Array index of 'device' may be out of bounds. Array 'device'
of size 40 may use index value(s) 0..43.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Possible memory leak. Dynamic memory stored in 'dev' and 'dev' allocated
through function 'malloc' can be lost on exit path.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Possible memory leak. Dynamic memory stored in 'sra' allocated through
function 'sysfs_read' at line 2484 can be lost at lines 2491, 2560 and
2571.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Dynamic memory stored in 'devnum2devname(st->container_dev)' allocated
through function 'devnum2devname' at line 1274 is lost at line 1278.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Pointer 'c' returned from call to function 'strchr' at line 954 may
be NULL and will be dereferenced at line 955.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Pointer 'disk' returned from call to function '_get_imsm_disk' at line
700 may be NULL and will be dereferenced at line 710.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Pointer 'st' returned from call to function 'malloc' at line 320 may
be NULL and it will be dereferenced at line 321.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
sysfs_add_disk() regenerates the name from major:minor, so we can drop a
strcpy that the static analysis checker does not like.
Reported-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Buffer overflow, array index of 'nm' may be out of bounds.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Pointers '_dev' and '_disk' returned from call to function '_get_imsm_dev'
and '_get_imsm_disk' may be NULL and will be dereferenced at lines
2933 and 2934, respectively.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Suspicious dereference of pointer 'super' before NULL check at
line 3429.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Make sure opened file descriptor is cleaned up on exit
path. Also make sure allocated memory for 'sra' is released
on exit path, too.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Pointer 'this' returned from call to function 'malloc' at line 3795
may be NULL and will be dereferenced at line 3796.
Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Potential buffer overflow of 'link' caused by user input may occur,
due to non null-terminated string 'link'.
Signed-off-by: Artur Wojcik <artur.wojcik@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
If a device is marked as faulty, then a re-add will cause it to be
added as a faulty drive, which is not what it wanted.
So just refuse to try to re-add a device which is marked 'faulty'.
Signed-off-by: NeilBrown <neilb@suse.de>
When creating an array, check if the devices have partition
tables and print a warning if the table or the partitions might be
destroyed by array creation.
Signed-off-by: NeilBrown <neilb@suse.de>
When -z is omitted reserve_space() looks to satisfy a zero length
allocation which lo and behold is equal to the amount of free space on a
full disk. So, catch maxsize == 0 and simplify the return value from
merge_extents() to always equal amount of free space (no benefit to
having a special case ~0ULL == error).
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
As array.size is 32bit we need to prefer the 'component_size'
read from sysfs when that is available.
Grow wasn't always suitably careful.
Signed-off-by: NeilBrown <neilb@suse.de>
array.size is only 32bit so it is not safe to multiply it
up before casting to (long long).
Actually, we shouldn't be using array.size here at all, but that
will get fixed in a subsequent patch.
Reported-by: Andrew Burgess <aab@cichlid.com>
Signed-off-by: NeilBrown <neilb@suse.de>
- When --kill-superblock is used with --metadata, find every
different superblock if there are several and kill them all.
- When creating a new array, kill off any old metadata. The code
to do this was already present but has become broken over time.
Signed-off-by: NeilBrown <neilb@suse.de>
As a some/most bootloaders don't understand md metadata, it might
be difficult to boot off an array with the default 1.0 metadata.
So if this is used for a RAID1, ask for confirmation.
Signed-Off-By: NeilBrown <neilb@suse.de>
As --add can destroy important data on a disk, and
--re-add is not suppose to, it is wrong to silently
try --add if --re-add fails.
So print a message and abort instead.
Signed-off-by: NeilBrown <neilb@suse.de>
->validate_geometry is called to validate overall parameters,
and to validate each individual device.
If it ever fails, it needs to report the reason, as common code
cannot possible know.
Signed-off-by: NeilBrown <neilb@suse.de>
A small bitmap-chunksize hurts performance without helping
resync speed much - particularly on internal bitmaps.
So set the default to at least 64Meg.
Signed-off-by: NeilBrown <neilb@suse.de>
1.1 is more flexible in a number of ways and is safer.
