replicator.c - bug in izo_rep_cache_clean()?

From: Domen Puncer
Date: Mon Sep 29 2003 - 12:43:30 EST

Next message: Jean-Guillaume: "Simple Procfs question: Triggering an "action" when opening a directoryinstead of a file (with seqfile.h)???"
Previous message: davej: "[PATCH] VIA Typo in i2c."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

Another repost after more than a month, since this bug is still in kernel tree.
Now CC-ing lkml, folks at intermezzo ml don't care?

I've been doing some janitor work and came across this:

On Saturday 12 of July 2003 18:07, Matthew Wilcox wrote:
> On Sat, Jul 12, 2003 at 05:22:55PM +0200, Domen Puncer wrote:
> > ---
> > fs/intermezzo/replicator.c:83: //izo_rep_cache_clean()
> > tmp = bucket = &fset->fset_clients[i];
> >
> > tmp = tmp->next;
> > while (tmp != bucket) {
> > struct izo_offset_rec *offrec;
> > tmp = tmp->next;
> > list_del(tmp);
> > offrec = list_entry(tmp, struct izo_offset_rec,
> > or_list);
> > PRESTO_FREE(offrec, sizeof(struct
> > izo_offset_rec)); }
> >
> > This code just doesn't look right.
> > We delete tmp (tmp->next = LIST_POISON1)... next time we'll
> > list_del(LIST_POISON1)!!
> > We also do not delete first entry in the list
> > &fset->fset_clients[i]->next.
>
> Yup, looks like a bug. I bet they meant to list_del(&tmp->prev).

I guess it could be written like this:
list_for_each_save(tmp, next, bucket) {
struct izo_offset_rec *offrec;
list_del(tmp);
...

Domen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean-Guillaume: "Simple Procfs question: Triggering an "action" when opening a directoryinstead of a file (with seqfile.h)???"
Previous message: davej: "[PATCH] VIA Typo in i2c."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]