[RHEL7,COMMIT] fs/fuse kio_pcs: NULL pointer dereference in map_submit()->MAP_ARGS()

Submitted by Konstantin Khorenko on Oct. 31, 2018, 1:02 p.m.

Details

Message ID 201810311302.w9VD2pv7023557@finist-ce7.sw.ru
State New
Series "fs/fuse kio_pcs: NULL pointer dereference in map_submit()->MAP_ARGS()"
Headers show

Commit Message

Konstantin Khorenko Oct. 31, 2018, 1:02 p.m.
The commit is pushed to "branch-rh7-3.10.0-862.14.4.vz7.72.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.14.4.vz7.72.15
------>
commit 9139fc018010f890225b1370e0b9a2dbae5e9fd6
Author: Pavel Butsykin <pbutsykin@virtuozzo.com>
Date:   Wed Oct 31 16:02:51 2018 +0300

    fs/fuse kio_pcs: NULL pointer dereference in map_submit()->MAP_ARGS()
    
    MAP_ARGS() contains reference to m->mapping, which can be NULL in case of
    map dead.
    
    Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
    Reviewed-by: Kirill Tkhai <ktkhai@virtuozzo.com>
    
    =====================
    Patchset description:
    
    FUSE KIO: Mapping truncate fixes
    
    https://jira.sw.ru/browse/PSBM-89539
---
 fs/fuse/kio/pcs/pcs_map.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/fs/fuse/kio/pcs/pcs_map.c b/fs/fuse/kio/pcs/pcs_map.c
index ea85c8652b3d..9e7d0dba2bbd 100644
--- a/fs/fuse/kio/pcs/pcs_map.c
+++ b/fs/fuse/kio/pcs/pcs_map.c
@@ -2284,7 +2284,6 @@  void map_submit(struct pcs_map_entry * m, struct pcs_int_request *ireq)
 	int direction;
 	int done;
 
-	DTRACE("enter m: " MAP_FMT ", ireq:%p \n", MAP_ARGS(m),	 ireq);
 	BUG_ON(ireq->type != PCS_IREQ_IOCHUNK && ireq->type != PCS_IREQ_FLUSH);
 	BUG_ON(pcs_if_error(&ireq->error));
 
@@ -2303,6 +2302,8 @@  void map_submit(struct pcs_map_entry * m, struct pcs_int_request *ireq)
 			pcs_map_queue_resolve(m, ireq, direction);
 			return;
 		}
+		DTRACE("enter m: " MAP_FMT ", ireq:%p \n", MAP_ARGS(m),	 ireq);
+
 		csl = m->cs_list;
 		if (csl)
 			cslist_get(csl);