From: Christian Lamparter <chunkeey@web.de>
To: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Johannes Berg <johannes@sipsolutions.net>,
Kalle Valo <kalle.valo@nokia.com>,
linux-wireless@vger.kernel.org,
John W Linville <linville@tuxdriver.com>
Subject: Re: [RFC][PATCH] p54: fix memory management
Date: Fri, 3 Oct 2008 21:25:27 +0200 [thread overview]
Message-ID: <200810032125.27454.chunkeey@web.de> (raw)
In-Reply-To: <1237110305@web.de>
On Friday 03 October 2008 16:16:32 Chunkeey@web.de wrote:
> >
> > Note, the "tainted" flag is false. No closed-source drivers have been
> > loaded.
> >
> > The oops occurs in the following inline routine:
> >
> > static inline void __skb_queue_after(struct sk_buff_head *list,
> > struct sk_buff *prev,
> > struct sk_buff *newsk)
> > {
> > __skb_insert(newsk, prev, prev->next, list);
> > }
> >
> > and is called from p54_assign_addresses() in the following region:
> >
> > if (skb) {
> > struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
> > struct memrecord *range = (void *)info->driver_data;
> > range->start_addr = target_addr;
> > range->end_addr = target_addr + len;
> > range->dev = dev;
> > __skb_queue_after(&priv->tx_queue, target_skb, skb);
> > if (largest_hole < priv->rx_mtu + priv->headroom +
> > priv->tailroom +
> > sizeof(struct p54_control_hdr))
> > ieee80211_stop_queues(dev);
> > }
> >
> > Larry
>
> Hmm, just a guess:
>
> according to skbuff.h
> the callback buffer in every skb is about;
> char cb[48];
>
>
> now, when we look at what mac80211 puts inside it
> struct ieee80211_tx_info {
> u32 flags;
> u8 band;
> s8 tx_rate_idx;
> u8 antenna_sel_tx;
>
> /* 1 byte hole => 8 bytes so far */
>
> union {
> struct {
> struct ieee80211_vif *vif; // another 8 byte on 64bit cpus => 16
> struct ieee80211_key_conf *hw_key; // + 8 bytes => 24
> struct ieee80211_sta *sta; // + 8 bytes => 32
> unsigned long jiffies; // + 8 bytes => 40
> s8 rts_cts_rate_idx, alt_retry_rate_idx; // + 2
> u8 retry_limit; // + 1
> u8 icv_len; // + 1
> u8 iv_len; // + 1
> } control;
> [...]
>
> = 45 Bytes (without alignment, with it it's probably 48) out of 48...
> If this is true, we have a serious problem on x64 since the memrecord
> struct is about 8 bytes in the old code, but with this patch it's 16...
> well I am not sure, can I put the extra ieee80211_hw* thing into skb->dev.
> It would be nice, but of course net_device isn't exactly ieee80211_hw, as
> far as I can see.
Ahh, that's garbage. driver_data is a member of the union, so it has about 40
bytes which is plenty. sorry for the noise.
Regards,
Chr.
next prev parent reply other threads:[~2008-10-03 19:21 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-03 14:16 [RFC][PATCH] p54: fix memory management Chunkeey
2008-10-03 19:25 ` Christian Lamparter [this message]
-- strict thread matches above, loose matches on Subject: below --
2008-10-02 1:59 Christian Lamparter
2008-10-03 2:43 ` Larry Finger
2008-10-03 20:02 ` Christian Lamparter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200810032125.27454.chunkeey@web.de \
--to=chunkeey@web.de \
--cc=Larry.Finger@lwfinger.net \
--cc=johannes@sipsolutions.net \
--cc=kalle.valo@nokia.com \
--cc=linux-wireless@vger.kernel.org \
--cc=linville@tuxdriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).