On 2026-03-02 8:03 a.m., lishixian wrote: > When rebuilding from source EROFS images, erofs_read_xattrs_from_disk() > is called for inodes that have xattr. At that point inode->sbi points to > the source image's sbi, which is opened read-only and never gets > erofs_xattr_init(), so sbi->xamgr is NULL. get_xattritem(sbi) then > dereferences xamgr and crashes with SIGSEGV. > > Fix by using the build target's xamgr when initializing src's sbi. > > Reported-by: Yixiao Chen <[email protected]> > Fixes: https://github.com/erofs/erofs-utils/issues/42 > Signed-off-by: lishixian <[email protected]> > Reviewed-by: Yifan Zhao <[email protected]> > --- > lib/rebuild.c | 1 + > mkfs/main.c | 1 + > 2 files changed, 2 insertions(+) > > diff --git a/lib/rebuild.c b/lib/rebuild.c > index f89a17c..f1e79c1 100644 > --- a/lib/rebuild.c > +++ b/lib/rebuild.c > @@ -437,6 +437,7 @@ int erofs_rebuild_load_tree(struct erofs_inode *root, > struct erofs_sb_info *sbi, > erofs_err("failed to read superblock of %s", fsid); > return ret; > } > + sbi->xamgr = g_sbi.xamgr; > > inode.nid = sbi->root_nid; > inode.sbi = sbi; > diff --git a/mkfs/main.c b/mkfs/main.c > index b84d1b4..cb0f0cc 100644 > --- a/mkfs/main.c > +++ b/mkfs/main.c > @@ -1011,6 +1011,7 @@ static void erofs_rebuild_cleanup(void) > > list_for_each_entry_safe(src, n, &rebuild_src_list, list) { > list_del(&src->list); > + src->xamgr = NULL; /* borrowed from g_sbi, do not free */ > erofs_put_super(src); > erofs_dev_close(src); > free(src);
I was similarly looking at this issue in my patchset so I can confirm it fixes the seg fault. Tested-by: Lucas Karpinski <[email protected]>
