[dm-devel] [PATCH 3 of 8] md fix null pointer deref

Jonathan Brassow jbrassow at redhat.com
Tue Dec 14 21:16:30 UTC 2010


Patch name: md-fix-null-pointer-deref.patch

Fix NULL pointer dereference.

When the module parameter 'start_dirty_degraded' is set, the
RAID is not in sync, and a drive needs to be rebuilt, there
will be BUG() called when finished because 'sysfs_notify_dirent'
is called with a NULL argument.  (rdev->sysfs_state is not
always set.)

Signed-off-by: Jonathan Brassow <jbrassow at redhat.com>

Index: linux-2.6/drivers/md/md.c
===================================================================
--- linux-2.6.orig/drivers/md/md.c
+++ linux-2.6/drivers/md/md.c
@@ -7311,6 +7311,8 @@ static int __init md_init(void)
 	raid_table_header = register_sysctl_table(raid_root_table);
 
 	md_geninit();
+	if (start_dirty_degraded)
+		printk(KERN_INFO "md: start_dirty_degraded set\n");
 	return 0;
 
 err_mdp:
Index: linux-2.6/drivers/md/raid5.c
===================================================================
--- linux-2.6.orig/drivers/md/raid5.c
+++ linux-2.6/drivers/md/raid5.c
@@ -5339,7 +5339,7 @@ static int raid5_spare_active(mddev_t *m
 		    && !test_bit(Faulty, &tmp->rdev->flags)
 		    && !test_and_set_bit(In_sync, &tmp->rdev->flags)) {
 			count++;
-			sysfs_notify_dirent(tmp->rdev->sysfs_state);
+			sysfs_notify_dirent_safe(tmp->rdev->sysfs_state);
 		}
 	}
 	spin_lock_irqsave(&conf->device_lock, flags);




More information about the dm-devel mailing list