Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp3661780imc; Thu, 14 Mar 2019 02:17:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqw8vP//Fm0RJgZSdyrpHVJYDeba7A3fo8PSwalrXKY7SWurSRMCXxdrujMi98K8dDPS+UAg X-Received: by 2002:a17:902:2903:: with SMTP id g3mr49408282plb.222.1552555064150; Thu, 14 Mar 2019 02:17:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552555064; cv=none; d=google.com; s=arc-20160816; b=HW8T3VlAFX58RXJQVhQxuwczpdOn33+q5urSHjhHBBFdfeuCr1kVzCT9Qpy+hjtmnN lZQ1scZ2SeNFSI34ZFEJKxgOEZeGN+du2uFQOL9DcShneMbtXDzm/XcFQkbx6x+giABt WpsgsngygF5AnbnUZyXnvU1lwskUIBn9HY4GEmYk99rTWX6ONnFX3UjqO2x3QiVku1AK GbvDexZSajf9jZ8NWYoo55j0Lj+xUk5hq2yoIonUdK3KmxvHpYXhxDkTil/2zAfZ1F8l gX9oTLWfsxbbRKokz8JSvaXN4beNpqPWzUc34LiToUu1typ2X9BmKAtEzQ3JduPEXJ7i utQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:openpgp:from:references:cc:to:subject; bh=a0qumAddFfcgO5Cltdli7HxCk45hNN+/2mELs7avoZI=; b=QvB0DC3WmOxPEft1UAVo2hneWxwS+G88bDNN68oGZpq57nB6/DtdziNsHfCpq7LSEf 3RPEkvtywdR0bbw+owWf8nIHoDuVaJn6OJ9Lp2GHYV/gtXToa9ZFlHcNz50b/GeltnBn RImmPAY09B09lqgHItBpqwxoM43FyriFOlFg8xgtNtD91D92uMZm94T1KDwTAlNI26yg sR/OmMCWFQelPHC16Gs4YPq2eALBq7iBF+xl2eV0yyRENQlhunA1zXIa8k/Ex2i/pbak yfaiQg2MwSJtZyxvCrUn4ZwGl9+WxqRoE1hUnsOtAjkAnOgkSnUBaxZGqIb6zSsxnM8B 3Xrg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r1si12512132pfa.215.2019.03.14.02.17.28; Thu, 14 Mar 2019 02:17:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726888AbfCNJQc (ORCPT + 99 others); Thu, 14 Mar 2019 05:16:32 -0400 Received: from mout.gmx.net ([212.227.17.22]:43461 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726421AbfCNJQc (ORCPT ); Thu, 14 Mar 2019 05:16:32 -0400 Received: from [0.0.0.0] ([54.250.245.166]) by mail.gmx.com (mrgmx102 [212.227.17.174]) with ESMTPSA (Nemesis) id 0MCwbX-1hCuv73Sqp-009jqf; Thu, 14 Mar 2019 10:15:51 +0100 Subject: Re: [PATCH] btrfs: fix a NULL pointer dereference To: Nikolay Borisov , Kangjie Lu Cc: pakki001@umn.edu, Chris Mason , Josef Bacik , David Sterba , linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org References: <20190314075041.28966-1-kjlu@umn.edu> <50fa02f1-18c0-b039-ec2f-e16b715f53ff@gmx.com> From: Qu Wenruo Openpgp: preference=signencrypt Autocrypt: addr=quwenruo.btrfs@gmx.com; prefer-encrypt=mutual; keydata= mQENBFnVga8BCACyhFP3ExcTIuB73jDIBA/vSoYcTyysFQzPvez64TUSCv1SgXEByR7fju3o 