diff options
author | Dipankar Sarma <dipankar@in.ibm.com> | 2005-09-14 15:18:42 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-09-14 15:38:26 -0400 |
commit | 0b175a7e68c2f51555820efb0a01681e3419c1bc (patch) | |
tree | 6dc0dd21b9aaad86f6a94c594c7705ee5441c5aa /fs/file.c | |
parent | c7e43c78ae4d8630c418ce3495787b995e61a580 (diff) |
[PATCH] Fix the fdtable freeing in the case of vmalloced fdset/arrays
Noted by David Miller:
"The bug is that free_fd_array() takes a "num" argument, but when
calling it from __free_fdtable() we're instead passing in the size in
bytes (ie. "num * sizeof(struct file *)")."
Yes it is a bug. I think I messed it up while merging newer
changes with an older version where I was using size in bytes
to optimize.
Signed-off-by: Dipankar Sarma <dipankar@in.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/file.c')
-rw-r--r-- | fs/file.c | 10 |
1 files changed, 3 insertions, 7 deletions
@@ -69,13 +69,9 @@ void free_fd_array(struct file **array, int num) | |||
69 | 69 | ||
70 | static void __free_fdtable(struct fdtable *fdt) | 70 | static void __free_fdtable(struct fdtable *fdt) |
71 | { | 71 | { |
72 | int fdset_size, fdarray_size; | 72 | free_fdset(fdt->open_fds, fdt->max_fdset); |
73 | 73 | free_fdset(fdt->close_on_exec, fdt->max_fdset); | |
74 | fdset_size = fdt->max_fdset / 8; | 74 | free_fd_array(fdt->fd, fdt->max_fds); |
75 | fdarray_size = fdt->max_fds * sizeof(struct file *); | ||
76 | free_fdset(fdt->open_fds, fdset_size); | ||
77 | free_fdset(fdt->close_on_exec, fdset_size); | ||
78 | free_fd_array(fdt->fd, fdarray_size); | ||
79 | kfree(fdt); | 75 | kfree(fdt); |
80 | } | 76 | } |
81 | 77 | ||