From: Darrick J. Wong <djwong@xxxxxxxxxx> The __initbuf function is responsible for initializing the fields of an xfs_buf. Buffers are always required to have a mapping, though in the typical case there's only one mapping, so we can use the internal one. The single-mapping b_maps init code at the end of the function doesn't quite get this right though -- if a single-mapping buffer in the cache was allowed to expire and now is being repurposed, it'll come out with b_maps == &__b_map, in which case we incorrectly skip initializing the map. This has gone unnoticed until now because (AFAICT) the code paths that use b_maps are the same ones that are called with multi-mapping buffers, which are initialized correctly. Anyway, the improperly initialized single-mappings will cause problems in upcoming patches where we turn b_bn into the cache key and require the use of b_maps[0].bm_bn for the buffer LBA. Fix this. Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx> --- libxfs/rdwr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libxfs/rdwr.c b/libxfs/rdwr.c index f4e76029..03dc2917 100644 --- a/libxfs/rdwr.c +++ b/libxfs/rdwr.c @@ -251,9 +251,11 @@ __initbuf(struct xfs_buf *bp, struct xfs_buftarg *btp, xfs_daddr_t bno, bp->b_ops = NULL; INIT_LIST_HEAD(&bp->b_li_list); - if (!bp->b_maps) { - bp->b_nmaps = 1; + if (!bp->b_maps) bp->b_maps = &bp->__b_map; + + if (bp->b_maps == &bp->__b_map) { + bp->b_nmaps = 1; bp->b_maps[0].bm_bn = bp->b_bn; bp->b_maps[0].bm_len = bp->b_length; }