1) VER3 and _MAX are of same size:
#define NV_PCI_REGSZ_VER3 0x604
#define NV_PCI_REGSZ_MAX 0x604
2) It looks like there is a case where VER3 get's assigned to
register_size:
if (id->driver_data &
(DEV_HAS_VLAN|DEV_HAS_MSI_X|DEV_HAS_POWER_CNTRL|DEV_HAS_STATISTICS_V2|DEV_HAS_STATISTICS_V
np->register_size = NV_PCI_REGSZ_VER3;
3) the definition of saved_config_space is MAX divided by 4 (size of u32)
struct fe_priv {
[...]
u32 saved_config_space[NV_PCI_REGSZ_MAX/4]
4) This doesn't stop loop at [size-1]:
Thus there is the risk that it overrides the field after
saved_config_space. If that's desired behaviour at least a comment
is missing IMHO:
for (i = 0; i <= np->register_size/sizeof(u32); i++)
np->saved_config_space[i] = readl(base + i*sizeof(u32));
Such for loop is used twice in forcedeth.c
Patch againstn 4de9ad9bc08 (Fri Sep 6 11:14:33) attached fixing both
using < instead of <=.
If you think I've hit a small bug just fix and commit.
I don't care much about my ownership of this patch.
I didn't test this patch because I don't have the hardware and I think
its a trivial case.
Marc Weber