Commit 75f82eaa authored by Yiwen Jiang's avatar Yiwen Jiang Committed by Linus Torvalds
Browse files

ocfs2: fix NULL pointer dereference when dismount and ocfs2rec simultaneously

2 nodes cluster, say Node A and Node B, mount the same ocfs2 volume, and
create a file 1.

Node A			Node B
open 1, get open lock
                        rm 1, and then add 1 to orphan_dir
storage link down,
                        at the moment, Node B dismount and do
			ocfs2rec simultaneously
                        1) ocfs2_dismount_volume
			2) ocfs2rec

In ocfs2_recovery_exit, it flushes workqueue and then releases system
inodes.  When doing ocfs2rec, it will call ocfs2_flush_truncate_log
which will try to get sys_root_inode, and NULL pointer dereference
Signed-off-by: default avatarYiwen Jiang <>
Signed-off-by: default avatarjoyce <>
Signed-off-by: default avatarJoseph Qi <>
Cc: Joel Becker <>
Cc: Mark Fasheh <>
Signed-off-by: default avatarAndrew Morton <>
Signed-off-by: default avatarLinus Torvalds <>
parent a2a3b398
......@@ -1945,11 +1945,15 @@ static void ocfs2_dismount_volume(struct super_block *sb, int mnt_err)
/* This will disable recovery and flush any recovery work. */
* During dismount, when it recovers another node it will call
* ocfs2_recover_orphans and queue delayed work osb_truncate_log_wq.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment