ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 1838

User:	Jiri Slaby
Error type:	Invalid Pointer Dereference
Error type description:	A pointer which is invalid is being dereferenced
File location:	drivers/scsi/aic7xxx/aic79xx_core.c
Line in file:	3259
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Smatch (1.59)
Entered:	2013-09-11 08:47:26 UTC

Source:

 3229                        && ahd_sent_msg(ahd, AHDMSG_1B,
 3230                                         MSG_INITIATOR_DET_ERR, TRUE)) {
 3231
 3232#ifdef AHD_DEBUG
 3233                        if ((ahd_debug & AHD_SHOW_MESSAGES) != 0)
 3234                                printf("Expected IDE Busfree\n");
 3235#endif
 3236                        printerror = 0;
 3237                } else if ((ahd->msg_flags & MSG_FLAG_EXPECT_QASREJ_BUSFREE)
 3238                        && ahd_sent_msg(ahd, AHDMSG_1B,
 3239                                        MSG_MESSAGE_REJECT, TRUE)) {
 3240
 3241#ifdef AHD_DEBUG
 3242                        if ((ahd_debug & AHD_SHOW_MESSAGES) != 0)
 3243                                printf("Expected QAS Reject Busfree\n");
 3244#endif
 3245                        printerror = 0;
 3246                }
 3247        }
 3248
 3249        /*
 3250         * The busfree required flag is honored at the end of
 3251         * the message phases.  We check it last in case we
 3252         * had to send some other message that caused a busfree.
 3253         */
 3254        if (printerror != 0
 3255         && (lastphase == P_MESGIN || lastphase == P_MESGOUT)
 3256         && ((ahd->msg_flags & MSG_FLAG_EXPECT_PPR_BUSFREE) != 0)) {
 3257
 3258                ahd_freeze_devq(ahd, scb);
 3259                ahd_set_transaction_status(scb, CAM_REQUEUE_REQ);
 3260                ahd_freeze_scb(scb);
 3261                if ((ahd->msg_flags & MSG_FLAG_IU_REQ_CHANGED) != 0) {
 3262                        ahd_abort_scbs(ahd, SCB_GET_TARGET(ahd, scb),
 3263                                       SCB_GET_CHANNEL(ahd, scb),
 3264                                       SCB_GET_LUN(scb), SCB_LIST_NULL,
 3265                                       ROLE_INITIATOR, CAM_REQ_ABORTED);
 3266                } else {
 3267#ifdef AHD_DEBUG
 3268                        if ((ahd_debug & AHD_SHOW_MESSAGES) != 0)
 3269                                printf("PPR Negotiation Busfree.\n");

Show full sources