[sheepdog] [PATCH stable-0.6 2/4] sockfd_cache: guard fds_count with sockfd_cache.lock
Hitoshi Mitake
mitake.hitoshi at lab.ntt.co.jp
Thu Jul 4 11:46:31 CEST 2013
From: MORITA Kazutaka <morita.kazutaka at lab.ntt.co.jp>
Otherwise, fds_count can increase while sockfd_cache_add() initializes
new->fds[i].fd, and it leads to severe memory corruption.
Signed-off-by: MORITA Kazutaka <morita.kazutaka at lab.ntt.co.jp>
Signed-off-by: Liu Yuan <namei.unix at gmail.com>
---
sheep/sockfd_cache.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/sheep/sockfd_cache.c b/sheep/sockfd_cache.c
index 6b3d750..82ce0aa 100644
--- a/sheep/sockfd_cache.c
+++ b/sheep/sockfd_cache.c
@@ -288,6 +288,9 @@ void sockfd_cache_add(const struct node_id *nid)
sd_dprintf("%s:%d, count %d", name, nid->port, n);
}
+static uatomic_bool fds_in_grow;
+static int fds_high_watermark = FDS_WATERMARK(DEFAULT_FDS_COUNT);
+
static void do_grow_fds(struct work *work)
{
struct sockfd_cache_entry *entry;
@@ -307,16 +310,14 @@ static void do_grow_fds(struct work *work)
uatomic_set_false(&entry->fds[i].in_use);
}
}
+
+ fds_count *= 2;
+ fds_high_watermark = FDS_WATERMARK(fds_count);
pthread_rwlock_unlock(&sockfd_cache.lock);
}
-static uatomic_bool fds_in_grow;
-static int fds_high_watermark = FDS_WATERMARK(DEFAULT_FDS_COUNT);
-
static void grow_fds_done(struct work *work)
{
- fds_count *= 2;
- fds_high_watermark = FDS_WATERMARK(fds_count);
sd_dprintf("fd count has been grown into %d", fds_count);
uatomic_set_false(&fds_in_grow);
free(work);
--
1.7.10.4
More information about the sheepdog
mailing list