[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[dm-devel] Re: [2.6.23 PATCH 07/18] dm io: fix panic on large request

Chuck Ebbert wrote:

>> [  126.754204] BUG: unable to handle kernel NULL pointer dereference at
>> virtual address 00000000

> mempool_free() was called with a NULL pool. That can't be good.
Yes, it is really not good :)

Bug http://bugzilla.kernel.org/show_bug.cgi?id=7388
Attached patch fixes this problem, fix needed for stable tree too,
this is not regression, just very old bug...

mbroz redhat com

From: Milan Broz <mbroz redhat com>

Flush workqueue before releasing bioset and mopools
in dm-crypt.
There can be finished but not yet released request.

Call chain causing oops:
  run workqueue
      	<remove device request - remove mempool>
      mempool_free(io, cc->io_pool);

This usually happens when cryptsetup create temporary
luks mapping in the beggining of crypt device activation.

When dm-core calls destructor crypt_dtr, no new request
are possible.

Signed-off-by: Milan Broz <mbroz redhat com>

 drivers/md/dm-crypt.c |    2 ++
 1 file changed, 2 insertions(+)

Index: linux-2.6.22/drivers/md/dm-crypt.c
--- linux-2.6.22.orig/drivers/md/dm-crypt.c	2007-07-17 21:56:36.000000000 +0200
+++ linux-2.6.22/drivers/md/dm-crypt.c	2007-07-19 11:55:13.000000000 +0200
@@ -920,6 +920,8 @@ static void crypt_dtr(struct dm_target *
 	struct crypt_config *cc = (struct crypt_config *) ti->private;
+	flush_workqueue(_kcryptd_workqueue);

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]