3.16.74-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Jiufei Xue <jiufei.xue@xxxxxxxxxxxxxxxxx> commit 742b06b5628f2cd23cb51a034cb54dc33c6162c5 upstream. We hit a BUG at fs/buffer.c:3057 if we detached the nbd device before unmounting ext4 filesystem. The typical chain of events leading to the BUG: jbd2_write_superblock submit_bh submit_bh_wbc BUG_ON(!buffer_mapped(bh)); The block device is removed and all the pages are invalidated. JBD2 was trying to write journal superblock to the block device which is no longer present. Fix this by checking the journal superblock's buffer head prior to submitting. Reported-by: Eric Ren <renzhen@xxxxxxxxxxxxxxxxx> Signed-off-by: Jiufei Xue <jiufei.xue@xxxxxxxxxxxxxxxxx> Signed-off-by: Theodore Ts'o <tytso@xxxxxxx> Reviewed-by: Jan Kara <jack@xxxxxxx> [bwh: Backported to 3.16: adjust context] Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx> --- fs/jbd2/journal.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/fs/jbd2/journal.c +++ b/fs/jbd2/journal.c @@ -1344,6 +1344,10 @@ static int jbd2_write_superblock(journal journal_superblock_t *sb = journal->j_superblock; int ret; + /* Buffer got discarded which means block device got invalidated */ + if (!buffer_mapped(bh)) + return -EIO; + trace_jbd2_write_superblock(journal, write_op); if (!(journal->j_flags & JBD2_BARRIER)) write_op &= ~(REQ_FUA | REQ_FLUSH);