md: raid5 crash during degradation
authorAdam Kwolek <adam.kwolek@intel.com>
Fri, 9 Dec 2011 03:26:11 +0000 (14:26 +1100)
committerNeilBrown <neilb@suse.de>
Fri, 9 Dec 2011 03:26:11 +0000 (14:26 +1100)
NULL pointer access causes crash in raid5 module.

Signed-off-by: Adam Kwolek <adam.kwolek@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
drivers/md/raid5.c

index b0dec01028f44223066478469c16583ee958f10b..31670f8d6b65789c071c1fd8d212c168138e14d8 100644 (file)
@@ -3070,7 +3070,7 @@ static void analyse_stripe(struct stripe_head *sh, struct stripe_head_state *s)
                        if (sh->sector + STRIPE_SECTORS <= rdev->recovery_offset)
                                set_bit(R5_Insync, &dev->flags);
                }
-               if (test_bit(R5_WriteError, &dev->flags)) {
+               if (rdev && test_bit(R5_WriteError, &dev->flags)) {
                        clear_bit(R5_Insync, &dev->flags);
                        if (!test_bit(Faulty, &rdev->flags)) {
                                s->handle_bad_blocks = 1;
@@ -3078,7 +3078,7 @@ static void analyse_stripe(struct stripe_head *sh, struct stripe_head_state *s)
                        } else
                                clear_bit(R5_WriteError, &dev->flags);
                }
-               if (test_bit(R5_MadeGood, &dev->flags)) {
+               if (rdev && test_bit(R5_MadeGood, &dev->flags)) {
                        if (!test_bit(Faulty, &rdev->flags)) {
                                s->handle_bad_blocks = 1;
                                atomic_inc(&rdev->nr_pending);