lustre_get_emerg_rs() set the size of the reply buffer to zero
by mistake, which will cause LBUG in null_alloc_rs() when memory
pressure is high. This patch fix this problem and adds a size
check to avoid the problem of insufficient buffer size.
Signed-off-by: Li Xi <lixi@ddn.com>
Signed-off-by: Patrick Farrell <paf@cray.com>
Change-Id: I9fbd4f14e8e1263de2af564c4f2e420f5f2b43bc
Reviewed-on: http://review.whamcloud.com/8200
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
spin_unlock(&svcpt->scp_rep_lock);
memset(rs, 0, svcpt->scp_service->srv_max_reply_size);
spin_unlock(&svcpt->scp_rep_lock);
memset(rs, 0, svcpt->scp_service->srv_max_reply_size);
+ rs->rs_size = svcpt->scp_service->srv_max_reply_size;
rs->rs_svcpt = svcpt;
rs->rs_prealloc = 1;
out:
rs->rs_svcpt = svcpt;
rs->rs_prealloc = 1;
out:
rc = policy->sp_sops->alloc_rs(req, msglen);
if (unlikely(rc == -ENOMEM)) {
rc = policy->sp_sops->alloc_rs(req, msglen);
if (unlikely(rc == -ENOMEM)) {
+ struct ptlrpc_service_part *svcpt = req->rq_rqbd->rqbd_svcpt;
+ if (svcpt->scp_service->srv_max_reply_size <
+ msglen + sizeof(struct ptlrpc_reply_state)) {
+ /* Just return failure if the size is too big */
+ CERROR("size of message is too big (%zd), %d allowed",
+ msglen + sizeof(struct ptlrpc_reply_state),
+ svcpt->scp_service->srv_max_reply_size);
+ RETURN(-ENOMEM);
+ }
+
/* failed alloc, try emergency pool */
/* failed alloc, try emergency pool */
- rs = lustre_get_emerg_rs(req->rq_rqbd->rqbd_svcpt);
+ rs = lustre_get_emerg_rs(svcpt);
if (rs == NULL)
RETURN(-ENOMEM);
if (rs == NULL)
RETURN(-ENOMEM);