From: Wu Fengguang Date: Sun, 5 Feb 2012 02:54:03 +0000 (-0600) Subject: writeback: fix dereferencing NULL bdi->dev on trace_writeback_queue X-Git-Tag: v3.3-rc4~36^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=977b7e3a52a7421ad33a393a38ece59f3d41c2fa;p=platform%2Fkernel%2Flinux-exynos.git writeback: fix dereferencing NULL bdi->dev on trace_writeback_queue When a SD card is hot removed without umount, del_gendisk() will call bdi_unregister() without destroying/freeing it. This leaves the bdi in the bdi->dev = NULL, bdi->wb.task = NULL, bdi->bdi_list removed state. When sync(2) gets the bdi before bdi_unregister() and calls bdi_queue_work() after the unregister, trace_writeback_queue will be dereferencing the NULL bdi->dev. Fix it with a simple test for NULL. LKML-reference: http://lkml.org/lkml/2012/1/18/346 Cc: stable@kernel.org Reported-by: Rabin Vincent Tested-by: Namjae Jeon Signed-off-by: Wu Fengguang --- diff --git a/include/trace/events/writeback.h b/include/trace/events/writeback.h index 06d302e..5973410 100644 --- a/include/trace/events/writeback.h +++ b/include/trace/events/writeback.h @@ -47,7 +47,10 @@ DECLARE_EVENT_CLASS(writeback_work_class, __field(int, reason) ), TP_fast_assign( - strncpy(__entry->name, dev_name(bdi->dev), 32); + struct device *dev = bdi->dev; + if (!dev) + dev = default_backing_dev_info.dev; + strncpy(__entry->name, dev_name(dev), 32); __entry->nr_pages = work->nr_pages; __entry->sb_dev = work->sb ? work->sb->s_dev : 0; __entry->sync_mode = work->sync_mode;