On Sat, Oct 26, 2024 at 06:26:58PM +0800, Gaosheng Cui wrote:
> The function ec_new_stripe_head_alloc() returns nullptr if kzalloc()
> fails. It is crucial to verify its return value before dereferencing
> it to avoid a potential nullptr dereference.
>
> Fixes: 035d72f72c91 ("bcachefs: bch2_ec_stripe_head_get() now checks for
> change in rw devices")
> Signed-off-by: Gaosheng Cui <[email protected]>
> ---
> fs/bcachefs/ec.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/bcachefs/ec.c b/fs/bcachefs/ec.c
> index 25d20f73df60..b24089733467 100644
> --- a/fs/bcachefs/ec.c
> +++ b/fs/bcachefs/ec.c
> @@ -1859,6 +1859,10 @@ __bch2_ec_stripe_head_get(struct btree_trans *trans,
> }
>
> h = ec_new_stripe_head_alloc(c, disk_label, algo, redundancy,
> watermark);
> + if (!h) {
> + h = ERR_PTR(-ENOMEM);
fyi: I'm changing this to -BCH_ERR_ENOMEM_stripe_head_alloc (and adding
that errcode to errcode.h).
It's unimportant in this case, as this is a small GFP_KERNEL allocation
and thus will never actually fail, but it's important in general as
using a dedicated error code means a better error message (that can be
traced to the exact line of code that generated it) - so we're slowly
killing off all uses of standard error codes and replacing them with
private ones.
> + goto err;
> + }
> found:
> if (h->rw_devs_change_count != c->rw_devs_change_count)
> ec_stripe_head_devs_update(c, h);
> --
> 2.25.1
>
