From b853fd364810a241050778124842a8c415c72a69 Mon Sep 17 00:00:00 2001 From: Wen Congyang Date: Wed, 27 Oct 2010 21:27:12 -0400 Subject: ext4: avoid null dereference in trace_ext4_mballoc_discard ac->inode is set to null in function ext4_mb_release_group_pa(), and then trace_ext4_mballoc_discard(ac) is called, the kernel will panic. BUG: unable to handle kernel NULL pointer dereference at 000000a4 IP: [] ftrace_raw_event_ext4__mballoc+0x54/0xc0 [ext4] *pdpt = 0000000000abd001 *pde = 0000000000000000 Oops: 0000 [#1] SMP Pid: 550, comm: flush-8:16 Not tainted 2.6.36-rc1 #1 SE7320EP2/Altos G530 EIP: 0060:[] EFLAGS: 00010206 CPU: 1 EIP is at ftrace_raw_event_ext4__mballoc+0x54/0xc0 [ext4] EAX: f32ac840 EBX: f3f1cf88 ECX: f32ac840 EDX: 00000000 ESI: f32ac83c EDI: f880b9d8 EBP: 00000000 ESP: f4b77ae4 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 Process flush-8:16 (pid: 550, ti=f4b76000 task=f613e540 task.ti=f4b76000) Call Trace: [] ? ext4_mb_release_group_pa+0x121/0x150 [ext4] [] ? ext4_mb_discard_group_preallocations+0x336/0x400 [ext4] [] ? ext4_mb_new_blocks+0x3d1/0x4f0 [ext4] [] ? __make_request+0x10b/0x440 [] ? ext4_ext_map_blocks+0x1334/0x1980 [ext4] [] ? rb_reserve_next_event+0xaa/0x3b0 [] ? ext4_map_blocks+0xd6/0x1d0 [ext4] [] ? mpage_da_map_blocks+0xc7/0x8a0 [ext4] [] ? find_get_pages_tag+0x38/0x110 [] ? __pagevec_release+0x15/0x20 [] ? ext4_da_writepages+0x2b5/0x5d0 [ext4] [] ? __writepage+0x0/0x30 [] ? do_writepages+0x14/0x30 [] ? writeback_single_inode+0xa0/0x240 [] ? writeback_sb_inodes+0xc1/0x180 [] ? writeback_inodes_wb+0x88/0x140 [] ? wb_writeback+0x20b/0x320 [] ? lock_timer_base+0x27/0x50 [] ? wb_do_writeback+0x150/0x190 [] ? bdi_writeback_thread+0x88/0x1f0 [] ? complete+0x40/0x60 [] ? bdi_writeback_thread+0x0/0x1f0 [] ? kthread+0x74/0x80 [] ? kthread+0x0/0x80 [] ? kernel_thread_helper+0x6/0x10 Signed-off-by: Wen Congyang Acked-by: Steven Rostedt Signed-off-by: "Theodore Ts'o" --- include/trace/events/ext4.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/trace/events/ext4.h b/include/trace/events/ext4.h index 01e9e0076a92..6a1fcff95f7c 100644 --- a/include/trace/events/ext4.h +++ b/include/trace/events/ext4.h @@ -796,8 +796,9 @@ DECLARE_EVENT_CLASS(ext4__mballoc, ), TP_fast_assign( - __entry->dev = ac->ac_inode->i_sb->s_dev; - __entry->ino = ac->ac_inode->i_ino; + __entry->dev = ac->ac_sb->s_dev; + __entry->ino = ac->ac_inode ? + ac->ac_inode->i_ino : 0; __entry->result_logical = ac->ac_b_ex.fe_logical; __entry->result_start = ac->ac_b_ex.fe_start; __entry->result_group = ac->ac_b_ex.fe_group; -- cgit v1.2.2