tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork

Configure Feed

Select the types of activity you want to include in your feed.

aoe: fix crash in page count manipulation

aoeblk contains some mysterious code, that wants to elevate the bio
vec page counts while it's under IO. That is not needed, it's
fragile, and it's causing kernel oopses for some.

Reported-by: Tested-by: Don Koch <kochd@us.ibm.com>
Tested-by: Tested-by: Don Koch <kochd@us.ibm.com>
Signed-off-by: Jens Axboe <axboe@fb.com>

Jens Axboe 0cbc72a1 409ae5a7

-41
-41
drivers/block/aoe/aoecmd.c
··· 853 853 return n; 854 854 } 855 855 856 - /* This can be removed if we are certain that no users of the block 857 - * layer will ever use zero-count pages in bios. Otherwise we have to 858 - * protect against the put_page sometimes done by the network layer. 859 - * 860 - * See http://oss.sgi.com/archives/xfs/2007-01/msg00594.html for 861 - * discussion. 862 - * 863 - * We cannot use get_page in the workaround, because it insists on a 864 - * positive page count as a precondition. So we use _refcount directly. 865 - */ 866 - static void 867 - bio_pageinc(struct bio *bio) 868 - { 869 - struct bio_vec bv; 870 - struct page *page; 871 - struct bvec_iter iter; 872 - 873 - bio_for_each_segment(bv, bio, iter) { 874 - /* Non-zero page count for non-head members of 875 - * compound pages is no longer allowed by the kernel. 876 - */ 877 - page = compound_head(bv.bv_page); 878 - page_ref_inc(page); 879 - } 880 - } 881 - 882 - static void 883 - bio_pagedec(struct bio *bio) 884 - { 885 - struct page *page; 886 - struct bio_vec bv; 887 - struct bvec_iter iter; 888 - 889 - bio_for_each_segment(bv, bio, iter) { 890 - page = compound_head(bv.bv_page); 891 - page_ref_dec(page); 892 - } 893 - } 894 - 895 856 static void 896 857 bufinit(struct buf *buf, struct request *rq, struct bio *bio) 897 858 { ··· 860 899 buf->rq = rq; 861 900 buf->bio = bio; 862 901 buf->iter = bio->bi_iter; 863 - bio_pageinc(bio); 864 902 } 865 903 866 904 static struct buf * ··· 1087 1127 if (buf == d->ip.buf) 1088 1128 d->ip.buf = NULL; 1089 1129 rq = buf->rq; 1090 - bio_pagedec(buf->bio); 1091 1130 mempool_free(buf, d->bufpool); 1092 1131 n = (unsigned long) rq->special; 1093 1132 rq->special = (void *) --n;