Fab Tillier
2012-06-19 03:08:14 UTC
This patch fixes a bug in PD creation where the user-mode data for kernel callers is discarded, so references a dummy variable on the stack. Unfortunately, the dummy variable referenced goes out of scope before it is written. Oops.
Signed-off-by: Fab Tillier <***@microsoft.com>
Index: hw/mlx4/kernel/hca/pd.c
===================================================================
--- hw/mlx4/kernel/hca/pd.c (revision 3414)
+++ hw/mlx4/kernel/hca/pd.c (working copy)
@@ -78,9 +78,8 @@
0, sizeof(p_resp->pdn));
}
else {
- u32 pdn;
- INIT_UDATA(&udata, NULL, &pdn,
- 0, sizeof(pdn));
+ // Discard PDN output, so use status as temp storage.
+ INIT_UDATA(&udata, NULL, &status, 0, sizeof(status));
}
}
else {
Signed-off-by: Fab Tillier <***@microsoft.com>
Index: hw/mlx4/kernel/hca/pd.c
===================================================================
--- hw/mlx4/kernel/hca/pd.c (revision 3414)
+++ hw/mlx4/kernel/hca/pd.c (working copy)
@@ -78,9 +78,8 @@
0, sizeof(p_resp->pdn));
}
else {
- u32 pdn;
- INIT_UDATA(&udata, NULL, &pdn,
- 0, sizeof(pdn));
+ // Discard PDN output, so use status as temp storage.
+ INIT_UDATA(&udata, NULL, &status, 0, sizeof(status));
}
}
else {