From: Petr Vandrovec Date: Wed, 19 Nov 2008 10:12:14 +0000 (+0100) Subject: When block layer fails to map iov, it calls bio_unmap_user to undo X-Git-Tag: firefly_0821_release~16616^2~3 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=53cc0b2948bcb8a084982e6c1f9bd7b337e0df38;p=firefly-linux-kernel-4.4.55.git When block layer fails to map iov, it calls bio_unmap_user to undo mapping. Which is good if pages were mapped - but if they were provided by someone else and just copied then bad things happen - pages are released once here, and once by caller, leading to user triggerable BUG at include/linux/mm.h:246. Signed-off-by: Petr Vandrovec Signed-off-by: Jens Axboe --- diff --git a/block/blk-map.c b/block/blk-map.c index 0f4b4b881811..2990447f45e9 100644 --- a/block/blk-map.c +++ b/block/blk-map.c @@ -224,7 +224,7 @@ int blk_rq_map_user_iov(struct request_queue *q, struct request *rq, */ bio_get(bio); bio_endio(bio, 0); - bio_unmap_user(bio); + __blk_rq_unmap_user(bio); return -EINVAL; }