| Message ID | 1306249617-23391-1-git-send-email-bharrosh@panasas.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 2011-05-24 18:06, Boaz Harrosh wrote: > Wrong allocation and pointering in lseg_alloc. > > Signed-off-by: Boaz Harrosh <bharrosh@panasas.com> > --- > fs/nfs/objlayout/objio_osd.c | 9 +++++---- > 1 files changed, 5 insertions(+), 4 deletions(-) > > diff --git a/fs/nfs/objlayout/objio_osd.c b/fs/nfs/objlayout/objio_osd.c > index a4201d8..167cd1e 100644 > --- a/fs/nfs/objlayout/objio_osd.c > +++ b/fs/nfs/objlayout/objio_osd.c > @@ -117,7 +117,7 @@ struct objio_segment { > unsigned comps_index; > unsigned num_comps; > /* variable length */ > - struct objio_dev_ent *ods[1]; > + struct objio_dev_ent *ods[0]; > }; > > static inline struct objio_segment * > @@ -278,7 +278,6 @@ extern int objio_alloc_lseg(struct pnfs_layout_segment **outp, > struct pnfs_osd_layout layout; > struct pnfs_osd_object_cred *cur_comp, src_comp; > struct caps_buffers *caps_p; > - > int err; > > err = pnfs_osd_xdr_decode_layout_map(&layout, &iter, xdr); > @@ -289,14 +288,16 @@ extern int objio_alloc_lseg(struct pnfs_layout_segment **outp, > if (unlikely(err)) > return err; > > - objio_seg = kzalloc(sizeof(*objio_seg) + > + objio_seg = kzalloc(sizeof(*objio_seg) + nit: While at it, the trailing space is extraneous... Benny > + sizeof(objio_seg->ods[0]) * layout.olo_num_comps + > sizeof(*objio_seg->comps) * layout.olo_num_comps + > sizeof(struct caps_buffers) * layout.olo_num_comps, > gfp_flags); > if (!objio_seg) > return -ENOMEM; > > - cur_comp = objio_seg->comps = (void *)(objio_seg + 1); > + objio_seg->comps = (void *)(objio_seg->ods + layout.olo_num_comps); > + cur_comp = objio_seg->comps; > caps_p = (void *)(cur_comp + layout.olo_num_comps); > while (pnfs_osd_xdr_decode_layout_comp(&src_comp, &iter, xdr, &err)) > copy_single_comp(cur_comp++, &src_comp, caps_p++); -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfs/objlayout/objio_osd.c b/fs/nfs/objlayout/objio_osd.c index a4201d8..167cd1e 100644 --- a/fs/nfs/objlayout/objio_osd.c +++ b/fs/nfs/objlayout/objio_osd.c @@ -117,7 +117,7 @@ struct objio_segment { unsigned comps_index; unsigned num_comps; /* variable length */ - struct objio_dev_ent *ods[1]; + struct objio_dev_ent *ods[0]; }; static inline struct objio_segment * @@ -278,7 +278,6 @@ extern int objio_alloc_lseg(struct pnfs_layout_segment **outp, struct pnfs_osd_layout layout; struct pnfs_osd_object_cred *cur_comp, src_comp; struct caps_buffers *caps_p; - int err; err = pnfs_osd_xdr_decode_layout_map(&layout, &iter, xdr); @@ -289,14 +288,16 @@ extern int objio_alloc_lseg(struct pnfs_layout_segment **outp, if (unlikely(err)) return err; - objio_seg = kzalloc(sizeof(*objio_seg) + + objio_seg = kzalloc(sizeof(*objio_seg) + + sizeof(objio_seg->ods[0]) * layout.olo_num_comps + sizeof(*objio_seg->comps) * layout.olo_num_comps + sizeof(struct caps_buffers) * layout.olo_num_comps, gfp_flags); if (!objio_seg) return -ENOMEM; - cur_comp = objio_seg->comps = (void *)(objio_seg + 1); + objio_seg->comps = (void *)(objio_seg->ods + layout.olo_num_comps); + cur_comp = objio_seg->comps; caps_p = (void *)(cur_comp + layout.olo_num_comps); while (pnfs_osd_xdr_decode_layout_comp(&src_comp, &iter, xdr, &err)) copy_single_comp(cur_comp++, &src_comp, caps_p++);
Wrong allocation and pointering in lseg_alloc. Signed-off-by: Boaz Harrosh <bharrosh@panasas.com> --- fs/nfs/objlayout/objio_osd.c | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-)