The index on the page must be set before it is inserted in the
radix tree. Otherwise there is a small race which can occur
during lookup where the page can be found with the incorrect
index. This will trigger the BUG_ON() in brd_lookup_page().
Reported-by: Chris Wedgwood <[email protected]>
Signed-off-by: Brian Behlendorf <[email protected]>
---
drivers/block/brd.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/block/brd.c b/drivers/block/brd.c
index f1a29f8..9bf4371 100644
--- a/drivers/block/brd.c
+++ b/drivers/block/brd.c
@@ -117,13 +117,13 @@ static struct page *brd_insert_page(struct
brd_device *b, sector_t sector)
spin_lock(&brd->brd_lock);
idx = sector >> PAGE_SECTORS_SHIFT;
+ page->index = idx;
if (radix_tree_insert(&brd->brd_pages, idx, page)) {
__free_page(page);
page = radix_tree_lookup(&brd->brd_pages, idx);
BUG_ON(!page);
BUG_ON(page->index != idx);
- } else
- page->index = idx;
+ }
spin_unlock(&brd->brd_lock);
radix_tree_preload_end();
--
1.7.4.1