On Wed, 13 Dec 2006, dcarpenter wrote:

> Could someone look over this patch as well?  It should hopefully
> fix the list corruption bug on:
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214402
> 
> Add a missing INIT_LIST_HEAD()
> 
> Signed-off-by: Dan Carpenter <[EMAIL PROTECTED]>
> 
> diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
> index fed92be..5efbf81 100644
> --- a/drivers/usb/core/devio.c
> +++ b/drivers/usb/core/devio.c
> @@ -570,6 +570,7 @@ static int usbdev_open(struct inode *ino
>       ps->dev = dev;
>       ps->file = file;
>       spin_lock_init(&ps->lock);
> +     INIT_LIST_HEAD(&ps->list);
>       INIT_LIST_HEAD(&ps->async_pending);
>       INIT_LIST_HEAD(&ps->async_completed);
>       init_waitqueue_head(&ps->wait);

The patch is correct and it should fix the bug report.

However the problem mentioned in the bug report isn't actually a bug.  If 
you look a little farther down in the source code, you'll see that 
ps->list immediately gets overwritten by a list_add_tail() call.

I don't see any real advantage to writing data that will immediately be 
overwritten, simply in order to avoid a false positive from an overzealous 
list-corruption detector.  Has there been some high-level decision that 
all list_head structures must now be initialized prior to use?

Alan Stern


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
linux-usb-devel@lists.sourceforge.net
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel

Reply via email to