Re: [bug] ata subsystem related crash with latest -git
From: Benny Halevy
Date: Thu Oct 18 2007 - 08:59:39 EST
On Oct. 18, 2007, 14:15 +0200, Jens Axboe <jens.axboe@xxxxxxxxxx> wrote:
<snip>
> /**
> * sg_next - return the next scatterlist entry in a list
> @@ -43,10 +51,15 @@ static inline void sg_init_one(struct scatterlist *sg, const void *buf,
> */
> static inline struct scatterlist *sg_next(struct scatterlist *sg)
> {
> - sg++;
> -
> - if (unlikely(sg_is_chain(sg)))
> +#ifdef CONFIG_DEBUG_SG
> + BUG_ON(sg->sg_magic != SG_MAGIC);
> +#endif
> + if (sg_is_last(sg))
> + sg = NULL;
> + else if (sg_is_chain(sg))
> sg = sg_chain_ptr(sg);
> + else
> + sg++;
Hmm, sg_next is not supposed to return a pointer to the chain entry
itself, but rather skip it. I think that the fix needs only
check the "last" flag before incrementing sg.
+#ifdef CONFIG_DEBUG_SG
+ BUG_ON(sg->sg_magic != SG_MAGIC);
+#endif
+ if (sg_is_last(sg))
+ return NULL;
+
sg++
if (unlikely(sg_is_chain(sg)))
sg = sg_chain_ptr(sg);
>
> return sg;
> }
> @@ -83,6 +96,9 @@ static inline struct scatterlist *sg_last(struct scatterlist *sgl,
> ret = sg;
>
> #endif
> +#ifdef CONFIG_DEBUG_SG
> + BUG_ON(sgl[0].sg_magic != SG_MAGIC);
can it also do BUG_ON(!sg_is_last(sg))?
> +#endif
> return ret;
> }
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/