Re: [PATCH] erofs-utils: lib: fix xattr crash in rebuild path when source has xattr

Mon, 02 Mar 2026 07:44:59 -0800 



On 2026/3/2 23:39, Lucas Karpinski wrote:

On 2026-03-02 10:28 a.m., Gao Xiang wrote:

Hi Lucas,

On 2026/3/2 23:22, Lucas Karpinski wrote:

On 2026-03-02 8:03 a.m., lishixian wrote:

When rebuilding from source EROFS images, erofs_read_xattrs_from_disk()
is called for inodes that have xattr. At that point inode->sbi points to
the source image's sbi, which is opened read-only and never gets
erofs_xattr_init(), so sbi->xamgr is NULL. get_xattritem(sbi) then
dereferences xamgr and crashes with SIGSEGV.

Fix by using the build target's xamgr when initializing src's sbi.

Reported-by: Yixiao Chen <[email protected]>
Fixes: https://github.com/erofs/erofs-utils/issues/42
Signed-off-by: lishixian <[email protected]>
Reviewed-by: Yifan Zhao <[email protected]>
---
   lib/rebuild.c | 1 +
   mkfs/main.c   | 1 +
   2 files changed, 2 insertions(+)

diff --git a/lib/rebuild.c b/lib/rebuild.c
index f89a17c..f1e79c1 100644
--- a/lib/rebuild.c
+++ b/lib/rebuild.c
@@ -437,6 +437,7 @@ int erofs_rebuild_load_tree(struct erofs_inode
*root, struct erofs_sb_info *sbi,
           erofs_err("failed to read superblock of %s", fsid);
           return ret;
       }
+    sbi->xamgr = g_sbi.xamgr;
         inode.nid = sbi->root_nid;
       inode.sbi = sbi;
diff --git a/mkfs/main.c b/mkfs/main.c
index b84d1b4..cb0f0cc 100644
--- a/mkfs/main.c
+++ b/mkfs/main.c
@@ -1011,6 +1011,7 @@ static void erofs_rebuild_cleanup(void)
         list_for_each_entry_safe(src, n, &rebuild_src_list, list) {
           list_del(&src->list);
+        src->xamgr = NULL; /* borrowed from g_sbi, do not free */
           erofs_put_super(src);
           erofs_dev_close(src);
           free(src);


I was similarly looking at this issue in my patchset so I can confirm it
fixes the seg fault.

Tested-by: Lucas Karpinski <[email protected]>


Thanks for this, but as I said to lishixian we shouldn't use
global g_sbi in the liberofs anymore.

Could we try to assign sbi->xamgr in the caller instead?

And


in my patchset


Do you have more urgent fixes? I'm about to release
erofs-utils 1.9.1 since there are some urgent fixes
so fixes would be better to be sent out now.

Also I think we should have a basic testcase to cover
this, I will try to add one this week.

Thanks,
Gao Xiang


Sorry, responded at the same time and didn't get to see your message first.

The rest of my changes are for a new feature implementation, so nothing
urgent in that regard.


Okay, if you have any question about rebuilding feel
free to ask.

Sorry about that but my own TODO queue is full but I try to
answer any question if helps.

Thanks,
Gao Xiang























					Reply via email to