From 251babb55d53d79bba9568d6516fd11128c34606 Mon Sep 17 00:00:00 2001 From: Brian Foster Date: Tue, 18 Apr 2023 13:05:47 -0400 Subject: bcachefs: fix NULL bch_dev deref when checking bucket_gens keys fsck removes bucket_gens keys for devices that do not exist in the volume (i.e., if the device was removed). In 'fsck -n' mode, the associated fsck_err_on() wrapper returns false to skip the key removal. This proceeds on to the rest of the function, which eventually segfaults on a NULL bch_dev because the device does not exist. Update bch2_check_bucket_gens_key() to skip out of the rest of the function when the associated device does not exist, regardless of running fsck in check or repair mode. Signed-off-by: Brian Foster Signed-off-by: Kent Overstreet --- fs/bcachefs/alloc_background.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'fs/bcachefs') diff --git a/fs/bcachefs/alloc_background.c b/fs/bcachefs/alloc_background.c index 4032d1940884..968b6103e979 100644 --- a/fs/bcachefs/alloc_background.c +++ b/fs/bcachefs/alloc_background.c @@ -1362,17 +1362,21 @@ static int bch2_check_bucket_gens_key(struct btree_trans *trans, u64 start = bucket_gens_pos_to_alloc(k.k->p, 0).offset; u64 end = bucket_gens_pos_to_alloc(bpos_nosnap_successor(k.k->p), 0).offset; u64 b; - bool need_update = false; + bool need_update = false, dev_exists; struct printbuf buf = PRINTBUF; int ret = 0; BUG_ON(k.k->type != KEY_TYPE_bucket_gens); bkey_reassemble(&g.k_i, k); - if (fsck_err_on(!bch2_dev_exists2(c, k.k->p.inode), c, - "bucket_gens key for invalid device:\n %s", - (bch2_bkey_val_to_text(&buf, c, k), buf.buf))) { - ret = bch2_btree_delete_at(trans, iter, 0); + /* if no bch_dev, skip out whether we repair or not */ + dev_exists = bch2_dev_exists2(c, k.k->p.inode); + if (!dev_exists) { + if (fsck_err_on(!dev_exists, c, + "bucket_gens key for invalid device:\n %s", + (bch2_bkey_val_to_text(&buf, c, k), buf.buf))) { + ret = bch2_btree_delete_at(trans, iter, 0); + } goto out; } -- cgit v1.2.3