Syzbot reported a general protection fault in the function
blk_mq_clear_rq_mapping() in the file block/blk-mq.c.
The issue is that the variable drv_tags is NULL, and this
originates from the struct blk_mq_tag_set. The dashboard link for this
issue is :
syzkaller.appspot.com/bug?id=c3ce4caa4fc58c156d4903984131cdfa38eee354
This patch fixes the above bug, but there is another syzbot bug which is
related to this and getting triggered after the call to
blk_mq_clear_rq_mapping(). As a result, I cannot determine if the issue
is really solved. The link to other issue:
syzkaller.appspot.com/bug?id=7643cea70f1d0ce15f5f4bc39488918837ad4233
Please provide feedback/suggestions on the same.
Signed-off-by: Gautam Menghani <gautammenghani201@xxxxxxxxx>
---
block/blk-mq.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/block/blk-mq.c b/block/blk-mq.c
index 93d9d60980fb..c1dd1b78b95c 100644
--- a/block/blk-mq.c
+++ b/block/blk-mq.c
@@ -3092,7 +3092,8 @@ void blk_mq_free_rqs(struct blk_mq_tag_set *set, struct blk_mq_tags *tags,
}
}
- blk_mq_clear_rq_mapping(drv_tags, tags);
+ if (drv_tags)
+ blk_mq_clear_rq_mapping(drv_tags, tags);
while (!list_empty(&tags->page_list)) {
page = list_first_entry(&tags->page_list, struct page, lru);
--
2.34.1
