[openib-general] [PATCH] rping: Erroneous check for minumum ping buffer size

Pradipta Kumar Banerjee bpradip at in.ibm.com
Fri Jun 9 00:14:28 PDT 2006 

Pradipta Kumar Banerjee wrote:
> rping didn't checked correctly for the minimum size of the ping
> buffer resulting in the following error from glibc
> 
> "*** glibc detected *** free(): invalid next size (fast)"
> 
> Signed-off-by: Pradipta Kumar Banerjee <bpradipt at in.ibm.com>
> ---
> 
> Index: rping.c
> =============================================================
> --- rping.org	2006-06-09 10:57:43.000000000 +0530
> +++ rping.c	2006-06-09 11:00:28.000000000 +0530
> @@ -96,6 +96,12 @@ struct rping_rdma_info {
>  #define RPING_BUFSIZE 64*1024
>  #define RPING_SQ_DEPTH 16
>  
> +/* Default string for print data and
> + * minimum buffer size
> + */
> +#define RPING_MSG_FMT           "rdma-ping-%d: "
> +#define RPING_MIN_BUFSIZE       sizeof(itoa(INT_MAX))+sizeof(RPING_MSG_FMT)
> +
Tom,
   Just found that 'itoa' is not a built-in library function. The sizeof is 
returning '4' which is not what we really want. Do we hard-code the value to 10 
( like #define RPING_MIN_BUFSIZE     10 + sizeof(RPING_MSG_FMT) )?
INT_MAX is 2147483647 (10 - chars). Other options might include writing our own 
'itoa'.

Thanks,
Pradipta Kumar.

>  /*
>   * Control block struct.
>   */
> @@ -774,7 +780,7 @@ static void rping_test_client(struct rpi
>  		cb->state = RDMA_READ_ADV;
>  
>  		/* Put some ascii text in the buffer. */
> -		cc = sprintf(cb->start_buf, "rdma-ping-%d: ", ping);
> +		cc = sprintf(cb->start_buf, RPING_MSG_FMT, ping);
>  		for (i = cc, c = start; i < cb->size; i++) {
>  			cb->start_buf[i] = c;
>  			c++;
> @@ -977,11 +983,11 @@ int main(int argc, char *argv[])
>  			break;
>  		case 'S':
>  			cb->size = atoi(optarg);
> -			if ((cb->size < 1) ||
> +			if ((cb->size < RPING_MIN_BUFSIZE) ||
>  			    (cb->size > (RPING_BUFSIZE - 1))) {
>  				fprintf(stderr, "Invalid size %d "
> -				       "(valid range is 1 to %d)\n",
> -				       cb->size, RPING_BUFSIZE);
> +				       "(valid range is %d to %d)\n",
> +				       cb->size, RPING_MIN_BUFSIZE, RPING_BUFSIZE);
>  				ret = EINVAL;
>  			} else
>  				DEBUG_LOG("size %d\n", (int) atoi(optarg));
> 
> _______________________________________________
> openib-general mailing list
> openib-general at openib.org
> http://openib.org/mailman/listinfo/openib-general
> 
> To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
> 
>

More information about the general mailing list