summaryrefslogtreecommitdiff
path: root/fs/gfs2/log.c
diff options
context:
space:
mode:
authorAndreas Gruenbacher <agruenba@redhat.com>2024-03-11 15:51:59 +0100
committerAndreas Gruenbacher <agruenba@redhat.com>2024-04-09 18:35:57 +0200
commit35264909e9d1973ab9aaa2a1b07cda70f12bb828 (patch)
tree0b9c4378d590d4ba11cf3efb42d3f75676047b82 /fs/gfs2/log.c
parentb01189333ee91c1ae6cd96dfd1e3a3c2e69202f0 (diff)
gfs2: Fix NULL pointer dereference in gfs2_log_flush
In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush). Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Diffstat (limited to 'fs/gfs2/log.c')
-rw-r--r--fs/gfs2/log.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/gfs2/log.c b/fs/gfs2/log.c
index 8cddf955ebc0..a6dd68b458ce 100644
--- a/fs/gfs2/log.c
+++ b/fs/gfs2/log.c
@@ -1108,7 +1108,8 @@ repeat:
lops_before_commit(sdp, tr);
if (gfs2_withdrawing_or_withdrawn(sdp))
goto out_withdraw;
- gfs2_log_submit_bio(&sdp->sd_jdesc->jd_log_bio, REQ_OP_WRITE);
+ if (sdp->sd_jdesc)
+ gfs2_log_submit_bio(&sdp->sd_jdesc->jd_log_bio, REQ_OP_WRITE);
if (gfs2_withdrawing_or_withdrawn(sdp))
goto out_withdraw;