From 73b460977eb8782a769ff81200a8b40cf1a3a91d Mon Sep 17 00:00:00 2001
From: Kent Overstreet <kent.overstreet@gmail.com>
Date: Wed, 22 Dec 2021 22:39:50 -0500
Subject: [PATCH] bcachefs: Fix a null ptr deref in bch2_inode_delete_keys()

Similarly to bch2_btree_delete_range_trans(), bch2_inode_delete_keys()
may sometimes split compressed extents, and needs to pass in a disk
reservation.

Signed-off-by: Kent Overstreet <kent.overstreet@gmail.com>
---
 fs/bcachefs/inode.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/fs/bcachefs/inode.c b/fs/bcachefs/inode.c
index d9ccc7c063ac4..104575734b96a 100644
--- a/fs/bcachefs/inode.c
+++ b/fs/bcachefs/inode.c
@@ -4,6 +4,7 @@
 #include "btree_key_cache.h"
 #include "bkey_methods.h"
 #include "btree_update.h"
+#include "buckets.h"
 #include "error.h"
 #include "extents.h"
 #include "extent_update.h"
@@ -588,6 +589,8 @@ static int bch2_inode_delete_keys(struct btree_trans *trans,
 	int ret = 0;
 
 	while (!ret || ret == -EINTR) {
+		struct disk_reservation disk_res =
+			bch2_disk_reservation_init(trans->c, 0);
 		struct btree_iter iter;
 		struct bkey_s_c k;
 		struct bkey_i delete;
@@ -630,8 +633,9 @@ static int bch2_inode_delete_keys(struct btree_trans *trans,
 		}
 
 		ret = bch2_trans_update(trans, &iter, &delete, 0) ?:
-		      bch2_trans_commit(trans, NULL, NULL,
+		      bch2_trans_commit(trans, &disk_res, NULL,
 					BTREE_INSERT_NOFAIL);
+		bch2_disk_reservation_put(trans->c, &disk_res);
 err:
 		offset = iter.pos.offset;
 		bch2_trans_iter_exit(trans, &iter);
-- 
2.47.2