This was noticed by Doug Bazamic and the fix found by Mark Salyzyn at
Adaptec.
There was an error in the BUG_ON() statement that validated the
calculated fib size which can cause the driver to panic.
Signed-off-by: Mark Haverkamp <[email protected]>
--- a/drivers/scsi/aacraid/aachba.c 2005-08-28 19:41:01.000000000 -0400
+++ b/drivers/scsi/aacraid/aachba.c 2005-09-01 08:05:29.118304656 -0400
@@ -968,7 +968,7 @@
fibsize = sizeof(struct aac_read64) +
((le32_to_cpu(readcmd->sg.count) - 1) *
sizeof (struct sgentry64));
- BUG_ON (fibsize > (sizeof(struct hw_fib) -
+ BUG_ON (fibsize > (dev->max_fib_size -
sizeof(struct aac_fibhdr)));
/*
* Now send the Fib to the adapter
--
Mark Haverkamp <[email protected]>