Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1803495rwb; Fri, 23 Sep 2022 19:52:26 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5xuIIH4m3lheHz3b9AaNc8q78zD5d0g8Tk9x3njNBS3Ao9LO87azqbERPOWcYxoE0vJxol X-Received: by 2002:a17:902:e74b:b0:178:2976:41b0 with SMTP id p11-20020a170902e74b00b00178297641b0mr11456899plf.105.1663987946678; Fri, 23 Sep 2022 19:52:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663987946; cv=none; d=google.com; s=arc-20160816; b=BgdliL9UEGLN7zHkXNrjCKB4y+mthg04VX6XgIdtnwRunmYVOgqrK9FNaGL8Y5xBLy 2M2LbXMQu6pf5RRCzldjf+/amkRf7864W2iq8m7q2DojWbpvZmOhvSJnVulfuwlZ1Xd2 OxgY0CDL8lQNrLnQQCV8P6mEGEpo/kW9ClTQoMt0HzwV8H/wNfDmxrs8lnGGOrPH6ZX6 6/BFz0ENISMC6DbQXHy3eGdcHjNrXjp5liazSRYMKUptSFatoTk2AUTLvyzN2ETH5c11 xe8LobVNqbSufwpWZ1m4iFZAJHSsF+EpqnkQarDCP3e9xsDEV7Sr061AiGcOUTg5d9w/ qW8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=A7BrgHMpz0jTwrFTSLIIF9HRVmm/VjlmMO8vZE6HLXs=; b=zyTkfRqo2OHnBtIwV/R1y2AoGdpsfMC9ZEKJR2jEgx0vkwAdTfS9HFwZ350NH6ASM6 Xrs5X453HXB7dCaMjm++iLw5kXExxXSi4x0WumdvGCr1a4pW0iuO0g34BRfChTIg1oYN jgF0uz0kPd9VCXtT/iW31sUBJ0yIV4zQPq29MAaeGrLK+nhoSCLodUHcZ0NgD1qMG90P NGf2srr59t91o8jM3IkWAMqLpnQ/9ufj252xL0rdx5tnw2Mr7AorVvNKvDMQx8dwP5e6 2QKBvhKYZvqqoiVyFFVWo09No9HUOw4F3n9HT5VCdvRmogCPLu46bl4g+MMr8UuGSz+c DoQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k7-20020a170902694700b00176e70dd154si4533244plt.301.2022.09.23.19.52.04; Fri, 23 Sep 2022 19:52:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233032AbiIXCvJ (ORCPT + 99 others); Fri, 23 Sep 2022 22:51:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233353AbiIXCu6 (ORCPT ); Fri, 23 Sep 2022 22:50:58 -0400 Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [45.249.212.189]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 159301075A3 for ; Fri, 23 Sep 2022 19:50:56 -0700 (PDT) Received: from dggemv711-chm.china.huawei.com (unknown [172.30.72.57]) by szxga03-in.huawei.com (SkyGuard) with ESMTP id 4MZD3s6WsjzHpW8; Sat, 24 Sep 2022 10:48:41 +0800 (CST) Received: from kwepemm600003.china.huawei.com (7.193.23.202) by dggemv711-chm.china.huawei.com (10.1.198.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sat, 24 Sep 2022 10:50:54 +0800 Received: from [127.0.0.1] (10.174.177.249) by kwepemm600003.china.huawei.com (7.193.23.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sat, 24 Sep 2022 10:50:53 +0800 Subject: Re: [PATCH] tune2fs: fix a NULL dereference on failed journal replay To: Lubomir Rintel , Theodore Ts'o CC: References: <20220923132735.1701587-1-lkundrak@v3.sk> From: Zhiqiang Liu Message-ID: <2bb44e20-d4a8-a176-34ab-0c5c74d755c6@huawei.com> Date: Sat, 24 Sep 2022 10:50:51 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <20220923132735.1701587-1-lkundrak@v3.sk> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.174.177.249] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To kwepemm600003.china.huawei.com (7.193.23.202) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org Nice catch But Li Jinlin has also found this problem, and sent a patch: "[PATCH] tune2fs: exit directly when fs freed in ext2fs_run_ext3_journal" On 2022/9/23 21:27, Lubomir Rintel wrote: > Got a crash: > > Starting program: e2fsprogs-1.46.5/misc/tune2fs -O ^has_journal -ff /dev/sdh2 > tune2fs 1.46.5 (30-Dec-2021) > Recovering journal. > tune2fs: Unknown code ____ 251 while recovering journal. > Please run e2fsck -fy /dev/sdh2. > > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff7f8565a in ext2fs_mmp_stop (fs=0x0) at ../mmp.c:405 > 405 if (!ext2fs_has_feature_mmp(fs->super) || > (gdb) bt > #0 0x00007ffff7f8565a in ext2fs_mmp_stop (fs=0x0) at ../mmp.c:405 > #1 0x000055555555acd8 in main (argc=, argv=) at /home/lkundrak/fedora/e2fsprogs/e2fsprogs-1.46.5/misc/tune2fs.c:3441 > (gdb) > > Turns out, ext2fs_run_ext3_journal() can close fs and then fail. If that > happened, we shall not jump to closefs:, quit right away instead. > > Signed-off-by: Lubomir Rintel > --- > misc/tune2fs.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/misc/tune2fs.c b/misc/tune2fs.c > index 088f87e5..96cfd001 100644 > --- a/misc/tune2fs.c > +++ b/misc/tune2fs.c > @@ -3345,7 +3345,10 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n" > "while recovering journal.\n"); > printf(_("Please run e2fsck -fy %s.\n"), argv[1]); > rc = 1; > - goto closefs; > + if (fs) > + goto closefs; > + else > + return 1; > } > sb = fs->super; > } >