Re: 2.6.18-mm2 - oops in cache_alloc_refill()

[Jean Tourrilhes]

On Tue, Oct 03, 2006 at 06:45:35PM +0200, Samuel Tardieu wrote:
> On  3/10, Jean Tourrilhes wrote:
> 
> | > I suggest that you revert the memset() to IW_ESSID_MAX_SIZE+1 so that
> | > the last byte is cleared as well. Or am I missing something?
> | 
> | No, that would bring back the slab/memory overflow we are
> | trying to get rid of.
> 
> Then I am puzzled by the function declaration:
> 
> static int orinoco_hw_get_essid(struct orinoco_private *priv, int *active,
>                                 char buf[IW_ESSID_MAX_SIZE+1])
> 
> Do you mean that this function is called with a buf parameter which
> doesn't have the expected size? (as far as the function declaration is
> concerned) Shouldn't the declaration be changed to
> 
> static int orinoco_hw_get_essid(struct orinoco_private *priv, int *active,
>                                 char buf[IW_ESSID_MAX_SIZE])
> 
> then to reflect the reality? (it won't change the code but would be
> clearer from a documentation point of view)

	Yep, that one is a bug.
	Thanks !

>  Sam

	Jean
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/