On Thu, 2017-08-24 at 11:57 +0800, Ming Lei wrote:
> On Tue, Aug 22, 2017 at 06:28:54PM +0000, Bart Van Assche wrote:
> > * Whether or not index >= sb->map_nr. I propose to start iterating from the
> > start of @sb in this case.
>
> It has been checked at the end of the loop.
That's not sufficient to avoid an out-of-bounds access if the start index is
large. If __sbitmap_for_each_set() would accept values for the start index
argument that result in index >= sb->map_nr then that will simplify code that
accesses an sbitmap in a round-robin fashion.
> > }
> >
> > while (true) {
> > struct sbitmap_word *word = &sb->map[i];
> > unsigned int off;
>
> Looks you removed the check on 'word->word'.
Yes, and I did that on purpose. If the start index refers to a word that is
zero then the "if (word->word) continue;" code will cause the end-of-loop
check to be skipped and hence will cause an infinite loop.
Bart.
