• Thomas Gleixner's avatar
    [JFFS2] fix mount crash caused by removed nodes · 4c41bd0e
    Thomas Gleixner authored
    At scan time we observed following scenario:
    
       node A inserted
       node B inserted
       node C inserted -> sets overlapped flag on node B
    
       node A is removed due to CRC failure -> overlapped flag on node B remains
    
       while (tn->overlapped)
       	 tn = tn_prev(tn);
    
       ==> crash, when tn_prev(B) is referenced.
    
    When the ultimate node is removed at scan time and the overlapped flag
    is set on the penultimate node, then nothing updates the overlapped
    flag of that node. The overlapped iterators blindly expect that the
    ultimate node does not have the overlapped flag set, which causes the
    scan code to crash.
    
    It would be a huge overhead to go through the node chain on node
    removal and fix up the overlapped flags, so detecting such a case on
    the fly in the overlapped iterators is a simpler and reliable
    solution.
    
    Cc: stable@kernel.org
    Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
    4c41bd0e
readinode.c 43.3 KB