From: Sage Weil Date: Sat, 6 Nov 2010 19:41:16 +0000 (-0700) Subject: ceph: fix bad pointer dereference in ceph_fill_trace X-Git-Tag: firefly_0821_release~7613^2~3388^2~13 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=d8b16b3d1c9d8d9124d647d05797383d35e2d645;p=firefly-linux-kernel-4.4.55.git ceph: fix bad pointer dereference in ceph_fill_trace We dereference *in a few lines down, but only set it on rename. It is apparently pretty rare for this to trigger, but I have been hitting it with a clustered MDSs. Signed-off-by: Sage Weil --- diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index 1d6a45b5a04c..cd0432c03d2f 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -1055,7 +1055,8 @@ int ceph_fill_trace(struct super_block *sb, struct ceph_mds_request *req, ininfo = rinfo->targeti.in; vino.ino = le64_to_cpu(ininfo->ino); vino.snap = le64_to_cpu(ininfo->snapid); - if (!dn->d_inode) { + in = dn->d_inode; + if (!in) { in = ceph_get_inode(sb, vino); if (IS_ERR(in)) { pr_err("fill_trace bad get_inode "