On Tue, Apr 18, 2017 at 10:14:26PM +0300, Dan Carpenter wrote: > This patch is prompted by a static checker warning about a potential > use after free. The concern is that netif_rx_ni() can free "skb" and we > call it twice.
Right, the code already calls netif_rx_ni() in the list_for_each_safe() loop just above, in the case that the shhwtstamps pointer has been set. > When I look at the commit that added this, it looks like some stray > lines were added accidentally. It doesn't make sense to me that we > would recieve the same data two times. I asked the author but never > recieved a response. Hm, maybe the intent was to move the call to netif_rx_ni() outside of the spin_lock_irqsave() region (which how I had it before Stefan's changes). But calling netif_rx_ni() twice is clearly wrong. Thanks, Richard
