Commit 303a0e11 authored by NeilBrown's avatar NeilBrown

md/raid1 - don't assume newly allocated bvecs are initialised.

Since commit d3f76110
newly allocated bvecs aren't initialised to NULL, so we have
to be more careful about freeing a bio which only managed
to get a few pages allocated to it.  Otherwise the resync
process crashes.

This patch is appropriate for 2.6.29-stable.

Cc: stable@kernel.org
Cc: "Jens Axboe" <jens.axboe@oracle.com>
Reported-by: default avatarGabriele Tozzi <gabriele@tozzi.eu>
Signed-off-by: default avatarNeilBrown <neilb@suse.de>
parent 6bb59750
...@@ -123,6 +123,7 @@ static void * r1buf_pool_alloc(gfp_t gfp_flags, void *data) ...@@ -123,6 +123,7 @@ static void * r1buf_pool_alloc(gfp_t gfp_flags, void *data)
goto out_free_pages; goto out_free_pages;
bio->bi_io_vec[i].bv_page = page; bio->bi_io_vec[i].bv_page = page;
bio->bi_vcnt = i+1;
} }
} }
/* If not user-requests, copy the page pointers to all bios */ /* If not user-requests, copy the page pointers to all bios */
...@@ -138,9 +139,9 @@ static void * r1buf_pool_alloc(gfp_t gfp_flags, void *data) ...@@ -138,9 +139,9 @@ static void * r1buf_pool_alloc(gfp_t gfp_flags, void *data)
return r1_bio; return r1_bio;
out_free_pages: out_free_pages:
for (i=0; i < RESYNC_PAGES ; i++) for (j=0 ; j < pi->raid_disks; j++)
for (j=0 ; j < pi->raid_disks; j++) for (i=0; i < r1_bio->bios[j]->bi_vcnt ; i++)
safe_put_page(r1_bio->bios[j]->bi_io_vec[i].bv_page); put_page(r1_bio->bios[j]->bi_io_vec[i].bv_page);
j = -1; j = -1;
out_free_bio: out_free_bio:
while ( ++j < pi->raid_disks ) while ( ++j < pi->raid_disks )
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment