The possible problem is encountered in ehci-q.c and ehci-sched.c
in 2.4.19-pre9 and in one occurence in ehci-q.c of 2.5.47.
the offending pattern is the same in both files:
if (!list_empty (qtd_list)) {
-----------------------8<----------------------------------------------
list_splice (qtd_list, &qh->qtd_list);
qh_update (qh, list_entry (qtd_list->next, struct ehci_qtd, qtd\_list));
-----------------------8<----------------------------------------------
} else {
qh->hw_qtd_next = qh->hw_alt_next = EHCI_LIST_END;
}
since list_splice() the qtd_list is diposed of its belongings and
immediately in the next line we rely on qtd_list->next to point
at an existing list_head.
i haven`t noticed any locking out there, and i`m afraid of what
could result from a preemption happening between these two lines.
regards, Samium Gromoff
_______________________________
____________________________________
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Nov 23 2002 - 22:00:22 EST