Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753188AbcCNRnj (ORCPT ); Mon, 14 Mar 2016 13:43:39 -0400 Received: from mail-wm0-f68.google.com ([74.125.82.68]:33663 "EHLO mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751943AbcCNRng (ORCPT ); Mon, 14 Mar 2016 13:43:36 -0400 Date: Mon, 14 Mar 2016 18:42:58 +0100 From: Rabin Vincent To: Jan Kara Cc: Rabin Vincent , viro@zeniv.linux.org.uk, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, axboe@kernel.dk, hch@lst.de Subject: Re: [PATCH] block: protect iterate_bdevs() against concurrent close Message-ID: <20160314174258.GA16571@debian> References: <1457612763-23196-1-git-send-email-rabin.vincent@axis.com> <20160310173727.GA19795@quack.suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160310173727.GA19795@quack.suse.cz> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 758 Lines: 16 (fixed Jens' address) On Thu, Mar 10, 2016 at 06:37:27PM +0100, Jan Kara wrote: > On Thu 10-03-16 13:26:03, Rabin Vincent wrote: > > If a block device is closed while iterate_bdevs() is handling it, the > > following NULL pointer dereference occurs because bdev->b_disk is NULL > > in bdev_get_queue(), which is called from blk_get_backing_dev_info() (in > > turn called by the mapping_cap_writeback_dirty() call in > > __filemap_fdatawrite_range()): > > Thanks for spotting the problem. The patch will fix the problem you > found. But what prevents e.g. flusher thread from trying to writeback > the block device inode while that gets invalidated at the same moment? Don't the sync_block_dev() / bdev_write_inode() calls in __blkdev_put() prevent this?