[PATCH] ocfs2: reject orphaned dinodes with non-zero link count

[PATCH] ocfs2: reject orphaned dinodes with non-zero link count

[Dmitry Antipov]

Since non-zero link count for an orphaned inode most likely
means that on-disk inode data is corrupted, reject such an
inodes in 'ocfs2_validate_inode_block()'.

Reported-by: syzbot+5bdd4953bc58c8fbd6eb@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=5bdd4953bc58c8fbd6eb
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
---
I'm quite sure about Closes: but was unable to test this using syzbot due to
"FATAL: kernel too old" issues (most likely caused by the kernel vs. glibc
mismatch) like https://syzkaller.appspot.com/x/log.txt?x=13f51bec580000.
---
 fs/ocfs2/inode.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/fs/ocfs2/inode.c b/fs/ocfs2/inode.c
index a510a0eb1adc..d483e0c61d12 100644
--- a/fs/ocfs2/inode.c
+++ b/fs/ocfs2/inode.c
@@ -1477,6 +1477,15 @@ int ocfs2_validate_inode_block(struct super_block *sb,
 		goto bail;
 	}
 
+	if ((le32_to_cpu(di->i_flags) & OCFS2_ORPHANED_FL) &&
+	    ocfs2_read_links_count(di)) {
+		rc = ocfs2_error(sb,
+				 "Invalid dinode #%llu: orphaned with %u links\n",
+				 (unsigned long long)bh->b_blocknr,
+				 ocfs2_read_links_count(di));
+		goto bail;
+	}
+
 	if (le32_to_cpu(di->i_fs_generation) !=
 	    OCFS2_SB(sb)->fs_generation) {
 		rc = ocfs2_error(sb,
-- 
2.54.0

Re: [PATCH] ocfs2: reject orphaned dinodes with non-zero link count

[Heming Zhao]

On Thu, Jun 04, 2026 at 02:59:19PM +0300, Dmitry Antipov wrote:
> Since non-zero link count for an orphaned inode most likely
> means that on-disk inode data is corrupted, reject such an
> inodes in 'ocfs2_validate_inode_block()'.

IIUC, If a file has hard links, its link count will be greater than 1. If the
file size is extended, this inode will be marked as orphaned, while the link
count remains the same as before.

Thanks,
Heming
> 
> Reported-by: syzbot+5bdd4953bc58c8fbd6eb@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=5bdd4953bc58c8fbd6eb
> Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
> ---
> I'm quite sure about Closes: but was unable to test this using syzbot due to
> "FATAL: kernel too old" issues (most likely caused by the kernel vs. glibc
> mismatch) like https://syzkaller.appspot.com/x/log.txt?x=13f51bec580000.
> ---
>  fs/ocfs2/inode.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/fs/ocfs2/inode.c b/fs/ocfs2/inode.c
> index a510a0eb1adc..d483e0c61d12 100644
> --- a/fs/ocfs2/inode.c
> +++ b/fs/ocfs2/inode.c
> @@ -1477,6 +1477,15 @@ int ocfs2_validate_inode_block(struct super_block *sb,
>  		goto bail;
>  	}
>  
> +	if ((le32_to_cpu(di->i_flags) & OCFS2_ORPHANED_FL) &&
> +	    ocfs2_read_links_count(di)) {
> +		rc = ocfs2_error(sb,
> +				 "Invalid dinode #%llu: orphaned with %u links\n",
> +				 (unsigned long long)bh->b_blocknr,
> +				 ocfs2_read_links_count(di));
> +		goto bail;
> +	}
> +
>  	if (le32_to_cpu(di->i_fs_generation) !=
>  	    OCFS2_SB(sb)->fs_generation) {
>  		rc = ocfs2_error(sb,
> -- 
> 2.54.0
> 
>