[PATCH 1/3] Fix use of skb after netif_rx
From: Julia Lawall
Date: Sun Dec 09 2007 - 15:02:46 EST
From: Julia Lawall <julia@xxxxxxx>
Recently, Wang Chen submitted a patch
(d30f53aeb31d453a5230f526bea592af07944564) to move a call to netif_rx(skb)
after a subsequent reference to skb, because netif_rx may call kfree_skb on
its argument. The same problem occurs in some other drivers as well.
This was found using the following semantic match.
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
expression skb, e,e1;
@@
(
netif_rx(skb);
|
netif_rx_ni(skb);
)
... when != skb = e
(
skb = e1
|
* skb
)
// </smpl>
Signed-off-by: Julia Lawall <julia@xxxxxxx>
---
diff a/arch/um/drivers/net_kern.c b/arch/um/drivers/net_kern.c
--- a/arch/um/drivers/net_kern.c 2007-11-15 15:09:36.000000000 +0100
+++ b/arch/um/drivers/net_kern.c 2007-12-05 19:01:14.000000000 +0100
@@ -98,10 +98,10 @@ static int uml_net_rx(struct net_device
if (pkt_len > 0) {
skb_trim(skb, pkt_len);
skb->protocol = (*lp->protocol)(skb);
- netif_rx(skb);
lp->stats.rx_bytes += skb->len;
lp->stats.rx_packets++;
+ netif_rx(skb);
return pkt_len;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/