Re: [PATCH] block/loop: Fix NULL pointer dereference in lo_rw_aio()

Next message: Maoyi Xie: "[PATCH net v3 2/2] ip6: vti: Use ip6_tnl.net in vti6_siocdevprivate()."
Previous message: Dominique Martinet: "Re: [PATCH] net/9p: fix infinite loop in p9_client_rpc on fatal signal"
In reply to: Ming Lei: "Re: [PATCH] block/loop: Fix NULL pointer dereference in lo_rw_aio()"
Next in thread: Hongling Zeng: "Re: [PATCH] block/loop: Fix NULL pointer dereference in lo_rw_aio()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tetsuo Handa

Date: Tue May 19 2026 - 08:42:15 EST

On 2026/05/19 20:28, Ming Lei wrote:
>> This means |__loop_clr_fd()|runs while I/O is still active.
>> Regression introduced by:
>> 6050fa4c84cc ("loop: don't hold lo_mutex during __loop_clr_fd()")
>
> Why do you conclude it is caused by above commit?

Some commit in the merge window for 7.1 broke the loop driver.
Even synchronize_rcu() + drain_workqueue(lo->workqueue) is not sufficient.
Please see a thread at https://lkml.kernel.org/r/d43125ff-cc66-49b7-b16d-1b2650c68c23@xxxxxxxxxxxxxxxxxxx .