From: Marcelo Tosatti <marcelo.tosatti@cyclades.com>
To: Adrian Bunk <bunk@stusta.de>
Cc: Linus Torvalds <torvalds@osdl.org>, Andrew Morton <akpm@osdl.org>,
markus.lidel@shadowconnect.com, James.Bottomley@SteelEye.com,
linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
Mark Salyzyn <mark_salyzyn@adaptec.com>
Subject: Re: [patch] drivers/scsi/dpt_i2o.c: fix a NULL pointer dereference
Date: Sun, 27 Nov 2005 10:47:38 -0200 [thread overview]
Message-ID: <20051127124738.GC13581@logos.cnet> (raw)
In-Reply-To: <20051126233637.GC3988@stusta.de>
On Sun, Nov 27, 2005 at 12:36:37AM +0100, Adrian Bunk wrote:
> The Coverity checker spotted this obvious NULL pointer dereference.
Hi Adrian,
Could you explain why you remove the adpt_post_wait_lock acquision?
And if it does not belong there, why don't you remove it instead of
commeting out?
> Signed-off-by: Adrian Bunk <bunk@stusta.de>
> Acked-by: Mark Salyzyn <mark_salyzyn@adaptec.com>
>
> ---
>
> This patch was already sent on:
> - 23 Nov 2005
> - 21 Nov 2005
>
> drivers/scsi/dpt_i2o.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> --- linux-2.6.15-rc1-mm2-full/drivers/scsi/dpt_i2o.c.old 2005-11-20 22:13:37.000000000 +0100
> +++ linux-2.6.15-rc1-mm2-full/drivers/scsi/dpt_i2o.c 2005-11-20 22:16:57.000000000 +0100
> @@ -816,7 +816,7 @@
> static void adpt_i2o_sys_shutdown(void)
> {
> adpt_hba *pHba, *pNext;
> - struct adpt_i2o_post_wait_data *p1, *p2;
> + struct adpt_i2o_post_wait_data *p1, *old;
>
> printk(KERN_INFO"Shutting down Adaptec I2O controllers.\n");
> printk(KERN_INFO" This could take a few minutes if there are many devices attached\n");
> @@ -830,13 +830,14 @@
> }
>
> /* Remove any timedout entries from the wait queue. */
> - p2 = NULL;
> // spin_lock_irqsave(&adpt_post_wait_lock, flags);
> /* Nothing should be outstanding at this point so just
> * free them
> */
> - for(p1 = adpt_post_wait_queue; p1; p2 = p1, p1 = p2->next) {
> - kfree(p1);
> + for(p1 = adpt_post_wait_queue; p1;) {
> + old = p1;
> + p1 = p1->next;
> + kfree(old);
> }
> // spin_unlock_irqrestore(&adpt_post_wait_lock, flags);
> adpt_post_wait_queue = NULL;
next prev parent reply other threads:[~2005-11-27 18:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-26 23:36 [patch] drivers/scsi/dpt_i2o.c: fix a NULL pointer dereference Adrian Bunk
2005-11-27 12:47 ` Marcelo Tosatti [this message]
2005-11-27 18:52 ` Adrian Bunk
2005-11-27 13:28 ` Marcelo Tosatti
2005-11-28 18:37 ` James Bottomley
2005-11-28 21:51 ` Adrian Bunk
-- strict thread matches above, loose matches on Subject: below --
2005-11-23 22:34 Adrian Bunk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051127124738.GC13581@logos.cnet \
--to=marcelo.tosatti@cyclades.com \
--cc=James.Bottomley@SteelEye.com \
--cc=akpm@osdl.org \
--cc=bunk@stusta.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=mark_salyzyn@adaptec.com \
--cc=markus.lidel@shadowconnect.com \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox