evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs
History
Jiufei Xue 9ff6372e5a fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount 
commit ec084de929e419e51bcdafaafe567d9e7d0273b7 upstream.

synchronize_rcu() didn't wait for call_rcu() callbacks, so inode wb
switch may not go to the workqueue after synchronize_rcu().  Thus
previous scheduled switches was not finished even flushing the
workqueue, which will cause a NULL pointer dereferenced followed below.

  VFS: Busy inodes after unmount of vdd. Self-destruct in 5 seconds.  Have a nice day...
  BUG: unable to handle kernel NULL pointer dereference at 0000000000000278
    evict+0xb3/0x180
    iput+0x1b0/0x230
    inode_switch_wbs_work_fn+0x3c0/0x6a0
    worker_thread+0x4e/0x490
    ? process_one_work+0x410/0x410
    kthread+0xe6/0x100
    ret_from_fork+0x39/0x50

Replace the synchronize_rcu() call with a rcu_barrier() to wait for all
pending callbacks to finish.  And inc isw_nr_in_flight after call_rcu()
in inode_switch_wbs() to make more sense.

Link: http://lkml.kernel.org/r/20190429024108.54150-1-jiufei.xue@linux.alibaba.com
Signed-off-by: Jiufei Xue <jiufei.xue@linux.alibaba.com>
Acked-by: Tejun Heo <tj@kernel.org>
Suggested-by: Tejun Heo <tj@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-11 12:23:41 +02:00
..
9p 9p locks: add mount option for lock retry interval 2019-04-27 09:33:58 +02:00
adfs
affs
afs
autofs4 autofs: fix error return in autofs_fill_super() 2019-03-23 08:44:27 +01:00
befs
bfs
btrfs Btrfs: do not start a transaction at iterate_extent_inodes() 2019-06-11 12:23:38 +02:00
cachefiles
ceph ceph: fix use-after-free on symlink traversal 2019-05-16 19:44:59 +02:00
cifs cifs: do not attempt cifs operation on smb2+ rename error 2019-05-16 19:44:43 +02:00
coda
configfs
cramfs
debugfs debugfs: fix use-after-free on symlink traversal 2019-05-16 19:45:01 +02:00
devpts
dlm dlm: Don't swamp the CPU with callbacks queued during recovery 2019-02-20 10:13:04 +01:00
ecryptfs
efivarfs
efs
exofs
exportfs
ext2 ext2: Fix underflow in ext2_max_size() 2019-03-23 08:44:36 +01:00
ext4 ext4: fix ext4_show_options for file systems w/o journal 2019-06-11 12:23:38 +02:00
f2fs f2fs: fix to do sanity check with current segment number 2019-04-27 09:33:58 +02:00
fat
freevxfs
fscache
fuse fuse: handle zero sized retrieve correctly 2019-02-20 10:13:16 +01:00
gfs2
hfs
hfsplus
hostfs
hpfs
hugetlbfs hugetlbfs: fix memory leak for resv_map 2019-05-16 19:45:02 +02:00
isofs
jbd2 jbd2: fix compile warning when using JBUFFER_TRACE 2019-03-23 08:44:37 +01:00
jffs2 jffs2: fix use-after-free on symlink traversal 2019-05-16 19:45:01 +02:00
jfs
kernfs
lockd
logfs
minix
ncpfs ncpfs: fix build warning of strncpy 2019-03-23 08:44:21 +01:00
nfs NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. 2019-05-16 19:44:51 +02:00
nfs_common
nfsd nfsd: Don't release the callback slot unless it was actually held 2019-05-16 19:44:44 +02:00
nilfs2
nls
notify
ntfs
ocfs2 ocfs2: fix ocfs2 read inode data panic in ocfs2_iget 2019-06-11 12:23:37 +02:00
omfs
openpromfs
overlayfs ovl: fix uid/gid when creating over whiteout 2019-04-27 09:33:59 +02:00
proc fs/proc/proc_sysctl.c: Fix a NULL pointer dereference 2019-05-16 19:44:51 +02:00
pstore
qnx4
qnx6
quota
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
tracefs
ubifs
udf udf: Fix crash on IO error during truncate 2019-04-03 06:23:14 +02:00
ufs
xfs
aio.c
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf.c binfmt_elf: switch to new creds when switching to new mm 2019-04-27 09:33:53 +02:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c Revert "exec: load_script: don't blindly truncate shebang string" 2019-02-20 10:13:20 +01:00
block_dev.c
buffer.c fs: fix guard_bio_eod to check for real EOD errors 2019-04-27 09:33:49 +02:00
char_dev.c
compat.c
compat_binfmt_elf.c
compat_ioctl.c
coredump.c
dax.c
dcache.c Hang/soft lockup in d_invalidate with simultaneous calls 2019-04-03 06:23:19 +02:00
dcookies.c
direct-io.c
drop_caches.c fs/drop_caches.c: avoid softlockups in drop_pagecache_sb() 2019-03-23 08:44:26 +01:00
eventfd.c
eventpoll.c fs/epoll: drop ovflist branch prediction 2019-02-20 10:13:14 +01:00
exec.c
fcntl.c
fhandle.c
file.c fs/file.c: initialize init_files.resize_wait 2019-04-27 09:33:49 +02:00
file_table.c
filesystems.c
fs-writeback.c fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount 2019-06-11 12:23:41 +02:00
fs_pin.c
fs_struct.c
inode.c writeback: initialize inode members that track writeback history 2019-04-03 06:23:21 +02:00
internal.h
ioctl.c
Kconfig
Kconfig.binfmt
libfs.c
locks.c
Makefile
mbcache.c
mount.h
mpage.c
namei.c
namespace.c
no-block.c
nsfs.c
open.c
pipe.c
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
select.c
seq_file.c
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c
sync.c
timerfd.c
userfaultfd.c
utimes.c
xattr.c