66af62ce75
There is an race condition between umounting f2fs and reading f2fs/status, which results in oops. Fox example: Thread A Thread B umount f2fs cat f2fs/status f2fs_destroy_stats() { stat_show() { list_for_each_entry_safe(&f2fs_stat_list) list_del(&si->stat_list); mutex_lock(&si->stat_lock); si->sbi = NULL; mutex_unlock(&si->stat_lock); kfree(sbi->stat_info); } mutex_lock(&si->stat_lock) <- si is gone. ... } Solution with a global lock: f2fs_stat_mutex: Thread A Thread B umount f2fs cat f2fs/status f2fs_destroy_stats() { stat_show() { mutex_lock(&f2fs_stat_mutex); list_del(&si->stat_list); mutex_unlock(&f2fs_stat_mutex); kfree(sbi->stat_info); mutex_lock(&f2fs_stat_mutex); } list_for_each_entry_safe(&f2fs_stat_list) ... mutex_unlock(&f2fs_stat_mutex); } Signed-off-by: Jianpeng Ma <majianpeng@gmail.com> [jaegeuk.kim@samsung.com: fix typos, description, and remove the existing lock] Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com> |
||
---|---|---|
.. | ||
acl.c | ||
acl.h | ||
checkpoint.c | ||
data.c | ||
debug.c | ||
dir.c | ||
f2fs.h | ||
file.c | ||
gc.c | ||
gc.h | ||
hash.c | ||
inode.c | ||
Kconfig | ||
Makefile | ||
namei.c | ||
node.c | ||
node.h | ||
recovery.c | ||
segment.c | ||
segment.h | ||
super.c | ||
xattr.c | ||
xattr.h |