diff options
| author | shishir gowda <shishirng@gluster.com> | 2010-09-14 01:27:22 +0000 |
|---|---|---|
| committer | Vijay Bellur <vijay@dev.gluster.com> | 2010-09-14 00:47:23 -0700 |
| commit | 8a2d1cf7a1425b9de2622635a1149f460bf1f36b (patch) | |
| tree | 15751c57f00f6d68ef748b1e68b9faa3b110c5e3 | |
| parent | b0003a7e789e0618656dd4214195578f53d1e84e (diff) | |
Add checks in mem_pool to catch possible double frees
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@dev.gluster.com>
BUG: 1520 (gnfs crashes on start-up in mem_get0)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1520
| -rw-r--r-- | libglusterfs/src/mem-pool.c | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/libglusterfs/src/mem-pool.c b/libglusterfs/src/mem-pool.c index aec1d909dde..d11bcbcae7c 100644 --- a/libglusterfs/src/mem-pool.c +++ b/libglusterfs/src/mem-pool.c @@ -23,10 +23,11 @@ #include <stdlib.h> #include <stdarg.h> - -#define GF_MEM_POOL_PAD_BOUNDARY (sizeof(struct list_head)) +#define GF_MEM_POOL_LIST_BOUNDARY (sizeof(struct list_head)) +#define GF_MEM_POOL_PAD_BOUNDARY (GF_MEM_POOL_LIST_BOUNDARY + sizeof(int)) #define mem_pool_chunkhead2ptr(head) ((head) + GF_MEM_POOL_PAD_BOUNDARY) #define mem_pool_ptr2chunkhead(ptr) ((ptr) - GF_MEM_POOL_PAD_BOUNDARY) +#define is_mem_chunk_in_use(ptr) (*ptr == 1) #define GF_MEM_HEADER_SIZE (4 + sizeof (size_t) + sizeof (xlator_t *) + 4) #define GF_MEM_TRAILER_SIZE 4 @@ -342,6 +343,7 @@ mem_get0 (struct mem_pool *mem_pool) { struct list_head *list = NULL; void *ptr = NULL; + int *in_use = NULL; if (!mem_pool) { gf_log ("mem-pool", GF_LOG_ERROR, "invalid argument"); @@ -358,6 +360,9 @@ mem_get0 (struct mem_pool *mem_pool) mem_pool->cold_count--; ptr = list; + in_use = (ptr + GF_MEM_POOL_LIST_BOUNDARY); + *in_use = 1; + goto fwd_addr_out; } ptr = MALLOC (mem_pool->real_sizeof_type); @@ -378,6 +383,7 @@ mem_get (struct mem_pool *mem_pool) { struct list_head *list = NULL; void *ptr = NULL; + int *in_use = NULL; if (!mem_pool) { gf_log ("mem-pool", GF_LOG_ERROR, "invalid argument"); @@ -394,6 +400,9 @@ mem_get (struct mem_pool *mem_pool) mem_pool->cold_count--; ptr = list; + in_use = (ptr + GF_MEM_POOL_LIST_BOUNDARY); + *in_use = 1; + goto fwd_addr_out; } @@ -457,6 +466,8 @@ void mem_put (struct mem_pool *pool, void *ptr) { struct list_head *list = NULL; + int *in_use = NULL; + void *head = NULL; if (!pool || !ptr) { gf_log ("mem-pool", GF_LOG_ERROR, "invalid argument"); @@ -469,9 +480,12 @@ mem_put (struct mem_pool *pool, void *ptr) switch (__is_member (pool, ptr)) { case 1: - list = mem_pool_ptr2chunkhead (ptr); + list = head = mem_pool_ptr2chunkhead (ptr); + in_use = (head + GF_MEM_POOL_LIST_BOUNDARY); + GF_ASSERT (is_mem_chunk_in_use(in_use)); pool->hot_count--; pool->cold_count++; + *in_use = 0; list_add (list, &pool->list); break; case -1: |