diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2017-04-10 17:15:59 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2017-04-10 17:15:59 +0000 |
| commit | a4834289d6c5863579b8b079d707d3162b7c183c (patch) | |
| tree | f495f5149f5d02a20c696a07e309670863a09472 /sys/geom | |
| parent | 571a4f172bb98976dabfd904385f4b27511896a9 (diff) | |
| download | src-a4834289d6c5863579b8b079d707d3162b7c183c.tar.gz src-a4834289d6c5863579b8b079d707d3162b7c183c.zip | |
Handle NULL entries in gmirror disk ds_bios arrays.
Entries may be removed and freed if an I/O error occurs during mirror
synchronization, so we cannot assume that all entries of ds_bios are
valid.
Also ensure that a synchronization BIO's array index is preserved after
a successful write.
Reported and tested by: pho
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Notes
Notes:
svn path=/head/; revision=316681
Diffstat (limited to 'sys/geom')
| -rw-r--r-- | sys/geom/mirror/g_mirror.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sys/geom/mirror/g_mirror.c b/sys/geom/mirror/g_mirror.c index 704810823ff1..7e5664e681dd 100644 --- a/sys/geom/mirror/g_mirror.c +++ b/sys/geom/mirror/g_mirror.c @@ -1304,11 +1304,13 @@ g_mirror_sync_release(struct g_mirror_softc *sc) static void g_mirror_sync_request_free(struct g_mirror_disk *disk, struct bio *bp) { - int i; + int idx; if (disk != NULL && disk->d_sync.ds_bios != NULL) { - i = (int)(uintptr_t)bp->bio_caller1; - disk->d_sync.ds_bios[i] = NULL; + idx = (int)(uintptr_t)bp->bio_caller1; + KASSERT(disk->d_sync.ds_bios[idx] == bp, + ("unexpected sync BIO at %p:%d", disk, idx)); + disk->d_sync.ds_bios[idx] = NULL; } free(bp->bio_data, M_MIRROR); g_destroy_bio(bp); @@ -1375,7 +1377,7 @@ g_mirror_sync_request(struct bio *bp) { off_t offset; void *data; - int i; + int i, idx; KFAIL_POINT_ERROR(DEBUG_FP, g_mirror_sync_request_write, bp->bio_error); @@ -1413,6 +1415,7 @@ g_mirror_sync_request(struct bio *bp) /* Send next synchronization request. */ data = bp->bio_data; + idx = (int)(uintptr_t)bp->bio_caller1; g_reset_bio(bp); bp->bio_cmd = BIO_READ; bp->bio_offset = sync->ds_offset; @@ -1422,6 +1425,7 @@ g_mirror_sync_request(struct bio *bp) bp->bio_data = data; bp->bio_from = sync->ds_consumer; bp->bio_to = sc->sc_provider; + bp->bio_caller1 = (void *)(uintptr_t)idx; G_MIRROR_LOGREQ(3, bp, "Sending synchronization request."); sync->ds_consumer->index++; /* @@ -1439,7 +1443,7 @@ g_mirror_sync_request(struct bio *bp) offset = sc->sc_mediasize; for (i = 0; i < g_mirror_syncreqs; i++) { bp = sync->ds_bios[i]; - if (bp->bio_offset < offset) + if (bp != NULL && bp->bio_offset < offset) offset = bp->bio_offset; } if (sync->ds_offset_done + (MAXPHYS * 100) < offset) { |