bounce: don't rely on a zeroed bio_vec list
authorJens Axboe <jens.axboe@oracle.com>
Tue, 23 Dec 2008 11:44:19 +0000 (12:44 +0100)
committerJens Axboe <jens.axboe@oracle.com>
Mon, 29 Dec 2008 07:29:52 +0000 (08:29 +0100)
__blk_queue_bounce() relies on a zeroed bio_vec list, since it looks
up arbitrary indexes in the allocated bio. The block layer only
guarentees that added entries are valid, so clear memory after alloc.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
mm/bounce.c

index bf0cf7c8387b8d92c93dfb18436a7f2cf424cb00..e590272fe7a8f3e40acb21059bb0082f74354f26 100644 (file)
@@ -198,8 +198,13 @@ static void __blk_queue_bounce(struct request_queue *q, struct bio **bio_orig,
                /*
                 * irk, bounce it
                 */
-               if (!bio)
-                       bio = bio_alloc(GFP_NOIO, (*bio_orig)->bi_vcnt);
+               if (!bio) {
+                       unsigned int cnt = (*bio_orig)->bi_vcnt;
+
+                       bio = bio_alloc(GFP_NOIO, cnt);
+                       memset(bio->bi_io_vec, 0, cnt * sizeof(struct bio_vec));
+               }
+                       
 
                to = bio->bi_io_vec + i;