[PATCH] cfq-iosched: fix crash in do_div()

We don't clear the seek stat values in cfq_alloc_io_context(), and if
->seek_mean is unlucky enough to be set to -36 by chance, the first
invocation of cfq_update_io_seektime() will oops with a divide by zero
in do_div().

Just memset the entire cic instead of filling invididual values
independently.

Signed-off-by: Jens Axboe <axboe@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c
index a46d030..052b174 100644 (file)
--- a/block/cfq-iosched.c
+++ b/block/cfq-iosched.c
@@ -1323,17 +1323,12 @@ cfq_alloc_io_context(struct cfq_data *cfqd, gfp_t gfp_mask)
        struct cfq_io_context *cic = kmem_cache_alloc(cfq_ioc_pool, gfp_mask);
 
        if (cic) {
-               RB_CLEAR(&cic->rb_node);
-               cic->key = NULL;
-               cic->cfqq[ASYNC] = NULL;
-               cic->cfqq[SYNC] = NULL;
+               memset(cic, 0, sizeof(*cic));
+               RB_CLEAR_COLOR(&cic->rb_node);
                cic->last_end_request = jiffies;
-               cic->ttime_total = 0;
-               cic->ttime_samples = 0;
-               cic->ttime_mean = 0;
+               INIT_LIST_HEAD(&cic->queue_list);
                cic->dtor = cfq_free_io_context;
                cic->exit = cfq_exit_io_context;
-               INIT_LIST_HEAD(&cic->queue_list);
                atomic_inc(&ioc_count);
        }