NULL pointer bug in netpoll.c
Hi,
it seems that there is a gremlin sleeping in
net/core/netpoll.c:find_skb(). Even if no more buffers are available
through "skbs", "skb" is dereferenced anyway. The tiny patch should fix it.
Jan
--- linux-2.6.11.4/net/core/netpoll.c.orig 2005-03-16 01:09:19.0
+0100
+++ linux-2.6.11.4/net/core/netpoll.c 2005-03-19 21:42:41.573018776 +0100
@@ -165,10 +165,11 @@ repeat:
if (!skb) {
spin_lock_irqsave(_list_lock, flags);
skb = skbs;
- if (skb)
+ if (skb) {
skbs = skb->next;
- skb->next = NULL;
- nr_skbs--;
+ skb->next = NULL;
+ nr_skbs--;
+ }
spin_unlock_irqrestore(_list_lock, flags);
}
NULL pointer bug in netpoll.c
Hi,
it seems that there is a gremlin sleeping in
net/core/netpoll.c:find_skb(). Even if no more buffers are available
through skbs, skb is dereferenced anyway. The tiny patch should fix it.
Jan
--- linux-2.6.11.4/net/core/netpoll.c.orig 2005-03-16 01:09:19.0
+0100
+++ linux-2.6.11.4/net/core/netpoll.c 2005-03-19 21:42:41.573018776 +0100
@@ -165,10 +165,11 @@ repeat:
if (!skb) {
spin_lock_irqsave(skb_list_lock, flags);
skb = skbs;
- if (skb)
+ if (skb) {
skbs = skb-next;
- skb-next = NULL;
- nr_skbs--;
+ skb-next = NULL;
+ nr_skbs--;
+ }
spin_unlock_irqrestore(skb_list_lock, flags);
}