8RfaWuHCnkkea5luuTZMqfgTXrun2dqNVYDNOV6RIVrc4YuG20yhC1epnV55fJCThqij0MRL 1NxPKXIlEdHvN0Kov3CtWA+R1iNN0RCeVun7rmOrrjBK573aWC5sgP7YsBOLK79H3tmUtz6b 9Imuj0ZyEsa76Xg9PX9Hn2myKj1hfWGS+5og9Va4hrwQC8ipjXik6NKR5GDV+hOZkktU81G5 gkQtGB9jOAYRs86QG/b7PtIlbd3+pppT0gaS+wvwMs8cuNG+Pu6KO1oC4jgdseFLu7NpABEB AAG0IlF1IFdlbnJ1byA8cXV3ZW5ydW8uYnRyZnNAZ214LmNvbT6JAVQEEwEIAD4CGwMFCwkI BwIGFQgJCgsCBBYCAwECHgECF4AWIQQt33LlpaVbqJ2qQuHCPZHzoSX+qAUCWdWCnQUJCWYC bgAKCRDCPZHzoSX+qAR8B/94VAsSNygx1C6dhb1u1Wp1Jr/lfO7QIOK/nf1PF0VpYjTQ2au8 ihf/RApTna31sVjBx3jzlmpy+lDoPdXwbI3Czx1PwDbdhAAjdRbvBmwM6cUWyqD+zjVm4RTG rFTPi3E7828YJ71Vpda2qghOYdnC45xCcjmHh8FwReLzsV2A6FtXsvd87bq6Iw2axOHVUax2 FGSbardMsHrya1dC2jF2R6n0uxaIc1bWGweYsq0LXvLcvjWH+zDgzYCUB0cfb+6Ib/ipSCYp 3i8BevMsTs62MOBmKz7til6Zdz0kkqDdSNOq8LgWGLOwUTqBh71+lqN2XBpTDu1eLZaNbxSI ilaVuQENBFnVga8BCACqU+th4Esy/c8BnvliFAjAfpzhI1wH76FD1MJPmAhA3DnX5JDORcga CbPEwhLj1xlwTgpeT+QfDmGJ5B5BlrrQFZVE1fChEjiJvyiSAO4yQPkrPVYTI7Xj34FnscPj /IrRUUka68MlHxPtFnAHr25VIuOS41lmYKYNwPNLRz9Ik6DmeTG3WJO2BQRNvXA0pXrJH1fN GSsRb+pKEKHKtL1803x71zQxCwLh+zLP1iXHVM5j8gX9zqupigQR/Cel2XPS44zWcDW8r7B0 q1eW4Jrv0x19p4P923voqn+joIAostyNTUjCeSrUdKth9jcdlam9X2DziA/DHDFfS5eq4fEv ABEBAAGJATwEGAEIACYWIQQt33LlpaVbqJ2qQuHCPZHzoSX+qAUCWdWBrwIbDAUJA8JnAAAK CRDCPZHzoSX+qA3xB/4zS8zYh3Cbm3FllKz7+RKBw/ETBibFSKedQkbJzRlZhBc+XRwF61mi f0SXSdqKMbM1a98fEg8H5kV6GTo62BzvynVrf/FyT+zWbIVEuuZttMk2gWLIvbmWNyrQnzPl mnjK4AEvZGIt1pk+3+N/CMEfAZH5Aqnp0PaoytRZ/1vtMXNgMxlfNnb96giC3KMR6U0E+siA 4V7biIoyNoaN33t8m5FwEwd2FQDG9dAXWhG13zcm9gnk63BN3wyCQR+X5+jsfBaS4dvNzvQv h8Uq/YGjCoV1ofKYh3WKMY8avjq25nlrhzD/Nto9jHp8niwr21K//pXVA81R2qaXqGbql+zo Message-ID: <641736e8-6965-16c6-5b2e-2474d6b72616@gmx.com> Date: Thu, 14 Mar 2019 17:15:42 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Provags-ID: V03:K1:6EHzglD20qYpJG6BTNhTM63ZUXopCgo/cvKxc0EhLOWuvFS1qmY XHXZurpWIg76aSmW5GJgmYbtgYE19eM55xUiOV5rMA1xC0EZkrLEGL89ddGIKsMUoQp/qY/ z9iJoFsRduDIfr9CHIwFw2+Wbq2xCcw1MbuCwnz3klfi3QD6XqRLNf5ZaZAzvbCCJCV1aaK hBlgBZ7RoOmU5Vk4T6rRA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:LAnrXby7M6M=:C90ygohTF9b1AGK8TDm0Mi M7gJ1nEaFrthQpbBXnD3U02T21pJEI9C6dE3RdsWSv9bbwm37pJpnc5qfnRT5suy6l0ag54eX 6yXk2j/JBLrzsID9W5STSZtqwxBZOTNu9/S7c0x9fM9i/mB4VuewK52A58gNnCxvsveewGNhi gNSKZtyCeNS1DAu2EuhCNblb3xJBl/G23/o6y2L4iOdpDTJqSn3wbI62ny0/OzC5BBIfWNLIo