From: Anna Schumaker <Anna.Schumaker@xxxxxxxxxx>
Commit de144ff4234f changes _pnfs_return_layout() to call
pnfs_mark_matching_lsegs_return() passing NULL as the struct
pnfs_layout_range argument. Unfortunately,
pnfs_mark_matching_lsegs_return() doesn't check if we have a value here
before dereferencing it, causing an oops.
I'm able to hit this crash consistently when running connectathon basic
tests on NFS v4.1/v4.2 against Ontap.
Fixes: de144ff4234f ("NFSv4: Don't discard segments marked for return in _pnfs_return_layout()")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Anna Schumaker <Anna.Schumaker@xxxxxxxxxx>
---
fs/nfs/pnfs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
index 03e0b34c4a64..6d720afb7b70 100644
--- a/fs/nfs/pnfs.c
+++ b/fs/nfs/pnfs.c
@@ -2484,12 +2484,12 @@ pnfs_mark_matching_lsegs_return(struct pnfs_layout_hdr *lo,
set_bit(NFS_LSEG_LAYOUTRETURN, &lseg->pls_flags);
}
- if (remaining) {
+ if (remaining && return_range) {
pnfs_set_plh_return_info(lo, return_range->iomode, seq);
return -EBUSY;
}
- if (!list_empty(&lo->plh_return_segs)) {
+ if (return_range && !list_empty(&lo->plh_return_segs)) {
pnfs_set_plh_return_info(lo, return_range->iomode, seq);
return 0;
}
--
2.29.2
