From 3c2dbee2991fcd183818dcfd0fbac49448bf1975 Mon Sep 17 00:00:00 2001 From: Qu Wenruo Date: Tue, 24 Mar 2020 18:53:12 +0800 Subject: [PATCH] btrfs-progs: check/original: Fix uninitialized memory for newly allocated data_backref [BUG] Valgrind reports the following error for fsck/002 (which only supports original mode): ==97088== Conditional jump or move depends on uninitialised value(s) ==97088== at 0x15BFF6: add_data_backref (main.c:4884) ==97088== by 0x16025C: run_next_block (main.c:6452) ==97088== by 0x165539: deal_root_from_list (main.c:8471) ==97088== by 0x166040: check_chunks_and_extents (main.c:8753) ==97088== by 0x166441: do_check_chunks_and_extents (main.c:8842) ==97088== by 0x169D13: cmd_check (main.c:10324) ==97088== by 0x11CDC6: cmd_execute (commands.h:125) ==97088== by 0x11D712: main (btrfs.c:386) [CAUSE] In alloc_data_backref(), only ref->node is set to 0. While ref->disk_bytenr is not initialized at all. And then in add_data_backref(), if @back is a newly allocated data backref, we use the garbage from back->disk_bytenr to determine if we should reset them. [FIX] Fix it by initialize the whole data_backref structure in alloc_data_backref(). Signed-off-by: Qu Wenruo Signed-off-by: David Sterba --- check/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check/main.c b/check/main.c index d8181249..37c5b35a 100644 --- a/check/main.c +++ b/check/main.c @@ -4516,7 +4516,7 @@ static struct data_backref *alloc_data_backref(struct extent_record *rec, if (!ref) return NULL; - memset(&ref->node, 0, sizeof(ref->node)); + memset(ref, 0, sizeof(*ref)); ref->node.is_data = 1; if (parent > 0) {