Re: [Bugme-new] [Bug 7421] New: Oops, EIP is at atalk_sendmsg

From: David Miller <davem@davemloft.net>
Date: 2006-10-27 00:26:43
Subsystem: appletalk network layer, networking [general], the rest · Maintainers: "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds

From: Andrew Morton <redacted>
Date: Thu, 26 Oct 2006 09:44:38 -0700

quoted

Oct 26 10:01:07 localhost kernel: EIP is at atalk_sendmsg+0x15b/0x4e4 [appletalk]
Oct 26 10:01:07 localhost kernel: eax: 00000000   ebx: 0000002f   ecx: 00000000   \
                edx: 00000000
Oct 26 10:01:07 localhost kernel: esi: cadcb600   edi: 00000000   ebp: cc9d7eec   \
                esp: cc9d7d6c

Does this make the bug go away?

This code has been like this for a long time, I'm surprised
it never triggered before.  We properly set "dev = rt->dev"
right after the "if (!rt)" check, so the two settings removed
by this patch were not only OOPS-prone, they were also
superfluous.

diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index 708e2e0..485e35c 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c

@@ -1584,7 +1584,6 @@ #endif
 
 	if (usat->sat_addr.s_net || usat->sat_addr.s_node == ATADDR_ANYNODE) {
 		rt = atrtr_find(&usat->sat_addr);
-		dev = rt->dev;
 	} else {
 		struct atalk_addr at_hint;

@@ -1592,7 +1591,6 @@ #endif
 		at_hint.s_net  = at->src_net;
 
 		rt = atrtr_find(&at_hint);
-		dev = rt->dev;
 	}
 	if (!rt)
 		return -ENETUNREACH;

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help