This patch fixes a bug in PD creation where the user-mode data for kernel callers is discarded, so references a dummy variable on the stack. Unfortunately, the dummy variable referenced goes out of scope before it is written. Oops.
Signed-off-by: Fab Tillier <[email protected]> Index: hw/mlx4/kernel/hca/pd.c =================================================================== --- hw/mlx4/kernel/hca/pd.c (revision 3414) +++ hw/mlx4/kernel/hca/pd.c (working copy) @@ -78,9 +78,8 @@ 0, sizeof(p_resp->pdn)); } else { - u32 pdn; - INIT_UDATA(&udata, NULL, &pdn, - 0, sizeof(pdn)); + // Discard PDN output, so use status as temp storage. + INIT_UDATA(&udata, NULL, &status, 0, sizeof(status)); } } else {
13.stack_corrupt.patch
Description: 13.stack_corrupt.patch
_______________________________________________ ofw mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ofw
