From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Mike Galbraith <efault@gmx.de>,
Frederic Weisbecker <fweisbec@gmail.com>,
Mike Galbraith <mgalbraith@suse.de>, Jan Kara <jack@suse.cz>
Subject: [PATCH 4.7 27/45] reiserfs: Unlock superblock before calling reiserfs_quota_on_mount()
Date: Fri, 21 Oct 2016 11:17:47 +0200 [thread overview]
Message-ID: <20161021091428.706489836@linuxfoundation.org> (raw)
In-Reply-To: <20161021091427.214431885@linuxfoundation.org>
4.7-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mike Galbraith <efault@gmx.de>
commit 420902c9d086848a7548c83e0a49021514bd71b7 upstream.
If we hold the superblock lock while calling reiserfs_quota_on_mount(), we can
deadlock our own worker - mount blocks kworker/3:2, sleeps forever more.
crash> ps|grep UN
715 2 3 ffff880220734d30 UN 0.0 0 0 [kworker/3:2]
9369 9341 2 ffff88021ffb7560 UN 1.3 493404 123184 Xorg
9665 9664 3 ffff880225b92ab0 UN 0.0 47368 812 udisks-daemon
10635 10403 3 ffff880222f22c70 UN 0.0 14904 936 mount
crash> bt ffff880220734d30
PID: 715 TASK: ffff880220734d30 CPU: 3 COMMAND: "kworker/3:2"
#0 [ffff8802244c3c20] schedule at ffffffff8144584b
#1 [ffff8802244c3cc8] __rt_mutex_slowlock at ffffffff814472b3
#2 [ffff8802244c3d28] rt_mutex_slowlock at ffffffff814473f5
#3 [ffff8802244c3dc8] reiserfs_write_lock at ffffffffa05f28fd [reiserfs]
#4 [ffff8802244c3de8] flush_async_commits at ffffffffa05ec91d [reiserfs]
#5 [ffff8802244c3e08] process_one_work at ffffffff81073726
#6 [ffff8802244c3e68] worker_thread at ffffffff81073eba
#7 [ffff8802244c3ec8] kthread at ffffffff810782e0
#8 [ffff8802244c3f48] kernel_thread_helper at ffffffff81450064
crash> rd ffff8802244c3cc8 10
ffff8802244c3cc8: ffffffff814472b3 ffff880222f23250 .rD.....P2."....
ffff8802244c3cd8: 0000000000000000 0000000000000286 ................
ffff8802244c3ce8: ffff8802244c3d30 ffff880220734d80 0=L$.....Ms ....
ffff8802244c3cf8: ffff880222e8f628 0000000000000000 (.."............
ffff8802244c3d08: 0000000000000000 0000000000000002 ................
crash> struct rt_mutex ffff880222e8f628
struct rt_mutex {
wait_lock = {
raw_lock = {
slock = 65537
}
},
wait_list = {
node_list = {
next = 0xffff8802244c3d48,
prev = 0xffff8802244c3d48
}
},
owner = 0xffff880222f22c71,
save_state = 0
}
crash> bt 0xffff880222f22c70
PID: 10635 TASK: ffff880222f22c70 CPU: 3 COMMAND: "mount"
#0 [ffff8802216a9868] schedule at ffffffff8144584b
#1 [ffff8802216a9910] schedule_timeout at ffffffff81446865
#2 [ffff8802216a99a0] wait_for_common at ffffffff81445f74
#3 [ffff8802216a9a30] flush_work at ffffffff810712d3
#4 [ffff8802216a9ab0] schedule_on_each_cpu at ffffffff81074463
#5 [ffff8802216a9ae0] invalidate_bdev at ffffffff81178aba
#6 [ffff8802216a9af0] vfs_load_quota_inode at ffffffff811a3632
#7 [ffff8802216a9b50] dquot_quota_on_mount at ffffffff811a375c
#8 [ffff8802216a9b80] finish_unfinished at ffffffffa05dd8b0 [reiserfs]
#9 [ffff8802216a9cc0] reiserfs_fill_super at ffffffffa05de825 [reiserfs]
RIP: 00007f7b9303997a RSP: 00007ffff443c7a8 RFLAGS: 00010202
RAX: 00000000000000a5 RBX: ffffffff8144ef12 RCX: 00007f7b932e9ee0
RDX: 00007f7b93d9a400 RSI: 00007f7b93d9a3e0 RDI: 00007f7b93d9a3c0
RBP: 00007f7b93d9a2c0 R8: 00007f7b93d9a550 R9: 0000000000000001
R10: ffffffffc0ed040e R11: 0000000000000202 R12: 000000000000040e
R13: 0000000000000000 R14: 00000000c0ed040e R15: 00007ffff443ca20
ORIG_RAX: 00000000000000a5 CS: 0033 SS: 002b
Signed-off-by: Mike Galbraith <efault@gmx.de>
Acked-by: Frederic Weisbecker <fweisbec@gmail.com>
Acked-by: Mike Galbraith <mgalbraith@suse.de>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/reiserfs/super.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
--- a/fs/reiserfs/super.c
+++ b/fs/reiserfs/super.c
@@ -190,7 +190,15 @@ static int remove_save_link_only(struct
static int reiserfs_quota_on_mount(struct super_block *, int);
#endif
-/* look for uncompleted unlinks and truncates and complete them */
+/*
+ * Look for uncompleted unlinks and truncates and complete them
+ *
+ * Called with superblock write locked. If quotas are enabled, we have to
+ * release/retake lest we call dquot_quota_on_mount(), proceed to
+ * schedule_on_each_cpu() in invalidate_bdev() and deadlock waiting for the per
+ * cpu worklets to complete flush_async_commits() that in turn wait for the
+ * superblock write lock.
