On Tuesday 22 March 2005 04:44, Dave Jones wrote:
> You wouldn't believe how many instances of this bug I've
> seen in the last few days in both userspace and kernelspace.
>
> - memset(&target_route->rcu, sizeof(struct rcu_head), 0);
> + memset(&target_route->rcu, 0, sizeof(struct rcu_head));
Hehe.
# grep -r 'memset.*,[ 0x]*)' .
./sound/oss/cmpci.c: memset(buf + bptr, c, x);
./sound/oss/cmpci.c: memset(buf1 + bptr, c, x);
./sound/oss/swarm_cs4297a.c: memset(((char *) buf) + bptr, c, x);
./sound/oss/esssolo1.c: memset(((char *)buf) + bptr, c, x);
./sound/oss/es1370.c: memset(((char *)buf) + bptr, c, x);
./sound/oss/es1371.c: memset(((char *)buf) + bptr, c, x);
./sound/oss/maestro.c: memset(buf + bptr, c, x);
./sound/oss/cs4281/cs4281m.c: memset(((char *) buf) + bptr, c, x);
./sound/oss/maestro3.c: memset(buf + bptr, c, x);
./sound/oss/sonicvibes.c: memset(buf + bptr, c, x);
./sound/oss/ali5455.c: memset(dmabuf->rawbuf + swptr, '\0', x);
./drivers/char/hvcs.c: * 1.3.0 -> 1.3.1 In hvcs_open memset(..,0x00,..) instead of memset(..,0x3F,00).
./drivers/s390/scsi/zfcp_aux.c: memset(sg_list->sg, sg_list->count * sizeof(struct scatterlist), 0);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
./Documentation/scsi/ChangeLog.1992-1997: * scsi.c (scan_scsis): memset(SDpnt, 0) and set SCmd.device to SDpnt.
./include/asm-frv/uaccess.h:#define clear_user(dst,count) (memset((dst), 0, (count)), 0)
Patch attached.
--
vda