[prev in list] [next in list] [prev in thread] [next in thread]
List: haiku-bugs
Subject: [haiku-bugs] Re: [Haiku] #9099: KDL on load with Atheros L1 Gigabit Ethernet (built in ASUS M51SN la
From: "kvark" <trac () haiku-os ! org>
Date: 2012-10-31 14:52:06
Message-ID: 055.5d351767e1ebd00a392db6be08c6441a () haiku-os ! org
[Download RAW message or body]
#9099: KDL on load with Atheros L1 Gigabit Ethernet (built in ASUS M51SN la=
ptop)
----------------------------------+----------------------------------
Reporter: kvark | Owner: axeld
Type: bug | Status: new
Priority: high | Milestone: R1
Component: Servers/net_server | Version: R1/Development
Resolution: | Keywords: atheros,ethernet,KDL
Blocked By: | Blocking:
Has a Patch: 0 | Platform: x86
----------------------------------+----------------------------------
Comment (by kvark):
I found some suspicious code in Atheros ethernet driver.
File: /haiku/src/add-
ons/kernel/drivers/network/attansic_l1/dev/age/if_age.c
Line: 3045
(looking from here:
http://code.metager.de/source/xref/haiku/src/libs/compat/freebsd_network/f=
bsd_busdma_x86.c#792)
{{{
bus_dma_segment_t segs[1];
}}}
The host function (''age_newbuf'') allocates 1-element array of segments
on the stack, while the receiver function (''bus_dmamap_load_mbuf_sg'') is
free to use a number of them. That can easily cause page fault in the
stack area (what is what happened, as far as I see).
I don't know what size this array should be, and I would prefer if the
maximum array size was passed along to the lower-level functions to
prevent over-writing. Unfortunately, I can't build haiku source at the
moment to test this, because this laptop doesn't boot at all (as described
in the bug).
-- =
Ticket URL: <http://dev.haiku-os.org/ticket/9099#comment:1>
Haiku <http://dev.haiku-os.org>
Haiku - the operating system.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic