From: mkatiyar@gmail.com (Manish Katiyar)
To: kernelnewbies@lists.kernelnewbies.org
Subject: [PATCH] staging: Check for Null return of allocated skb in fw_download_code
Date: Tue, 12 Aug 2014 22:53:37 -0700 [thread overview]
Message-ID: <CAE0An6egKC+iLHtx2q2PPrxxYhxHrot_MBk_oL+zgPDAuA43cw@mail.gmail.com> (raw)
In-Reply-To: <14218.1407908124@turing-police.cc.vt.edu>
On Tue, Aug 12, 2014 at 10:35 PM, <Valdis.Kletnieks@vt.edu> wrote:
> On Tue, 12 Aug 2014 23:24:32 -0400, Nicholas Krause said:
> > This patch checks if we are getting a Null allocated skb in the while/do
> > loop of this function.
> > skb = dev_alloc_skb(frag_length + 4);
> > + if (skb == NULL) {
> > + rt_status = false;
> > + break;
> > + }
>
> Nick, it's *STILL* wrong. And although I admit I blew it on the refcount
> issue, that doesn't change the fact that you're still leaking memory here.
>
> Work this through. Hand simulate it. Pretend that 3 fragments are
> needed, and that the first two succeed but the third one fails.
>
> Who frees the first two fragments before you return?
>
> For bonus points - explain under what conditions this bug can *possibly*
> be triggered on an actual system. Consider in your reply both (a) when
> this
> code is called and (b) what the system state *should* be at that point, and
> what it has to be for this bug to trigger. Given your answer to (a) and
> (b),
> extrapolate to what the next few hundredths of a second likely hold for
> this system even after we've fixed the bug you're mis-fixing here.
>
> Once you've done that, you'll hopefully understand why you're trying to fix
> a bug from 2009.
>
>
And it may also be a good idea to post the logs regarding how you tested
your patch and verified that the fix works as expected. As you are asking
someone else to send the patch on behalf of you, anyone who volunteers
would like to verify that the patch is indeed tested properly before
forwarding.
Thanks -
Manish
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20140812/e9da9a4e/attachment.html
next prev parent reply other threads:[~2014-08-13 5:53 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-13 3:24 [PATCH] staging: Check for Null return of allocated skb in fw_download_code Nicholas Krause
2014-08-13 3:31 ` Nick Krause
2014-08-13 5:35 ` Valdis.Kletnieks at vt.edu
2014-08-13 5:53 ` Manish Katiyar [this message]
2014-08-13 13:56 ` Valdis.Kletnieks at vt.edu
2014-08-13 14:50 ` Max Filippov
2014-08-13 16:02 ` Valdis.Kletnieks at vt.edu
2014-08-13 16:55 ` Nick Krause
2014-08-13 18:03 ` Nick Krause
2014-08-13 18:09 ` Philipp Muhoray
2014-08-13 18:11 ` Max Filippov
2014-08-13 18:25 ` Jerry Snitselaar
2014-08-13 18:27 ` Nick Krause
2014-08-13 18:58 ` Nick Krause
2014-08-13 18:20 ` Jeff Haran
2014-08-13 19:17 ` Valdis.Kletnieks at vt.edu
2014-08-13 19:24 ` Nick Krause
2014-08-13 19:52 ` Nick Krause
2014-08-13 19:06 ` Valdis.Kletnieks at vt.edu
-- strict thread matches above, loose matches on Subject: below --
2014-08-13 3:12 Nicholas Krause
2014-08-13 3:14 ` Nick Krause
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAE0An6egKC+iLHtx2q2PPrxxYhxHrot_MBk_oL+zgPDAuA43cw@mail.gmail.com \
--to=mkatiyar@gmail.com \
--cc=kernelnewbies@lists.kernelnewbies.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).