logic bug in dma_wait()
Samuel Rydh
samuel at ibrium.se
Tue Jun 21 10:04:46 MDT 2005
On Tue, Jun 21, 2005 at 04:02:56PM +0200, Olaf Hering wrote:
>
> Samuel,
>
> maybe someone dragged you away from the keyboard while you hacked on
> src/drivers/dbdma.c:dma_wait()
> How is ret.ret supposed to be initialized. Perhaps like that?
>
> Index: mol-0.9.70/src/drivers/dbdma.c
> ===================================================================
> --- mol-0.9.70.orig/src/drivers/dbdma.c
> +++ mol-0.9.70/src/drivers/dbdma.c
> @@ -1035,6 +1035,7 @@ dma_wait( int irq, int flags, struct tim
>
> if( cond ){
> ret.next = *ret_chain;
> + ret.ret = ret.next->ret;
> *ret_chain = ret.next;
>
> if( abstimeout == NULL ){
Ah... I see you have looked around in the more dusty parts of MOL.
The dbdma controller isn't really used except in esoteric oldworld
configurations (swim3 floppy comes to mind). In the newworld setting,
it is only used to keep the ROM happy; no DMA channels are attached.
Nevertheless, this is clearly a bug. The return value is supposed to
be set by the thread that wakes the sleeping DMA thread:
Index: mol-0.9.70/src/drivers/dbdma.c
===================================================================
--- mol-0.9.70.orig/src/drivers/dbdma.c
+++ mol-0.9.70/src/drivers/dbdma.c
@@ -1035,6 +1035,7 @@ dma_wait( int irq, int flags, struct tim
if( cond ){
ret.next = *ret_chain;
- *ret_chain = ret.next;
+ *ret_chain = &ret;
if( abstimeout == NULL ){
The unchaining code a few lines down also appears to be buggy.
/Samuel
More information about the mol-general
mailing list