Details
-
Bug
-
Resolution: Fixed
-
Minor
-
Lustre 2.8.0
-
lustre-2.8.0-2.6.32_573.18.1.1chaos.ch5.4.x86_64_g0bbc784
TOSS 2.4-7 (based on RHEL 6.7)
-
3
-
9223372036854775807
Description
When a ZFS-backed target is mounted, and dmu_objset_own() fails, osd_mount() follows a goto err: and calls dmu_objset_disown(NULL). This triggers a kernel panic due to NULL pointer dereference.
dmu_objset_disown() should only be called if the dmu_objset_own() succeeded.
Call Trace: osd_mount+0x435/0x1130 [osd_zfs] ? keys_fill+0xd5/0x1b0 [obdclass] ? kmem_cache_alloc_trace+0x1cf/0x1e0 osd_device_alloc+0x266/0x290 [osd_zfs] obd_setup+0x1bf/0x290 [obdclass] class_setup+0x259/0x930 [obdclass] class_process_config+0x1151/0x24c0 [obdclass] ? do_lcfg+0x198/0x9f0 [obdclass] ? __kmalloc+0x22c/0x240 do_lcfg+0x2cf/0x9f0 [obdclass] lustre_start_simple+0x94/0x200 [obdclass] osd_start+0x54f/0x840 [obdclass] ? simple_strtoull+0x2c/0x50 ? simple_strtoul+0x9/0x10 ? target_name2index+0x78/0xc0 [obdclass] server_fill_super+0x253/0x1450 [obdclass] ? libcfs_debug_msg+0x41/0x50 [libcfs] lustre_fill_super+0x348/0x8c0 [obdclass] ? lustre_fill_super+0x0/0x8c0 [obdclass] get_sb_nodev+0x5f/0xa0 lustre_get_sb+0x25/0x30 [obdclass] vfs_kern_mount+0x7b/0x1b0 do_kern_mount+0x52/0x130 do_mount+0x2fb/0x930 sys_mount+0x90/0xe0 system_call_fastpath+0x16/0x1b
Attachments
Issue Links
- is duplicated by
-
-
- Resolved
-