Re: [syzbot] [gfs2?] general protection fault in gfs2_remove_from_journal (2)

Next message: Christoph Hellwig: "Re: [PATCH] block: update docs for bio and bvec_iter"
Previous message: Thomas Wei&#xDF;schuh: "[PATCH] alpha: add missing address argument in call to page_table_check_pte_clear()"
Next in thread: syzbot: "Re: [syzbot] [gfs2?] general protection fault in gfs2_remove_from_journal (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Qing Wang

Date: Fri Feb 13 2026 - 02:41:49 EST

#syz test

diff --git a/fs/gfs2/meta_io.c b/fs/gfs2/meta_io.c
index e4356198d8d8..8c3d0a83cb98 100644
--- a/fs/gfs2/meta_io.c
+++ b/fs/gfs2/meta_io.c
@@ -346,16 +346,16 @@ void gfs2_remove_from_journal(struct buffer_head *bh, int meta)
struct gfs2_trans *tr = current->journal_info;
int was_pinned = 0;

- if (test_clear_buffer_pinned(bh)) {
- trace_gfs2_pin(bd, 0);
- atomic_dec(&sdp->sd_log_pinned);
- list_del_init(&bd->bd_list);
- if (meta == REMOVE_META)
- tr->tr_num_buf_rm++;
- else
- tr->tr_num_databuf_rm++;
- set_bit(TR_TOUCHED, &tr->tr_flags);
- was_pinned = 1;
+ if (test_clear_buffer_pinned(bh) && bd) {
+ trace_gfs2_pin(bd, 0);
+ atomic_dec(&sdp->sd_log_pinned);
+ list_del_init(&bd->bd_list);
+ if (meta == REMOVE_META)
+ tr->tr_num_buf_rm++;
+ else
+ tr->tr_num_databuf_rm++;
+ set_bit(TR_TOUCHED, &tr->tr_flags);
+ was_pinned = 1;
brelse(bh);
}
if (bd) {