> -----Original Message-----
> From: Jaegeuk Kim [mailto:jaeg...@kernel.org]
> Sent: Tuesday, June 30, 2015 2:40 AM
> To: linux-kernel@vger.kernel.org; linux-fsde...@vger.kernel.org;
> linux-f2fs-de...@lists.sourceforge.net
> Cc: Jaegeuk Kim
> Subject: [f2fs-dev] [PATCH 08/12] f2fs: introduce a shrinker for mounted fs
>
> This patch introduces a shrinker targeting to reduce memory footprint consumed
> by a number of in-memory f2fs data structures.
>
> In addition, it newly adds:
> - sbi->umount_mutex to avoid data races on shrinker and put_super
> - sbi->shruinker_run_no to not revisit objects
>
> Noteh that the basic implementation was copied from fs/btrfs/shrinker.c
This file seems not exist...
> @@ -1310,6 +1328,7 @@ free_root_inode:
> dput(sb->s_root);
> sb->s_root = NULL;
> free_node_inode:
> + f2fs_leave_shrinker(sbi);
We should detach shrinker under sbi->umount_mutex.
Otherwise we will access freed memory in following call path:
mount shrinker
->fill_super
Failed after f2fs_join_shrinker
->f2fs_leave_shrinker
->f2fs_shrink_scan
spin_lock
get sbi pointer
spin_unlock
spin_lock
list_del sbi->s_list
spin_unlock
free sbi
use-after-free for sbi
Thanks,
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