WIdcZ2O6A6gZ59cMrmEdbjuUQS6Tq9ZSfccOcddssLMK1Vr44Epi2CN22SS4pO0i2J4gkbcoz qWDJ45gNL5TZ7SjtsEcEecyVblwPuw6J2hGGXIm0w0JW9EvwS3XNuQQdPKZknzuqFyxKvq6if cZdjOLO6SLkKSUU5eZHNBiS6pRqwSYZat0KIiTV8/duOe0UI8HEovkoNHJCHQ+xQgjJmuT1VF vls97qn3vKI01ecqdj/lZy/CcsXrqC3XX8/L8whjnczctM4Di/sabigXZZjcodRczuRNLRs6s txtEh0Ql/4RYHC5Ses8IH74KjLlsipcAKGlK4QlyQzeS0w4uKaJCMz3aEvo7yyr1HmbwaXVwx eqT6NghGndSVfflaHwuMOAApOepPqM+x50qSSuZl693liucs8yk7OHdxs8iJjH1X3Jd7xjOdk maXCa+Jb0aCzVhZURnBon07b1X5fZaNLJMAYQ8P+AMlYiPmS+jsMtaF04Y0Vbsh6OcCkbpbpJ sWCSrK1BMwEzuucFp42d0oGmiMHnf84iYOCYewY1OVT3PdMg0csv8Rj7aRuaF9NxtyI4swx6B f974GVy5wUaPuVbGsUga/iTPX59GErz8j7DgCRZvRag4gLwO7trmFSpUc18YxdEFDGexeoKT4 XntkjCgz+auIyhz8g2FN4XNnQ4xCS3EUhv5bXJ5+5/WW0vNKiXbGTgnSXU/edyF74DuYYnO7o SSuolMXdPbw== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2019/3/14 下午4:03, Nikolay Borisov wrote: > > > On 14.03.19 г. 10:02 ч., Qu Wenruo wrote: >> >> >> On 2019/3/14 下午3:54, Nikolay Borisov wrote: >>> >>> >>> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote: >>>> btrfs_lookup_block_group may fail and return NULL. The fix goes >>>> to out when it fails to avoid NULL pointer dereference. >>> >>> Actually no, in this case btrfs_lookup_block_group must never fail >>> because if we have an allocated eb then it must have been allocated from >>> a bg. >> >> Yep, that's the normal case. >> >> However I'm wondering if it's possible to get a bad eb which is cached. >> >> Then we could hit such situation. >> >> So I still believe being safe here still makes sense, especially who >> knows future fuzzed image will be. > > Then I'd rather have ASSERT(cache) Isn't assert() a bad idea for production build without assert() support? Thanks, Qu > >> >> Thanks, >> Qu >> >>> >>>> >>>> Signed-off-by: Kangjie Lu >>>> --- >>>> fs/btrfs/extent-tree.c | 2 ++ >>>> 1 file changed, 2 insertions(+) >>>> >>>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c >>>> index 994f0cc41799..b1e7985bcb9d 100644 >>>> --- a/fs/btrfs/extent-tree.c >>>> +++ b/fs/btrfs/extent-tree.c >>>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans, >>>> >>>> pin = 0; >>>> cache = btrfs_lookup_block_group(fs_info, buf->start); >>>> + if (!cache) >>>> + goto out; >>>> >>>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) { >>>> pin_down_extent(fs_info, cache, buf->start, >>>> >>