From 911f638bd6c547591e784fcec668fe9811916e21 Mon Sep 17 00:00:00 2001
From: Hongchao Zhang <hongchao@whamcloud.com>
Date: Mon, 28 Jun 2021 05:00:20 +0800
Subject: [PATCH] LU-14807 lfsck: fix race in lfsck_pos_fill

There is a race for lfsck->li_di_dir between lfsck_di_dir_put and
lfsck_pos_fill, which could cause lfsck_pos_fill to use freed
lfsck->li_di_dir (struct osd_it_ea) and trigger GPF.

Change-Id: Iedadf03ac15d128bb051aea8aafa24dbcd2704fb
Signed-off-by: Hongchao Zhang <hongchao@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/44130
Reviewed-by: Alex Zhuravlev <bzzz@whamcloud.com>
Reviewed-by: Lai Siyao <lai.siyao@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
---
 lustre/lfsck/lfsck_lib.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lustre/lfsck/lfsck_lib.c b/lustre/lfsck/lfsck_lib.c
index 891caba..437a881 100644
--- a/lustre/lfsck/lfsck_lib.c
+++ b/lustre/lfsck/lfsck_lib.c
@@ -1847,6 +1847,7 @@ void lfsck_pos_fill(const struct lu_env *env, struct lfsck_instance *lfsck,
 	if (unlikely(pos->lp_oit_cookie == 0))
 		pos->lp_oit_cookie = 1;
 
+	spin_lock(&lfsck->li_lock);
 	if (lfsck->li_di_dir != NULL) {
 		struct dt_object *dto = lfsck->li_obj_dir;
 
@@ -1863,6 +1864,7 @@ void lfsck_pos_fill(const struct lu_env *env, struct lfsck_instance *lfsck,
 		fid_zero(&pos->lp_dir_parent);
 		pos->lp_dir_cookie = 0;
 	}
+	spin_unlock(&lfsck->li_lock);
 }
 
 bool __lfsck_set_speed(struct lfsck_instance *lfsck, __u32 limit)
-- 
1.8.3.1