forked from luck/tmp_suning_uos_patched
libceph: fix ceph_msg_new error path
If memory allocation failed, calling ceph_msg_put() will cause GPF since some of ceph_msg variables are not initialized first. Fix Bug #970. Signed-off-by: Henry C Chang <henry_c_chang@tcloudcomputing.com> Signed-off-by: Sage Weil <sage@newdream.net>
This commit is contained in:
Henry C Chang
Sage Weil
parent
3772d26d87
commit
ca20892db7
@ -2267,6 +2267,19 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
|
|||||||
m->more_to_follow = false;
|
m->more_to_follow = false;
|
||||||
m->pool = NULL;
|
m->pool = NULL;
|
||||||
|
|
||||||
|
/* middle */
|
||||||
|
m->middle = NULL;
|
||||||
|
|
||||||
|
/* data */
|
||||||
|
m->nr_pages = 0;
|
||||||
|
m->page_alignment = 0;
|
||||||
|
m->pages = NULL;
|
||||||
|
m->pagelist = NULL;
|
||||||
|
m->bio = NULL;
|
||||||
|
m->bio_iter = NULL;
|
||||||
|
m->bio_seg = 0;
|
||||||
|
m->trail = NULL;
|
||||||
|
|
||||||
/* front */
|
/* front */
|
||||||
if (front_len) {
|
if (front_len) {
|
||||||
if (front_len > PAGE_CACHE_SIZE) {
|
if (front_len > PAGE_CACHE_SIZE) {
|
||||||
@ -2286,19 +2299,6 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
|
|||||||
}
|
}
|
||||||
m->front.iov_len = front_len;
|
m->front.iov_len = front_len;
|
||||||
|
|
||||||
/* middle */
|
|
||||||
m->middle = NULL;
|
|
||||||
|
|
||||||
/* data */
|
|
||||||
m->nr_pages = 0;
|
|
||||||
m->page_alignment = 0;
|
|
||||||
m->pages = NULL;
|
|
||||||
m->pagelist = NULL;
|
|
||||||
m->bio = NULL;
|
|
||||||
m->bio_iter = NULL;
|
|
||||||
m->bio_seg = 0;
|
|
||||||
m->trail = NULL;
|
|
||||||
|
|
||||||
dout("ceph_msg_new %p front %d\n", m, front_len);
|
dout("ceph_msg_new %p front %d\n", m, front_len);
|
||||||
return m;
|
return m;
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user