3ee1bc2e50
abuses its argument, which is supposed to be an integer unit number, as a pointer to the head of the 'struct slot' list. When this code was hacked^Wupdated for newbus, a new mechanism for registering slot_irq_handler() was put in place and the significance of the unit number was overlooked. When registering an interrupt, we have both device_id and unit. The unit number is passed as 'unit' but /sys/i386/usa/intr_machdep.c:register_intr() drops unit on the floor and uses device_id instead. Since pccard_alloc_intr() always sets device_id to 0, this means the unit number is always zero, and slot_irq_handler() is always called with 0, which becomes a NULL pointer which slot_irq_handler() tries to dereference and the kernel explodes. Result: if you assign a PCMCIA driver in the kernel config file like this: device wi0 at isa? port? irq? Then the system will panic the moment a PCMCIA device is attached and an interrupt is triggered. The quick fix: make pccard_alloc_intr() pass the unit number as both the device_id and unit arguments to register_pcic_intr(). The correct fix would be to rewrite /sys/pccard to be less disgusting.