Home Home > GIT Browse
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJes Sorensen <jes@trained-monkey.org>2003-12-16 16:26:43 -0800
committerLinus Torvalds <torvalds@home.osdl.org>2003-12-16 16:26:43 -0800
commit0e70f996f011c870970eee3f584a2f9b8295cf34 (patch)
treec8e6b4fe2a07e10906771f09678753a22a7ae9a5
parentf75da5af1c0b41783c8bb078d0ce7a03cc9be826 (diff)
[PATCH] qla1280 crash fix in error handling
This fixes a bug in the qla1280 driver where it would leave a pointer to an on the stack completion event in a command structure if qla1280_mailbox_command fails. The result is that the interrupt handler later tries to complete() garbage on the stack. The mailbox command can fail if a device on the bus decides to lock up etc.
-rw-r--r--drivers/scsi/qla1280.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/drivers/scsi/qla1280.c b/drivers/scsi/qla1280.c
index a995b9599e23..db6fea56aae8 100644
--- a/drivers/scsi/qla1280.c
+++ b/drivers/scsi/qla1280.c
@@ -16,9 +16,13 @@
* General Public License for more details.
*
******************************************************************************/
-#define QLA1280_VERSION "3.23.37"
+#define QLA1280_VERSION "3.23.37.1"
/*****************************************************************************
Revision History:
+ Rev 3.23.37.1 December 17, 2003, Jes Sorensen
+ - Delete completion queue from srb if mailbox command failed to
+ to avoid qla1280_done completeting qla1280_error_action's
+ obsolete context
Rev 3.23.37 October 1, 2003, Jes Sorensen
- Make MMIO depend on CONFIG_X86_VISWS instead of yet another
random CONFIG option
@@ -1464,8 +1468,15 @@ qla1280_error_action(Scsi_Cmnd * cmd, enum action action)
/* If we didn't manage to issue the action, or we have no
* command to wait for, exit here */
if (result == FAILED || handle == NULL ||
- handle == (unsigned char *)INVALID_HANDLE)
+ handle == (unsigned char *)INVALID_HANDLE) {
+ /*
+ * Clear completion queue to avoid qla1280_done() trying
+ * to complete the command at a later stage after we
+ * have exited the current context
+ */
+ sp->wait = NULL;
goto leave;
+ }
/* set up a timer just in case we're really jammed */
init_timer(&timer);