This is a note to let you know that I've just added the patch titled async_xor: check src_offs is not NULL before updating it to the 5.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: async_xor-check-src_offs-is-not-null-before-updating-it.patch and it can be found in the queue-5.10 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 9be148e408df7d361ec5afd6299b7736ff3928b0 Mon Sep 17 00:00:00 2001 From: Xiao Ni <xni@xxxxxxxxxx> Date: Fri, 28 May 2021 14:16:38 +0800 Subject: async_xor: check src_offs is not NULL before updating it From: Xiao Ni <xni@xxxxxxxxxx> commit 9be148e408df7d361ec5afd6299b7736ff3928b0 upstream. When PAGE_SIZE is greater than 4kB, multiple stripes may share the same page. Thus, src_offs is added to async_xor_offs() with array of offsets. However, async_xor() passes NULL src_offs to async_xor_offs(). In such case, src_offs should not be updated. Add a check before the update. Fixes: ceaf2966ab08(async_xor: increase src_offs when dropping destination page) Cc: stable@xxxxxxxxxxxxxxx # v5.10+ Reported-by: Oleksandr Shchirskyi <oleksandr.shchirskyi@xxxxxxxxxxxxxxx> Tested-by: Oleksandr Shchirskyi <oleksandr.shchirskyi@xxxxxxxxx> Signed-off-by: Xiao Ni <xni@xxxxxxxxxx> Signed-off-by: Song Liu <song@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- crypto/async_tx/async_xor.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/crypto/async_tx/async_xor.c +++ b/crypto/async_tx/async_xor.c @@ -233,7 +233,8 @@ async_xor_offs(struct page *dest, unsign if (submit->flags & ASYNC_TX_XOR_DROP_DST) { src_cnt--; src_list++; - src_offs++; + if (src_offs) + src_offs++; } /* wait for any prerequisite operations */ Patches currently in stable-queue which might be from xni@xxxxxxxxxx are queue-5.10/async_xor-check-src_offs-is-not-null-before-updating-it.patch