On Wednesday 30 June 2010 18:49:57 YingChao LI wrote:
[snip]
> Panic occurs when call yaffs_RemoveObjectCallback at line:
> if(sc->nextReturn == obj), because referred the buffer has been freed by
> yaffs_readdir. Seems sc buffer(*0xd6f01780*) has been freed, but still in
> search context doubly linked list(the next pointer of "sc**
> other(*0xdc1e40c8)*" is* 0xd6f0178c*, the prev pointer of "*0xd6f0178c*"
> is *0xdc1e40c8*). Is it possible that the search context lock mechanism has
> some issue or other reason?
>
> I only met this panic once, and can NOT reproduce it. Any suggestion about
> this? Thanks a lot.
Thanks for pointing that out.
This will be hard to reproduce.
There was indeed a problem in the locking of the search context. This has
been fixed.
http://yaffs.net/gitweb?p=yaffs2/.git;a=commit;h=c1399b62aaa71a3da498b5fa67adb25e59181ab0
(text/plain)