Btrfs: fix NULL pointer crash of deleting a seed device

commit 29cc83f69c8338ff8fd1383c9be263d4bdf52d73 upstream.

Same as normal devices, seed devices should be initialized with
fs_info->dev_root as well, otherwise we'll get a NULL pointer crash.

Cc: Chris Murphy <lists@colorremedies.com>
Reported-by: Chris Murphy <lists@colorremedies.com>
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 57e7526..426968f 100644 (file)
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -6057,10 +6057,14 @@ void btrfs_init_devices_late(struct btrfs_fs_info *fs_info)
        struct btrfs_fs_devices *fs_devices = fs_info->fs_devices;
        struct btrfs_device *device;
 
-       mutex_lock(&fs_devices->device_list_mutex);
-       list_for_each_entry(device, &fs_devices->devices, dev_list)
-               device->dev_root = fs_info->dev_root;
-       mutex_unlock(&fs_devices->device_list_mutex);
+       while (fs_devices) {
+               mutex_lock(&fs_devices->device_list_mutex);
+               list_for_each_entry(device, &fs_devices->devices, dev_list)
+                       device->dev_root = fs_info->dev_root;
+               mutex_unlock(&fs_devices->device_list_mutex);
+
+               fs_devices = fs_devices->seed;
+       }
 }
 
 static void __btrfs_reset_dev_stats(struct btrfs_device *dev)