@ #ifdef GDTH_STATISTICS
             }
#endif
-        } else {
+        } else if (scp->request_bufflen) {
             scp->SCp.Status = GDTH_MAP_SINGLE;
             scp->SCp.Message = PCI_DMA_BIDIRECTIONAL;
             page = virt_to_page(scp->request_buffer);

Reverting this line, make the driver stable again. My hypothesis is
that when scp->request_bufflen is 0, then cmdp->u.raw.sg_ranz will
not be assigned which makes the subsequent ha->cmd_len calculation
misbehave. When you compare gdth_fill_raw_cmd with
gdth_fill_cache_cmd, then in the latter function cmdp-
>u.cache.sg_canz IS assigned before the conditional 'if (scp-
>use_sg)...'


Jerome Borsboom
-----------------------------
Dr.ir. Jerome Borsboom, Ph.D.
Biomedical Engineering
Erasmus MC
Room Ee2302
Dr. Molewaterplein 50
3015 GE Rotterdam
the Netherlands
Tel: +31 10 408 7474
Fax: + 31 10 408 9445


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/