From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nick Piggin Subject: Re: vfs-scale-working: NULL dereference in vfat_cmpi() Date: Sat, 4 Dec 2010 04:27:49 +1100 Message-ID: <20101203172749.GA11943@amd> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Nick Piggin , linux-fsdevel@vger.kernel.org To: sedat.dilek@gmail.com Return-path: Received: from ipmail06.adl6.internode.on.net ([150.101.137.145]:1684 "EHLO ipmail06.adl6.internode.on.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751588Ab0LCR14 (ORCPT ); Fri, 3 Dec 2010 12:27:56 -0500 Content-Disposition: inline In-Reply-To: Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Wed, Dec 01, 2010 at 05:32:39PM +0100, Sedat Dilek wrote: > Hi Nick, > > while playing with the vfs-scale-working I discovered besides the > problem in [1] also a NULL dereference in vfat_cmpi() (see attached > screenshot). > > This happened when I wanted to copy pics stored on a 256M SDcard > (plugged into a Transcend USB2-SDcard-adapter for faster reading data) > to my local harddisk. > > The system was frozen - again a brutal cold start. > > Hope this helps you finding the bug. Ah it does, thanks. It tried to dereference NULL inode from negative dentry. First line of vat_cmpi should be parent->d_sb rather than inode->i_sb. I think I'll want to tweak the d_compare API change not to pass the inode in, to avoid this possibility. Thanks, Nick