Re: [TIP] BUG kmalloc-4096: Poison overwritten (ath5k_rx_skb_alloc)

From: Nick Kossifidis
Date: Mon Feb 23 2009 - 11:41:26 EST


2009/2/23 Bob Copeland <me@xxxxxxxxxxxxxxx>:
> On Mon, Feb 23, 2009 at 06:27:35PM +0200, Nick Kossifidis wrote:
>> 2009/2/23 Bob Copeland <me@xxxxxxxxxxxxxxx>:
>> > On Mon, Feb 23, 2009 at 06:15:51PM +0200, Nick Kossifidis wrote:
>> >> Typo alert...
>> >> rs->rs_more = !!(rx_status->rx_status_0 & AR5K_5212_RX_DESC_STATUS0_MORE);
>> >
>> > I'm slow... what's wrong with it?
>> >
>>
>> "!!"
>>
>> it should be just
>>
>> rs->rs_more = (rx_status->rx_status_0 & AR5K_5212_RX_DESC_STATUS0_MORE);
>
> No, that's intentional. That was actually a bug we had at some point
> (rs_more is a u8 so the bitwise AND overflowed). The "!!" makes it zero
> or one so it fits.
>

AR5K_REG_MS is used for that, we should just shift it as we do with
the other fields and btw i think we must change flags to be bool.



--
GPG ID: 0xD21DB2DB
As you read this post global entropy rises. Have Fun ;-)
Nick
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/