From 4fbfcaa8beb901050612bc35a0c8bbc1f3b58188 Mon Sep 17 00:00:00 2001 From: Filipe David Borba Manana Date: Wed, 26 Jun 2013 17:41:36 +0100 Subject: [PATCH] Btrfs-progs: fix closing of devices If a device could not be opened in volumes.c:read_one_dev(), a btrfs_device instance was allocated and added to the list of devices of the fs - however this device instance had its fd, name and label fields not initialized. This is problematic in disk-io.c:close_all_devices() as it tried to sync, fadvise and close the (invalid) fd of the device, and kfree() its name and label, which pointed to random memory locations. Thread 1 (Thread 0x7f0a3d2d1740 (LWP 23585)): #0 __GI___libc_free (mem=0xa5a5a5a5a5a5a5a5) at malloc.c:2970 #1 0x000000000042054b in close_all_devices (fs_info=0x1e92bf0) at disk-io.c:1276 #2 0x0000000000421dcd in close_ctree (root=) at disk-io.c:1336 #3 0x0000000000418cfa in cmd_check (argc=, argv=) at cmds-check.c:4171 #4 0x0000000000403ed4 in main (argc=2, argv=0x7fff9a583d28) at btrfs.c:295 v2: Added Liu Bo's review mention. Reviewed-by: Liu Bo Signed-off-by: Filipe David Borba Manana Signed-off-by: Chris Mason --- volumes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/volumes.c b/volumes.c index 437e219a..0ff22833 100644 --- a/volumes.c +++ b/volumes.c @@ -1631,10 +1631,10 @@ static int read_one_dev(struct btrfs_root *root, if (!device) { printk("warning devid %llu not found already\n", (unsigned long long)devid); - device = kmalloc(sizeof(*device), GFP_NOFS); + device = kzalloc(sizeof(*device), GFP_NOFS); if (!device) return -ENOMEM; - device->total_ios = 0; + device->fd = -1; list_add(&device->dev_list, &root->fs_info->fs_devices->devices); }