> One change I can try is to put the diagnostic printf higher in the > scsipi_request function As the problem is so simple to reproduce, I'd put it just below xs = arg.
Or set a breakpoint on scsipi_get_opcodeinfo(), then, when hitting it, one on mpii_scsipi_request() (provided you find it's address) and then step through it. Maybe dump the whole xs to see whether other fields are corrupted, too. But I'd bet the problem is the ccb_done routine being called prematurely. You could introduce a mpii_nothing_done() routine that prints something when called, replace ccb->ccb_done = mpii_scsi_cmd_done with = mpii_nothing_done and move the real assignement just before the mpii_start() call. Or so I think.
