dm raid: fix address sanitizer warning in raid_resume

commit 7dad24db59d2d2803576f2e3645728866a056dab upstream.

There is a KASAN warning in raid_resume when running the lvm test
lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks
is greater than rs->raid_disks, so the loop touches one entry beyond
the allocated length.

Cc: stable@vger.kernel.org
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Mike Snitzer <snitzer@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/md/dm-raid.c b/drivers/md/dm-raid.c
index 4e94200e0142303a2f3a89b7628bba37c083bf56..0a8b5ea172045a6376531503de64ab120dbbefde 100644 (file)
--- a/drivers/md/dm-raid.c
+++ b/drivers/md/dm-raid.c
@@ -3794,7 +3794,7 @@ static void attempt_restore_of_faulty_devices(struct raid_set *rs)
 
        memset(cleared_failed_devices, 0, sizeof(cleared_failed_devices));
 
-       for (i = 0; i < mddev->raid_disks; i++) {
+       for (i = 0; i < rs->raid_disks; i++) {
                r = &rs->dev[i].rdev;
                /* HM FIXME: enhance journal device recovery processing */
                if (test_bit(Journal, &r->flags))