leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0f2571ad7a
linux/drivers/md
History
Xiao Ni 0f2571ad7a md: Don't set mddev private to NULL in raid0 pers->free 
In normal stop process, it does like this:
   do_md_stop
      |
   __md_stop (pers->free(); mddev->private=NULL)
      |
   md_free (free mddev)
__md_stop sets mddev->private to NULL after pers->free. The raid device
will be stopped and mddev memory is free. But in reshape, it doesn't
free the mddev and mddev will still be used in new raid.

In reshape, it first sets mddev->private to new_pers and then runs
old_pers->free(). Now raid0 sets mddev->private to NULL in raid0_free.
The new raid can't work anymore. It will panic when dereference
mddev->private because of NULL pointer dereference.

It can panic like this:
[63010.814972] kernel BUG at drivers/md/raid10.c:928!
[63010.819778] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
[63010.825011] CPU: 3 PID: 44437 Comm: md0_resync Kdump: loaded Not tainted 5.14.0-86.el9.x86_64 #1
[63010.833789] Hardware name: Dell Inc. PowerEdge R6415/07YXFK, BIOS 1.15.0 09/11/2020
[63010.841440] RIP: 0010:raise_barrier+0x161/0x170 [raid10]
[63010.865508] RSP: 0018:ffffc312408bbc10 EFLAGS: 00010246
[63010.870734] RAX: 0000000000000000 RBX: ffffa00bf7d39800 RCX: 0000000000000000
[63010.877866] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa00bf7d39800
[63010.884999] RBP: 0000000000000000 R08: fffffa4945e74400 R09: 0000000000000000
[63010.892132] R10: ffffa00eed02f798 R11: 0000000000000000 R12: ffffa00bbc435200
[63010.899266] R13: ffffa00bf7d39800 R14: 0000000000000400 R15: 0000000000000003
[63010.906399] FS:  0000000000000000(0000) GS:ffffa00eed000000(0000) knlGS:0000000000000000
[63010.914485] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[63010.920229] CR2: 00007f5cfbe99828 CR3: 0000000105efe000 CR4: 00000000003506e0
[63010.927363] Call Trace:
[63010.929822]  ? bio_reset+0xe/0x40
[63010.933144]  ? raid10_alloc_init_r10buf+0x60/0xa0 [raid10]
[63010.938629]  raid10_sync_request+0x756/0x1610 [raid10]
[63010.943770]  md_do_sync.cold+0x3e4/0x94c
[63010.947698]  md_thread+0xab/0x160
[63010.951024]  ? md_write_inc+0x50/0x50
[63010.954688]  kthread+0x149/0x170
[63010.957923]  ? set_kthread_struct+0x40/0x40
[63010.962107]  ret_from_fork+0x22/0x30

Removing the code that sets mddev->private to NULL in raid0 can fix
problem.

