On Sat, Nov 04, 2006 at 11:48:42AM -0800, Luben Tuikov wrote: > The sg driver corrupts memory when the data buffer > size is 5493376 (0x53d280) bytes. The reason for this > is the computation of the left over size given the > size of scatter-gather array and the size of the > scatter-gather element. This patch fixes this. > > Other fixes: > 1. Eliminate scatter_elem_sz_prev, and use memory > barriers to get its current value. Reset it to PAGE_SIZE > if the user has set it to something smaller. I just stumbled over the scatter_elem_sz / scatter_elem_sz_prev usage aswell when reasearching something unrelated in sg. It seems very wrong to me to have unprotectred globals for buffer size estimations. If these estimates make sense we should do them per open file descriptor to avoid the races and to make sure they still work properly in cases where multiple I/Os are going on through sg. Anyway, your patch looks very good and is an improvement in that area. - To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
