Message ID | 1291465901-3189-1-git-send-email-xiaosuo@gmail.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
Changli Gao wrote: > The dev field of ingress queue is forgot to initialized, then NULL > pointer dereference happens in qdisc_alloc(). > > Move inits of tx queues to netif_alloc_netdev_queues(). > > Signed-off-by: Changli Gao <xiaosuo@gmail.com> > --- > v2: factorize the two inits in netdev_init_queues() and move inits of > tx queues to netif_alloc_netdev_queues(). > net/core/dev.c | 35 +++++++++++++---------------------- > 1 file changed, 13 insertions(+), 22 deletions(-) > diff --git a/net/core/dev.c b/net/core/dev.c > index cd24374..4a7fc32 100644 > --- a/net/core/dev.c > +++ b/net/core/dev.c I guess you should mention it's net-next problem, because some people might be unnecessarily concerned (why they don't have such an oops ;-) Jarek P. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Le samedi 04 décembre 2010 à 20:31 +0800, Changli Gao a écrit : > The dev field of ingress queue is forgot to initialized, then NULL > pointer dereference happens in qdisc_alloc(). > > Move inits of tx queues to netif_alloc_netdev_queues(). > > Signed-off-by: Changli Gao <xiaosuo@gmail.com> > --- > v2: factorize the two inits in netdev_init_queues() and move inits of > tx queues to netif_alloc_netdev_queues(). This is a net-next-2.6 patch, you forgot to mention it. Acked-by: Eric Dumazet <eric.dumazet@gmail.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/core/dev.c b/net/core/dev.c index cd24374..4a7fc32 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -5109,11 +5109,21 @@ static int netif_alloc_rx_queues(struct net_device *dev) } #endif +static void netdev_init_one_queue(struct net_device *dev, + struct netdev_queue *queue, void *_unused) +{ + /* Initialize queue lock */ + spin_lock_init(&queue->_xmit_lock); + netdev_set_xmit_lockdep_class(&queue->_xmit_lock, dev->type); + queue->xmit_lock_owner = -1; + netdev_queue_numa_node_write(queue, -1); + queue->dev = dev; +} + static int netif_alloc_netdev_queues(struct net_device *dev) { unsigned int count = dev->num_tx_queues; struct netdev_queue *tx; - int i; BUG_ON(count < 1); @@ -5125,27 +5135,10 @@ static int netif_alloc_netdev_queues(struct net_device *dev) } dev->_tx = tx; - for (i = 0; i < count; i++) { - netdev_queue_numa_node_write(&tx[i], -1); - tx[i].dev = dev; - } - return 0; -} - -static void netdev_init_one_queue(struct net_device *dev, - struct netdev_queue *queue, - void *_unused) -{ - /* Initialize queue lock */ - spin_lock_init(&queue->_xmit_lock); - netdev_set_xmit_lockdep_class(&queue->_xmit_lock, dev->type); - queue->xmit_lock_owner = -1; -} - -static void netdev_init_queues(struct net_device *dev) -{ netdev_for_each_tx_queue(dev, netdev_init_one_queue, NULL); spin_lock_init(&dev->tx_global_lock); + + return 0; } /** @@ -5184,8 +5177,6 @@ int register_netdevice(struct net_device *dev) dev->iflink = -1; - netdev_init_queues(dev); - /* Init, if this function is available */ if (dev->netdev_ops->ndo_init) { ret = dev->netdev_ops->ndo_init(dev);
The dev field of ingress queue is forgot to initialized, then NULL pointer dereference happens in qdisc_alloc(). Move inits of tx queues to netif_alloc_netdev_queues(). Signed-off-by: Changli Gao <xiaosuo@gmail.com> --- v2: factorize the two inits in netdev_init_queues() and move inits of tx queues to netif_alloc_netdev_queues(). net/core/dev.c | 35 +++++++++++++---------------------- 1 file changed, 13 insertions(+), 22 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html