Fixes: 0c031fd37f (md: Move alloc/free acct bioset in to personality)
Reported-by: Fine Fan <ffan@redhat.com>
Signed-off-by: Xiao Ni <xni@redhat.com>
Signed-off-by: Song Liu <song@kernel.org>
2022-05-22 23:07:21 -07:00
..
bcache block: decouple REQ_OP_SECURE_ERASE from REQ_OP_DISCARD 2022-04-17 19:49:59 -06:00
persistent-data dm space map common: add bounds check to sm_ll_lookup_bitmap() 2022-01-04 13:58:19 -05:00
dm-audit.c dm: introduce audit event module for device mapper 2021-10-27 16:53:47 -04:00
dm-audit.h dm: introduce audit event module for device mapper 2021-10-27 16:53:47 -04:00
dm-bio-prison-v1.c
dm-bio-prison-v1.h
dm-bio-prison-v2.c
dm-bio-prison-v2.h
dm-bio-record.h block: move integrity handling out of <linux/blkdev.h> 2021-10-18 06:17:02 -06:00
dm-bufio.c block: turn bio_kmalloc into a simple kmalloc wrapper 2022-04-17 19:30:41 -06:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c dm cache policy smq: make static read-only array table const 2022-02-22 10:35:53 -05:00
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c block: remove QUEUE_FLAG_DISCARD 2022-04-17 19:49:59 -06:00
dm-clone-metadata.c dm clone metadata: remove unused function 2021-04-19 13:20:31 -04:00
dm-clone-metadata.h
dm-clone-target.c block: remove QUEUE_FLAG_DISCARD 2022-04-17 19:49:59 -06:00
dm-core.h dm: fix dm_io and dm_target_io flags race condition on Alpha 2022-04-01 13:19:27 -04:00
dm-crypt.c SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
dm-delay.c dm: simplify dm_sumbit_bio_remap interface 2022-03-10 13:44:56 -05:00
dm-dust.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-ebs-target.c scsi: dm: Remove WRITE_SAME support 2022-02-22 21:11:08 -05:00
dm-era-target.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-exception-store.c
dm-exception-store.h dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-flakey.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-ima.c dm ima: fix wrong length calculation for no_data string 2022-02-22 10:42:41 -05:00
dm-ima.h dm ima: add version info to dm related events in ima log 2021-08-20 15:59:47 -04:00
dm-init.c dm init: Set file local variable static 2020-08-04 15:51:28 -04:00
dm-integrity.c dm integrity: fix memory corruption when tag_size is less than digest size 2022-04-13 12:38:49 -04:00
dm-io-tracker.h dm writecache: make writeback pause configurable 2021-06-28 16:30:13 -04:00
dm-io.c block: add a bdev_max_discard_sectors helper 2022-04-17 19:49:59 -06:00
dm-ioctl.c dm ioctl: log an error if the ioctl structure is corrupted 2022-04-01 10:29:43 -04:00
dm-kcopyd.c dm writecache: have ssd writeback wait if the kcopyd workqueue is busy 2021-06-15 15:42:03 -04:00
dm-linear.c scsi: dm: Remove WRITE_SAME support 2022-02-22 21:11:08 -05:00
dm-log-userspace-base.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c block: remove QUEUE_FLAG_DISCARD 2022-04-17 19:49:59 -06:00
dm-log.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-mpath.c SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-ps-historical-service-time.c dm mpath: only use ktime_get_ns() in historical selector 2022-04-13 13:22:16 -04:00
dm-ps-io-affinity.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-ps-queue-length.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-ps-round-robin.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-ps-service-time.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-raid1.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-raid.c md: don't unregister sync_thread with reconfig_mutex held 2022-05-22 23:07:21 -07:00
dm-region-hash.c
dm-rq.c SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
dm-rq.h
dm-snap-persistent.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-snap-transient.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-snap.c dm-snap: use blkdev_issue_flush instead of open coding it 2022-02-02 07:49:59 -07:00
dm-stats.c dm stats: fix too short end duration_ns when using precise_timestamps 2022-02-21 15:35:39 -05:00
dm-stats.h dm stats: fix too short end duration_ns when using precise_timestamps 2022-02-21 15:35:39 -05:00
dm-stripe.c scsi: dm: Remove WRITE_SAME support 2022-02-22 21:11:08 -05:00
dm-switch.c dm: use bdev_nr_sectors and bdev_nr_bytes instead of open coding them 2021-10-18 14:43:22 -06:00
dm-sysfs.c dm sysfs: use default_groups in kobj_type 2022-01-06 09:48:55 -05:00
dm-table.c block: decouple REQ_OP_SECURE_ERASE from REQ_OP_DISCARD 2022-04-17 19:49:59 -06:00
dm-target.c
dm-thin-metadata.c dm thin metadata: remove unused dm_thin_remove_block and __remove 2022-02-22 13:55:50 -05:00
dm-thin-metadata.h dm thin metadata: remove unused dm_thin_remove_block and __remove 2022-02-22 13:55:50 -05:00
dm-thin.c block: decouple REQ_OP_SECURE_ERASE from REQ_OP_DISCARD 2022-04-17 19:49:59 -06:00
dm-uevent.c
dm-uevent.h
dm-unstripe.c dm: update target status functions to support IMA measurement 2021-08-10 13:34:23 -04:00
dm-verity-fec.c dm verity fec: fix misaligned RS roots IO 2021-04-14 14:28:29 -04:00
dm-verity-fec.h dm verity fec: fix misaligned RS roots IO 2021-04-14 14:28:29 -04:00
dm-verity-target.c - Add DM core support for emitting audit events through the audit 2021-11-09 11:02:04 -08:00
dm-verity-verify-sig.c dm verity: fix require_signatures module_param permissions 2021-05-25 16:14:05 -04:00
dm-verity-verify-sig.h dm verity: Fix compilation warning 2020-08-04 15:48:13 -04:00
dm-verity.h dm verity: add "panic_on_corruption" error handling mode 2020-07-13 11:47:33 -04:00
dm-writecache.c block: pass a block_device and opf to bio_alloc_bioset 2022-02-02 07:49:59 -07:00
dm-zero.c dm: add support for REQ_NOWAIT to various targets 2020-12-04 18:04:35 -05:00
dm-zone.c dm zone: fix NULL pointer dereference in dm_zone_map_bio 2022-04-13 13:22:17 -04:00
dm-zoned-metadata.c dm-zoned: remove the ->name field in struct dmz_dev 2022-03-02 12:15:35 -05:00
dm-zoned-reclaim.c dm kcopyd: avoid useless atomic operations 2021-06-04 12:07:24 -04:00
dm-zoned-target.c dm-zoned: don't set the discard_alignment queue limit 2022-05-03 10:38:50 -06:00
dm-zoned.h dm-zoned: remove the ->name field in struct dmz_dev 2022-03-02 12:15:35 -05:00
dm.c block: remove QUEUE_FLAG_DISCARD 2022-04-17 19:49:59 -06:00
dm.h dax: remove dax_capable 2021-12-04 08:58:51 -08:00
Kconfig blk-mq: make the blk-mq stacking code optional 2022-02-16 19:39:09 -07:00
Makefile dm: introduce audit event module for device mapper 2021-10-27 16:53:47 -04:00
md-autodetect.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
md-bitmap.c md: replace deprecated strlcpy & remove duplicated line 2022-04-25 14:00:36 -07:00
md-bitmap.h
md-cluster.c md: replace deprecated strlcpy & remove duplicated line 2022-04-25 14:00:36 -07:00
md-cluster.h
md-faulty.c block: pass a block_device to bio_clone_fast 2022-02-04 07:43:18 -07:00
md-linear.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
md-linear.h
md-multipath.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
md-multipath.h
md.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
md.h md: don't unregister sync_thread with reconfig_mutex held 2022-05-22 23:07:21 -07:00
raid0.c md: Don't set mddev private to NULL in raid0 pers->free 2022-05-22 23:07:21 -07:00
raid0.h
raid1-10.c md: raid1/raid10: drop pending_cnt 2022-03-08 15:16:54 -08:00
raid1.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
raid1.h md: raid1/raid10: drop pending_cnt 2022-03-08 15:16:54 -08:00
raid5-cache.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
raid5-log.h
raid5-ppl.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
raid5.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
raid5.h md/raid5: Add __rcu annotation to struct disk_info 2022-04-25 14:00:36 -07:00
raid10.c md: remove most calls to bdevname 2022-05-22 23:07:21 -07:00
raid10.h md: raid1/raid10: drop pending_cnt 2022-03-08 15:16:54 -08:00