From: Anand Jain <anand.jain@oracle.com>
To: linux-btrfs@vger.kernel.org
Cc: dsterba@suse.com
Subject: [PATCH] btrfs: fix null pointer dereference in write_pinned_extent_entries
Date: Fri, 26 Apr 2019 01:08:06 +0800 [thread overview]
Message-ID: <20190425170806.1213-1-anand.jain@oracle.com> (raw)
btrfs/049 fails with null pointer dereference
kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000030
::
kernel: RIP: 0010:write_pinned_extent_entries+0x27/0x100 [btrfs]
::
kernel: Call Trace:
kernel: __btrfs_write_out_cache+0x273/0x450 [btrfs]
kernel: btrfs_write_out_ino_cache+0x84/0xd0 [btrfs]
kernel: btrfs_save_ino_cache+0x414/0x500 [btrfs]
kernel: commit_fs_roots+0xc6/0x190 [btrfs]
kernel: btrfs_commit_transaction+0x4de/0xac0 [btrfs]
kernel: btrfs_sync_file+0x35b/0x3d0 [btrfs]
kernel: do_fsync+0x38/0x60
kernel: __x64_sys_fsync+0x10/0x20
%block_group::fs_info should be accessed only when block_group is not null.
(Fixes: de965ddc6f29 btrfs: get fs_info from block group in
write_pinned_extent_entries)
Signed-off-by: Anand Jain <anand.jain@oracle.com>
---
fs/btrfs/free-space-cache.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
index ea7fecf63fbb..a065041e7c80 100644
--- a/fs/btrfs/free-space-cache.c
+++ b/fs/btrfs/free-space-cache.c
@@ -1044,7 +1044,7 @@ static noinline_for_stack int write_pinned_extent_entries(
struct btrfs_io_ctl *io_ctl,
int *entries)
{
- struct btrfs_fs_info *fs_info = block_group->fs_info;
+ struct btrfs_fs_info *fs_info;
u64 start, extent_start, extent_end, len;
struct extent_io_tree *unpin = NULL;
int ret;
@@ -1052,6 +1052,7 @@ static noinline_for_stack int write_pinned_extent_entries(
if (!block_group)
return 0;
+ fs_info = block_group->fs_info;
/*
* We want to add any pinned extents to our free space cache
* so we don't leak the space
--
2.20.1 (Apple Git-117)
next reply other threads:[~2019-04-25 17:08 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-25 17:08 Anand Jain [this message]
2019-04-25 17:16 ` [PATCH] btrfs: fix null pointer dereference in write_pinned_extent_entries David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190425170806.1213-1-anand.jain@oracle.com \
--to=anand.jain@oracle.com \
--cc=dsterba@suse.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.