* [PATCH] bcachefs: fix invalid memory access in bch2_fs_alloc() error path
@ 2023-12-14 19:06 Thomas Bertschinger
2023-12-14 20:22 ` Kent Overstreet
0 siblings, 1 reply; 2+ messages in thread
From: Thomas Bertschinger @ 2023-12-14 19:06 UTC (permalink / raw)
To: kent.overstreet, bfoster, linux-bcachefs; +Cc: Thomas Bertschinger
When bch2_fs_alloc() gets an error before calling
bch2_fs_btree_iter_init(), bch2_fs_btree_iter_exit() makes an invalid
memory access because btree_trans_list is uninitialized.
Signed-off-by: Thomas Bertschinger <tahbertschinger@gmail.com>
Fixes: 6bd68ec266ad ("bcachefs: Heap allocate btree_trans")
---
fs/bcachefs/btree_iter.c | 8 ++++++--
fs/bcachefs/btree_iter.h | 1 +
fs/bcachefs/super.c | 1 +
3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/fs/bcachefs/btree_iter.c b/fs/bcachefs/btree_iter.c
index f6c41a8924dd..569a087f6a65 100644
--- a/fs/bcachefs/btree_iter.c
+++ b/fs/bcachefs/btree_iter.c
@@ -3142,10 +3142,9 @@ void bch2_fs_btree_iter_exit(struct bch_fs *c)
mempool_exit(&c->btree_trans_pool);
}
-int bch2_fs_btree_iter_init(struct bch_fs *c)
+void bch2_fs_btree_iter_init_early(struct bch_fs *c)
{
struct btree_transaction_stats *s;
- int ret;
for (s = c->btree_transaction_stats;
s < c->btree_transaction_stats + ARRAY_SIZE(c->btree_transaction_stats);
@@ -3156,6 +3155,11 @@ int bch2_fs_btree_iter_init(struct bch_fs *c)
INIT_LIST_HEAD(&c->btree_trans_list);
seqmutex_init(&c->btree_trans_lock);
+}
+
+int bch2_fs_btree_iter_init(struct bch_fs *c)
+{
+ int ret;
c->btree_trans_bufs = alloc_percpu(struct btree_trans_buf);
if (!c->btree_trans_bufs)
diff --git a/fs/bcachefs/btree_iter.h b/fs/bcachefs/btree_iter.h
index 90e54545afff..a9277a1564b3 100644
--- a/fs/bcachefs/btree_iter.h
+++ b/fs/bcachefs/btree_iter.h
@@ -876,6 +876,7 @@ unsigned bch2_trans_get_fn_idx(const char *);
void bch2_btree_trans_to_text(struct printbuf *, struct btree_trans *);
void bch2_fs_btree_iter_exit(struct bch_fs *);
+void bch2_fs_btree_iter_init_early(struct bch_fs *);
int bch2_fs_btree_iter_init(struct bch_fs *);
#endif /* _BCACHEFS_BTREE_ITER_H */
diff --git a/fs/bcachefs/super.c b/fs/bcachefs/super.c
index 893b52eda519..3a72df8a8334 100644
--- a/fs/bcachefs/super.c
+++ b/fs/bcachefs/super.c
@@ -769,6 +769,7 @@ static struct bch_fs *bch2_fs_alloc(struct bch_sb *sb, struct bch_opts opts)
bch2_fs_copygc_init(c);
bch2_fs_btree_key_cache_init_early(&c->btree_key_cache);
+ bch2_fs_btree_iter_init_early(c);
bch2_fs_btree_interior_update_init_early(c);
bch2_fs_allocator_background_init(c);
bch2_fs_allocator_foreground_init(c);
--
2.43.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] bcachefs: fix invalid memory access in bch2_fs_alloc() error path
2023-12-14 19:06 [PATCH] bcachefs: fix invalid memory access in bch2_fs_alloc() error path Thomas Bertschinger
@ 2023-12-14 20:22 ` Kent Overstreet
0 siblings, 0 replies; 2+ messages in thread
From: Kent Overstreet @ 2023-12-14 20:22 UTC (permalink / raw)
To: Thomas Bertschinger; +Cc: bfoster, linux-bcachefs
On Thu, Dec 14, 2023 at 12:06:41PM -0700, Thomas Bertschinger wrote:
> When bch2_fs_alloc() gets an error before calling
> bch2_fs_btree_iter_init(), bch2_fs_btree_iter_exit() makes an invalid
> memory access because btree_trans_list is uninitialized.
>
> Signed-off-by: Thomas Bertschinger <tahbertschinger@gmail.com>
> Fixes: 6bd68ec266ad ("bcachefs: Heap allocate btree_trans")
Perfectly follows the conventions for this code, nice!
Applied :)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-12-14 20:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-14 19:06 [PATCH] bcachefs: fix invalid memory access in bch2_fs_alloc() error path Thomas Bertschinger
2023-12-14 20:22 ` Kent Overstreet
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.