In free_extent_buffer_final() we access eb->tree->cache_size in
BUG_ON(). However eb->tree can be NULL if it's a cloned extent buffer.
Currently the cloned extent buffer is only used in backref.c,
paths_from_inode() function. Thankfully that function is not used yet
(but could be pretty useful to convert inode number to path, so I'd like
to keep such function).
Anyway, check eb->tree before accessing its member.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
struct extent_io_tree *tree = eb->tree;
BUG_ON(eb->refs);
- BUG_ON(tree->cache_size < eb->len);
+ BUG_ON(tree && tree->cache_size < eb->len);
list_del_init(&eb->lru);
if (!(eb->flags & EXTENT_BUFFER_DUMMY)) {
remove_cache_extent(&tree->cache, &eb->cache_node);