[2.4.23-pre3] Possible bug in fs/buffer.c

From: Rolf Eike Beer
Date: Mon Sep 08 2003 - 10:16:40 EST

Next message: Richard B. Johnson: "Re: [OT] Re: nasm over gas?"
Previous message: Klaus Dittrich: "Re: 2.4.23-pre3 hypertreading"
Next in thread: Andreas Schwab: "Re: [2.4.23-pre3] Possible bug in fs/buffer.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is __put_unused_buffer_head from fs/buffer.c, lines 1156 to 1171:

static void __put_unused_buffer_head(struct buffer_head * bh)
{
if (unlikely(buffer_attached(bh)))
BUG();
if (nr_unused_buffer_heads >= MAX_UNUSED_BUFFERS) {
kmem_cache_free(bh_cachep, bh);
} else {
bh->b_dev = B_FREE;
===> bh->b_blocknr = -1; <===
bh->b_this_page = NULL;

nr_unused_buffer_heads++;
bh->b_next_free = unused_list;
unused_list = bh;
}
}

In include/linux/fs.h "struct buffer_head" is defined this way:

struct buffer_head {
/* First cache line: */
struct buffer_head *b_next; /* Hash queue list */
unsigned long b_blocknr; /* block number */
...

So this line (and line 1205, which is the same) is either ugly (and someone
meant ~0UL or something similar) or completely bogus. Same way in
2.6.0-test4-bk10/fs/buffer.c, line 1031 (b_blocknr is a sector_t, which is an
unsigned long).

Comments?

Eike
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard B. Johnson: "Re: [OT] Re: nasm over gas?"
Previous message: Klaus Dittrich: "Re: 2.4.23-pre3 hypertreading"
Next in thread: Andreas Schwab: "Re: [2.4.23-pre3] Possible bug in fs/buffer.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]