14 #23 mentioned the bug of Null pointer and kernel got into a soft lock. The bug happens in function is_mq.c::stackbd_make_request2 .
The real intention of this function may be, first to copy all struct bio that attached to the struct request, and then add these bio into the request queue of 'stackbd'.
Misusing variable req->nr_phys_segments which means "Number of physical scatter gather segments in a request" (kernel document) led to out-of-range access to the request list.
14 #23 mentioned the bug of Null pointer and kernel got into a soft lock. The bug happens in function
is_mq.c::stackbd_make_request2.The real intention of this function may be, first to copy all
struct biothat attached to thestruct request, and then add thesebiointo the request queue of 'stackbd'.Misusing variable
req->nr_phys_segmentswhich means "Number of physical scatter gather segments in a request" (kernel document) led to out-of-range access to the request list.