From: Jens Axboe <axboe@fb.com>
Date: Fri, 24 Apr 2015 16:41:58 +0000 (-0600)
Subject: io_u: fix bug in rounding of generated buffer length
X-Git-Tag: fio-2.2.8~27
X-Git-Url: https://git.kernel.dk/?p=fio.git;a=commitdiff_plain;h=7c306bb1d27de928cba1b58d7888981d44416fd1

io_u: fix bug in rounding of generated buffer length

If the maximum blocksize isn't a multiple of the minimum blocksize,
then fio has a bug where it will round up the block size and align
it to a size larger than the IO buffer we have. This causes random
memory corruption and crashes.

Signed-off-by: Jens Axboe <axboe@fb.com>
---

diff --git a/io_u.c b/io_u.c
index ba3f7ca0..50644850 100644
--- a/io_u.c
+++ b/io_u.c
@@ -485,7 +485,7 @@ static unsigned int __get_next_buflen(struct thread_data *td, struct io_u *io_u,
 				~(td->o.verify_interval - 1);
 
 		if (!td->o.bs_unaligned && is_power_of_2(minbs))
-			buflen = (buflen + minbs - 1) & ~(minbs - 1);
+			buflen &= ~(minbs - 1);
 
 	} while (!io_u_fits(td, io_u, buflen));