+ */
static int finish_unfinished(struct super_block *s)
{
INITIALIZE_PATH(path);
@@ -237,7 +245,9 @@ static int finish_unfinished(struct supe
quota_enabled[i] = 0;
continue;
}
+ reiserfs_write_unlock(s);
ret = reiserfs_quota_on_mount(s, i);
+ reiserfs_write_lock(s);
if (ret < 0)
reiserfs_warning(s, "reiserfs-2500",
"cannot turn on journaled "
next prev parent reply other threads:[~2016-10-21 9:19 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20161021092031uscas1p23c708f6b57321ddde439826eb68aa2f9@uscas1p2.samsung.com>
2016-10-21 9:17 ` [PATCH 4.7 00/45] 4.7.10-stable review Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 02/45] serial: 8250_dw: Check the data->pclk when get apb_pclk Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 03/45] serial: 8250_port: fix runtime PM use in __do_stop_tx_rs485() Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 04/45] ARCv2: intc: Use kflag if STATUS32.IE must be reset Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 05/45] ARCv2: fix local_save_flags Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 06/45] debugfs: introduce a public file_operations accessor Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 07/45] b43: fix debugfs crash Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 08/45] b43legacy: " Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 09/45] carl9170: fix debugfs crashes Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 12/45] btrfs: assign error values to the correct bio structs Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 13/45] mei: amthif: fix deadlock in initialization during a reset Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 14/45] drivers: base: dma-mapping: page align the size when unmap_kernel_range Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 15/45] IB/hfi1: Fix defered ack race with qp destroy Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 16/45] clk: mvebu: fix setting unwanted flags in CP110 gate clock Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 17/45] clk: mvebu: dynamically allocate resources in Armada CP110 system controller Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 18/45] fuse: listxattr: verify xattr list Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 20/45] fuse: fix killing s[ug]id in setattr Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 21/45] i40e: avoid NULL pointer dereference and recursive errors on early PCI error Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 22/45] xfs: change mailing list address Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 23/45] brcmfmac: fix pmksa->bssid usage Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 26/45] ASoC: Intel: Atom: add a missing star in a memcpy call Greg Kroah-Hartman
2016-10-21 9:17 ` Greg Kroah-Hartman [this message]
2016-10-21 9:17 ` [PATCH 4.7 28/45] async_pq_val: fix DMA memory leak Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 29/45] scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 30/45] scsi: arcmsr: Simplify user_len checking Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 31/45] scsi: ibmvfc: Fix I/O hang when port is not mapped Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 32/45] vfs,mm: fix a dead loop in truncate_inode_pages_range() Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 33/45] ext4: enforce online defrag restriction for encrypted files Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 34/45] ext4: reinforce check of i_dtime when clearing high fields of uid and gid Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 36/45] ext4: fix memory leak in ext4_insert_range() Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 37/45] ext4: allow DAX writeback for hole punch Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 38/45] ext4: release bh in make_indexed_dir Greg Kroah-Hartman
2016-10-21 9:17 ` [PATCH 4.7 39/45] ext4: unmap metadata when zeroing blocks Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 40/45] crypto: ghash-generic - move common definitions to a new header file Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 41/45] crypto: vmx - Fix memory corruption caused by p8_ghash Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 42/45] dlm: free workqueues after the connections Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 43/45] vfs: move permission checking into notify_change() for utimes(NULL) Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 44/45] cachefiles: Fix attempt to read i_blocks after deleting file [ver #2] Greg Kroah-Hartman
2016-10-21 9:18 ` [PATCH 4.7 45/45] cfq: fix starvation of asynchronous writes Greg Kroah-Hartman
2016-10-21 9:18 ` Greg Kroah-Hartman
2016-10-21 15:45 ` [PATCH 4.7 00/45] 4.7.10-stable review Shuah Khan
2016-10-21 19:17 ` Guenter Roeck
[not found] ` <580a133b.43921c0a.263d9.400c@mx.google.com>
[not found] ` <7hy41h1px6.fsf@baylibre.com>
2016-10-22 9:56 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161021091428.706489836@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=efault@gmx.de \
--cc=fweisbec@gmail.com \
--cc=jack@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mgalbraith@suse.de \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.