From: Dave Chinner <david@fromorbit.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-fsdevel@vger.kernel.org, linux-xfs@vger.kernel.org,
linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org,
syzkaller-bugs@googlegroups.com
Subject: Re: [PATCH] fs/direct-io.c: avoid workqueue allocation race
Date: Mon, 9 Mar 2020 10:12:53 +1100 [thread overview]
Message-ID: <20200308231253.GN10776@dread.disaster.area> (raw)
In-Reply-To: <20200308055221.1088089-1-ebiggers@kernel.org>
On Sat, Mar 07, 2020 at 09:52:21PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> When a thread loses the workqueue allocation race in
> sb_init_dio_done_wq(), lockdep reports that the call to
> destroy_workqueue() can deadlock waiting for work to complete. This is
> a false positive since the workqueue is empty. But we shouldn't simply
> skip the lockdep check for empty workqueues for everyone.
Why not? If the wq is empty, it can't deadlock, so this is a problem
with the workqueue lockdep annotations, not a problem with code that
is destroying an empty workqueue.
> Just avoid this issue by using a mutex to serialize the workqueue
> allocation. We still keep the preliminary check for ->s_dio_done_wq, so
> this doesn't affect direct I/O performance.
>
> Also fix the preliminary check for ->s_dio_done_wq to use READ_ONCE(),
> since it's a data race. (That part wasn't actually found by syzbot yet,
> but it could be detected by KCSAN in the future.)
>
> Note: the lockdep false positive could alternatively be fixed by
> introducing a new function like "destroy_unused_workqueue()" to the
> workqueue API as previously suggested. But I think it makes sense to
> avoid the double allocation anyway.
Fix the infrastructure, don't work around it be placing constraints
on how the callers can use the infrastructure to work around
problems internal to the infrastructure.
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
next prev parent reply other threads:[~2020-03-08 23:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-16 14:25 possible deadlock in __generic_file_fsync syzbot
2018-10-19 2:10 ` syzbot
2018-10-20 16:13 ` syzbot
2019-03-22 21:28 ` syzbot
2019-03-23 7:16 ` Dmitry Vyukov
2019-03-23 13:56 ` Theodore Ts'o
2019-03-26 10:32 ` Dmitry Vyukov
2020-03-08 5:52 ` [PATCH] fs/direct-io.c: avoid workqueue allocation race Eric Biggers
2020-03-08 23:12 ` Dave Chinner [this message]
2020-03-09 1:24 ` Eric Biggers
2020-03-10 16:27 ` Darrick J. Wong
2020-03-10 22:22 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200308231253.GN10776@dread.disaster.area \
--to=david@fromorbit.com \
--cc=ebiggers@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).