Re: [E1000-devel] e100 REGRESSION in 2.6.32 (PATCH)

Thu, 17 Dec 2009 07:48:58 -0800 

On Thu, 17 Dec 2009, Roger Oksanen wrote:

> e100: Fix broken cbs accounting due to missing memset.
> 
> Alan Stern noticed that e100 caused slab corruption.
> commit 98468efddb101f8a29af974101c17ba513b07be1 changed
> the allocation of cbs to use dma pools that don't return zeroed memory,
> especially the cb->status field used to track which cb to clean, causing
> (the visible) double freeing of skbs and a wrong free cbs count.
> 
> Now the cbs are explicitly zeroed at allocation time.
> 
> Reported-by: Alan Stern <[email protected]>
> Signed-off-by: Roger Oksanen <[email protected]>
> ---
>  drivers/net/e100.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/drivers/net/e100.c b/drivers/net/e100.c
> index d269a68..29a8840 100644
> --- a/drivers/net/e100.c
> +++ b/drivers/net/e100.c
> @@ -1815,6 +1815,7 @@ static int e100_alloc_cbs(struct nic *nic)
>  
>       nic->cbs = pci_pool_alloc(nic->cbs_pool, GFP_KERNEL,
>                                 &nic->cbs_dma_addr);
> +     memset(nic->cbs, 0, count * sizeof(struct cb));
>       if (!nic->cbs)
>               return -ENOMEM;
>  
> @@ -1825,7 +1826,6 @@ static int e100_alloc_cbs(struct nic *nic)
>               cb->dma_addr = nic->cbs_dma_addr + i * sizeof(struct cb);
>               cb->link = cpu_to_le32(nic->cbs_dma_addr +
>                       ((i+1) % count) * sizeof(struct cb));
> -             cb->skb = NULL;
>       }
>  
>       nic->cb_to_use = nic->cb_to_send = nic->cb_to_clean = nic->cbs;

Clearly the memset() belongs after the "if" test, not before.  Apart 
from that, I confirm that this patch fixes the problem in 2.6.32.

Tested-by: Alan Stern <[email protected]>

Alan Stern


------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
E1000-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/e1000-devel

Reply via email to