[dm-devel] [PATCH 2/2] dm snapshot: patch v2: fix a crash when an origin has no snapshots
Mikulas Patocka
mpatocka at redhat.com
Tue May 25 17:17:19 UTC 2021
If an origin target has no snapshots, o->split_boundary is set to 0.
This causes BUG_ON(sectors <= 0) in block/bio.c:bio_split().
Fix this by initializing chunk_size, and in turn split_boundary, to
rounddown_pow_of_two(UINT_MAX) -- the largest power of two that fits
into "unsigned" type.
This is the second version of the patch, it doesn't change "min_not_zero"
to "min". During snapshot merging it may be possible that there is a
snapshot with snap->store->chunk_size == 0; we must not zero chunk_size in
this case. If we zeroed it, infinite loop would happen.
Signed-off-by: Mikulas Patocka <mpatocka at redhat.com>
Cc: stable at vger.kernel.org
Index: linux-2.6/drivers/md/dm-snap.c
===================================================================
--- linux-2.6.orig/drivers/md/dm-snap.c
+++ linux-2.6/drivers/md/dm-snap.c
@@ -855,7 +855,7 @@ static int dm_add_exception(void *contex
static uint32_t __minimum_chunk_size(struct origin *o)
{
struct dm_snapshot *snap;
- unsigned chunk_size = 0;
+ unsigned chunk_size = rounddown_pow_of_two(UINT_MAX);
if (o)
list_for_each_entry(snap, &o->snapshots, list)
More information about the dm-devel
mailing list