summaryrefslogtreecommitdiffstats
path: root/fs/ceph
diff options
context:
space:
mode:
authorIlya Dryomov <ilya.dryomov@inktank.com>2014-01-09 19:08:21 +0100
committerIlya Dryomov <ilya.dryomov@inktank.com>2014-01-14 10:27:47 +0100
commitf2be82b0058e90b5d9ac2cb896b4914276fb50ef (patch)
tree0754bf0d97cb300fc611a2ce4527649f29cc41c6 /fs/ceph
parentlibceph: rename front to front_len in get_reply() (diff)
downloadlinux-f2be82b0058e90b5d9ac2cb896b4914276fb50ef.tar.xz
linux-f2be82b0058e90b5d9ac2cb896b4914276fb50ef.zip
libceph: fix preallocation check in get_reply()
The check that makes sure that we have enough memory allocated to read in the entire header of the message in question is currently busted. It compares front_len of the incoming message with iov_len field of ceph_msg::front structure, which is used primarily to indicate the amount of data already read in, and not the size of the allocated buffer. Under certain conditions (e.g. a short read from a socket followed by that socket's shutdown and owning ceph_connection reset) this results in a warning similar to [85688.975866] libceph: get_reply front 198 > preallocated 122 (4#0) and, through another bug, leads to forever hung tasks and forced reboots. Fix this by comparing front_len with front_alloc_len field of struct ceph_msg, which stores the actual size of the buffer. Fixes: http://tracker.ceph.com/issues/5425 Signed-off-by: Ilya Dryomov <ilya.dryomov@inktank.com> Reviewed-by: Sage Weil <sage@inktank.com>
Diffstat (limited to 'fs/ceph')
0 files changed, 0 insertions, 0 deletions