From: Zhang Yi <yi.zhang@huawei.com>

ext4_mb_avg_fragment_size_destroy() requires a valid sbi->s_sb,
mb_set_largest_free_order() requires the parameter bb_largest_free_order
to be initialized, and mb_update_avg_fragment_size() requires the
parameter bb_avg_fragment_size_order to be initialized. But the
test_new_blocks_simple kunit tests do not init these parameters, and
trigger the following crash issue.

 Pid: 20, comm: kunit_try_catch Tainted: G W N  6.16.0-rc4-ga8a47fa84cc2
 RIP: 0033:ext4_mb_release+0x1fc/0x400
 RSP: 00000000a0883ed0  EFLAGS: 00010202
 RAX: 0000000000000000 RBX: 0000000060a1e400 RCX: 0000000000000002
 RDX: 0000000060058fa0 RSI: 0000000000000002 RDI: 0000000000000001
 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000002
 R10: 00000000a0883e68 R11: 0000000060374bb0 R12: 000000006012eff0
 R13: 00000000603763e0 R14: 0000000060ad92d8 R15: 0000000060c051c0
 Kernel panic - not syncing: Segfault with no mm
 CPU: 0 UID: 0 PID: 20 Comm: kunit_try_catch Tainted: G W N 6.16.0-rc4-ga8a47fa84cc2 #47 NONE
 Tainted: [W]=WARN, [N]=TEST
 Stack:
  60134c30 400000004 60864000 6092a3c0
  00000001 a0803d40 a0803b28 6012eff0
  605990e8 60085be0 60864000 602167aa
 Call Trace:
  [<60134c30>] ? kmem_cache_free+0x0/0x3d0
  [<6012eff0>] ? kfree+0x0/0x290
  [<60085be0>] ? to_kthread+0x0/0x40
  [<602167aa>] ? mbt_kunit_exit+0x2a/0xe0
  [<60085be0>] ? to_kthread+0x0/0x40
  [<602acd50>] ? kunit_generic_run_threadfn_adapter+0x0/0x30
  [<60085be0>] ? to_kthread+0x0/0x40
  [<602aaa8a>] ? kunit_try_run_case_cleanup+0x2a/0x40
  [<602acd62>] ? kunit_generic_run_threadfn_adapter+0x12/0x30
  [<600862c1>] ? kthread+0xf1/0x250
  [<6004a521>] ? new_thread_handler+0x41/0x60

Fixes: bbe11dd13a3f ("ext4: fix largest free orders lists corruption on mb_optimize_scan switch")
Fixes: 458bfb991155 ("ext4: convert free groups order lists to xarrays")
Reported-by: Guenter Roeck <linux@roeck-us.net>
Closes: https://lore.kernel.org/linux-ext4/b0635ad0-7ebf-4152-a69b-58e7e87d5085@roeck-us.net/
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Zhang Yi <yi.zhang@huawei.com>
---
 fs/ext4/mballoc-test.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/fs/ext4/mballoc-test.c b/fs/ext4/mballoc-test.c
index d634c12f1984..a9416b20ff64 100644
--- a/fs/ext4/mballoc-test.c
+++ b/fs/ext4/mballoc-test.c
@@ -155,6 +155,7 @@ static struct super_block *mbt_ext4_alloc_super_block(void)
 	bgl_lock_init(sbi->s_blockgroup_lock);
 
 	sbi->s_es = &fsb->es;
+	sbi->s_sb = sb;
 	sb->s_fs_info = sbi;
 
 	up_write(&sb->s_umount);
@@ -802,6 +803,8 @@ static void test_mb_mark_used(struct kunit *test)
 	KUNIT_ASSERT_EQ(test, ret, 0);
 
 	grp->bb_free = EXT4_CLUSTERS_PER_GROUP(sb);
+	grp->bb_largest_free_order = -1;
+	grp->bb_avg_fragment_size_order = -1;
 	mbt_generate_test_ranges(sb, ranges, TEST_RANGE_COUNT);
 	for (i = 0; i < TEST_RANGE_COUNT; i++)
 		test_mb_mark_used_range(test, &e4b, ranges[i].start,
@@ -875,6 +878,8 @@ static void test_mb_free_blocks(struct kunit *test)
 	ext4_unlock_group(sb, TEST_GOAL_GROUP);
 
 	grp->bb_free = 0;
+	grp->bb_largest_free_order = -1;
+	grp->bb_avg_fragment_size_order = -1;
 	memset(bitmap, 0xff, sb->s_blocksize);
 
 	mbt_generate_test_ranges(sb, ranges, TEST_RANGE_COUNT);
-- 
2.46.1