[PATCH] f2fs: fix to cover io->bio with io_rwsem

From: Jaegeuk Kim
Date: Tue Apr 01 2014 - 23:43:55 EST


In the f2fs_wait_on_page_writeback, io->bio should be covered by io_rwsem.
Otherwise, the bio pointer can become a dangling pointer due to data races.

Signed-off-by: Jaegeuk Kim <jaegeuk.kim@xxxxxxxxxxx>
---
fs/f2fs/segment.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
index cb49e63..f799c6a 100644
--- a/fs/f2fs/segment.c
+++ b/fs/f2fs/segment.c
@@ -1049,15 +1049,14 @@ static inline bool is_merged_page(struct f2fs_sb_info *sbi,
{
enum page_type btype = PAGE_TYPE_OF_BIO(type);
struct f2fs_bio_info *io = &sbi->write_io[btype];
- struct bio *bio = io->bio;
struct bio_vec *bvec;
int i;

down_read(&io->io_rwsem);
- if (!bio)
+ if (!io->bio)
goto out;

- bio_for_each_segment_all(bvec, bio, i) {
+ bio_for_each_segment_all(bvec, io->bio, i) {
if (page == bvec->bv_page) {
up_read(&io->io_rwsem);
return true;
--
1.8.4.474.g128a96c

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/