From 663acd56b4405e8ea348c5a62c2b5573d8da69e6 Mon Sep 17 00:00:00 2001
From: Ajeet Yadav <ajeet.yadav.77@gmail.com>
Date: Tue, 1 Feb 2011 14:28:40 -0700
Subject: [PATCH] xfs_repair: fix pagefault due to unhandled NULL check in
 da_read_buf()

xfs_repair does not correctly handle bplist[i] for error situations in
function da_read_buf(). If libxfs_readbuf() fails then bplist[i] = NULL,
but error handing code calls libxfs_putbuf(bdlist[i]) for all indexes of i
without first checking whether its NULL. This result in pagefault in
libpthread library during pthread_mutex_unlock().
This problem is identified when we remove the storage while xfs_repair
is running on it.

Signed-off-by: Ajeet Yadav <ajeet.yadav.77@gmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 repair/dir2.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/repair/dir2.c b/repair/dir2.c
index d0739fd40..55fe8ecfa 100644
--- a/repair/dir2.c
+++ b/repair/dir2.c
@@ -110,8 +110,10 @@ da_read_buf(
 		bplist[i] = libxfs_readbuf(mp->m_dev,
 				XFS_FSB_TO_DADDR(mp, bmp[i].startblock),
 				XFS_FSB_TO_BB(mp, bmp[i].blockcount), 0);
-		if (!bplist[i])
+		if (!bplist[i]) {
+			nex = i;
 			goto failed;
+		}
 
 		pftrace("readbuf %p (%llu, %d)", bplist[i],
 			(long long)XFS_BUF_ADDR(bplist[i]),
-- 
2.47.2