• Dave Chinner's avatar
    xfs: reset buffer pointers before freeing them · 44396476
    Dave Chinner authored
    When we free a vmapped buffer, we need to ensure the vmap address
    and length we free is the same as when it was allocated. In various
    places in the log code we change the memory the buffer is pointing
    to before issuing IO, but we never reset the buffer to point back to
    it's original memory (or no memory, if that is the case for the
    buffer).
    
    As a result, when we free the buffer it points to memory that is
    owned by something else and attempts to unmap and free it. Because
    the range does not match any known mapped range, it can trigger
    BUG_ON() traps in the vmap code, and potentially corrupt the vmap
    area tracking.
    
    Fix this by always resetting these buffers to their original state
    before freeing them.
    Signed-off-by: default avatarDave Chinner <dchinner@redhat.com>
    Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
    Signed-off-by: default avatarAlex Elder <aelder@sgi.com>
    44396476
xfs_log.c 104 KB