0.90 is still fully supported.
1.0 should possibly be used for RAID1 arrays that you
want to boot off, depending on your boot loader.
Signed-off-by: NeilBrown <neilb@suse.de>
This seems more appropriate for current (and recent) model drives than
64K.
64K is still the default for '--build' as changing that could corrupt
data.
64K is also the default rounding for 'linear' on kernels older than
2.6.16.
Signed-off-by: NeilBrown <neilb@suse.de>
Other metadata formats already did not worry about whether 'sync' was
missing or not. super0 needs that now, but only for 0.91 metadata
that is undergoing reshape.
Signed-off-by: NeilBrown <neilb@suse.de>
Previously such things did not exist: ACTIVE and SYNC were either both
set or both clear. Recent changes with reshape means that a device
can be ACTIVE but not yet fully in-sync, so they need to be handled
and included in the array as active devices.
Signed-off-by: NeilBrown <neilb@suse.de>
A change the reduces the size of an array always happens
before any other change. So it can cause data to be lost.
By themselves these changes are reversible. But once another
change has started, the data would be permanently lost.
So recommend data integrity be checked between a size change
and any other change.
Signed-off-by: NeilBrown <neilb@suse.de>
2.6.31 has a bug which can lead to unsafe reshaping.
So only allow a reshape with 2.6.32.
When the required fixed get into 2.6.31.y, this can be relaxed
slightly
Signed-off-by: NeilBrown <neilb@suse.de>
We were using ->component_size while it hadn't been set.
This effectively meant that 'blocks' wasn't multiplied by
16 and reshape was even slower than it should have been.
Signed-off-by: NeilBrown <neilb@suse.de>
If an array goes degraded during reshape, we need to
adjust the devices we read from so as not to back up
stale data.
Signed-off-by: NeilBrown <neilb@suse.de>
The 'arraystart' is in sectors while restore_stripes requires
bytes, so we need a conversion.
Without this, backups get restored to the wrong offset.
Reported-by: "KueiHuan Chen" <kueihuan.chen@gmail.com>
Signed-off-by: NeilBrown <neilb@suse.de>
One should use
/sbin/blkid -o udev -p ...
(from util-linux >> 2.16) instead of
vol_id --export ...
Author: Marco d'Itri <md@linux.it>
Bug-Debian: http://bugs.debian.org/541884
Reviewed-by: martin f. krafft <madduck@debian.org>
Signed-off-by: NeilBrown <neilb@suse.de>
LANG=C man --warnings -l mdadm.8 > /dev/null
complains that '.XX' is an invalid macro.
This is not correct. The sequence
.ig XX
anything can go here
.XX
is correct and is ignored (see 'info groff' and the 'ig' index
entry).
However the same can be achieved with
.ig
anything can go there
..
and this produces no warnings, so use that instead.
Signed-off-by: NeilBrown <neilb@suse.de>
As mdadm is normally a short-lived program it isn't always necessary
to free memory that was allocated, as the 'exit()' call will
automatically free everything. But it is more obviously correct if
the 'free' is there.
So this patch add a few calls to 'free'
Signed-off-by: NeilBrown <neilb@suse.de>
Originally the backup-metadata was only written once at the
start of a raid5 reshape that made the array bigger. So we only
set the mtime once.
Now that we can be writing metadata continually during an in-place
reshape, we need to update the mtime more often.
Also, allow the metadata mtime to be slightly in advance of the
array mtime. Normally the difference will be less than a second,
so 10 minutes should be plenty. This guards against an old backup
file being used to restart an array. but starting two reshapes in the
10 minutes is sufficiently unlikely, and the possibility of an
accident is already sufficiently small, that 10 minutes is probably
fine.
Thanks to Guy Martin <gmsoft@tuxicoman.be> for discovering and
reporting that .mtime wasn't being updated properly.
Signed-off-by: NeilBrown <neilb@suse.de>
Artur Wojcik
Dan Williams
NeilBrown
Trela, Maciej
Marco d'Itri