drbd: remove check of list iterator against head past the loop body

When list_for_each_entry() completes the iteration over the whole list
without breaking the loop, the iterator value will be a bogus pointer
computed based on the head element.

While it is safe to use the pointer to determine if it was computed
based on the head element, either with list_entry_is_head() or
&pos->member == head, using the iterator variable after the loop should
be avoided.

In preparation to limit the scope of a list iterator to the list
traversal loop, use a dedicated pointer to point to the found element [1].

Link: https://lore.kernel.org/all/CAHk-=wgRr_D8CB-D9Kg-c=EHreAsk5SqXPwr9Y7k9sA6cWXJ6w@mail.gmail.com/
Signed-off-by: Jakob Koschel <jakobkoschel@gmail.com>
Reviewed-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com>
Link: https://lore.kernel.org/r/20220331220349.885126-2-jakobkoschel@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/drivers/block/drbd/drbd_req.c b/drivers/block/drbd/drbd_req.c
index ebe0e5c..5df2a60 100644 (file)
--- a/drivers/block/drbd/drbd_req.c
+++ b/drivers/block/drbd/drbd_req.c
@@ -334,17 +334,21 @@ static void set_if_null_req_next(struct drbd_peer_device *peer_device, struct dr
 static void advance_conn_req_next(struct drbd_peer_device *peer_device, struct drbd_request *req)
 {
        struct drbd_connection *connection = peer_device ? peer_device->connection : NULL;
+       struct drbd_request *iter = req;
        if (!connection)
                return;
        if (connection->req_next != req)
                return;
-       list_for_each_entry_continue(req, &connection->transfer_log, tl_requests) {
-               const unsigned s = req->rq_state;
-               if (s & RQ_NET_QUEUED)
+
+       req = NULL;
+       list_for_each_entry_continue(iter, &connection->transfer_log, tl_requests) {
+               const unsigned int s = iter->rq_state;
+
+               if (s & RQ_NET_QUEUED) {
+                       req = iter;
                        break;
+               }
        }
-       if (&req->tl_requests == &connection->transfer_log)
-               req = NULL;
        connection->req_next = req;
 }
 
@@ -360,17 +364,21 @@ static void set_if_null_req_ack_pending(struct drbd_peer_device *peer_device, st
 static void advance_conn_req_ack_pending(struct drbd_peer_device *peer_device, struct drbd_request *req)
 {
        struct drbd_connection *connection = peer_device ? peer_device->connection : NULL;
+       struct drbd_request *iter = req;
        if (!connection)
                return;
        if (connection->req_ack_pending != req)
                return;
-       list_for_each_entry_continue(req, &connection->transfer_log, tl_requests) {
-               const unsigned s = req->rq_state;
-               if ((s & RQ_NET_SENT) && (s & RQ_NET_PENDING))
+
+       req = NULL;
+       list_for_each_entry_continue(iter, &connection->transfer_log, tl_requests) {
+               const unsigned int s = iter->rq_state;
+
+               if ((s & RQ_NET_SENT) && (s & RQ_NET_PENDING)) {
+                       req = iter;
                        break;
+               }
        }
-       if (&req->tl_requests == &connection->transfer_log)
-               req = NULL;
        connection->req_ack_pending = req;
 }
 
@@ -386,17 +394,21 @@ static void set_if_null_req_not_net_done(struct drbd_peer_device *peer_device, s
 static void advance_conn_req_not_net_done(struct drbd_peer_device *peer_device, struct drbd_request *req)
 {
        struct drbd_connection *connection = peer_device ? peer_device->connection : NULL;
+       struct drbd_request *iter = req;
        if (!connection)
                return;
        if (connection->req_not_net_done != req)
                return;
-       list_for_each_entry_continue(req, &connection->transfer_log, tl_requests) {
-               const unsigned s = req->rq_state;
-               if ((s & RQ_NET_SENT) && !(s & RQ_NET_DONE))
+
+       req = NULL;
+       list_for_each_entry_continue(iter, &connection->transfer_log, tl_requests) {
+               const unsigned int s = iter->rq_state;
+
+               if ((s & RQ_NET_SENT) && !(s & RQ_NET_DONE)) {
+                       req = iter;
                        break;
+               }
        }
-       if (&req->tl_requests == &connection->transfer_log)
-               req = NULL;
        connection->req_not_net_done = req;
 }