From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ipmail03.adl2.internode.on.net ([150.101.137.141]:3932 "EHLO ipmail03.adl2.internode.on.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752961AbeFGFXs (ORCPT ); Thu, 7 Jun 2018 01:23:48 -0400 Received: from discord.disaster.area ([192.168.1.111]) by dastard with esmtp (Exim 4.80) (envelope-from ) id 1fQnMd-0004sY-4c for linux-xfs@vger.kernel.org; Thu, 07 Jun 2018 15:21:35 +1000 Received: from dave by discord.disaster.area with local (Exim 4.91) (envelope-from ) id 1fQnMd-0001fL-3M for linux-xfs@vger.kernel.org; Thu, 07 Jun 2018 15:21:35 +1000 From: Dave Chinner Subject: [PATCH 2/2] xfs: xfs_reflink_convert_cow() memory allocation deadlock Date: Thu, 7 Jun 2018 15:21:32 +1000 Message-Id: <20180607052132.6207-3-david@fromorbit.com> In-Reply-To: <20180607052132.6207-1-david@fromorbit.com> References: <20180607052132.6207-1-david@fromorbit.com> Sender: linux-xfs-owner@vger.kernel.org List-ID: List-Id: xfs To: linux-xfs@vger.kernel.org From: Dave Chinner xfs_reflink_convert_cow() manipulates the incore extent list in GFP_KERNEL context in the IO submission path whilst holding locked pages under writeback. This is a memory reclaim deadlock vector. This code is not in a transaction, so any memory allocations it makes aren't protected via the memalloc_nofs_save() context that transactions carry. Hence we need to run this call under memalloc_nofs_save() context to prevent potential memory allocations from being run as GFP_KERNEL and deadlocking. Signed-Off-By: Dave Chinner --- fs/xfs/xfs_aops.c | 11 +++++++++++ fs/xfs/xfs_buf.c | 1 - fs/xfs/xfs_linux.h | 1 + 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/fs/xfs/xfs_aops.c b/fs/xfs/xfs_aops.c index 767d53222f31..1eb625fdcb1e 100644 --- a/fs/xfs/xfs_aops.c +++ b/fs/xfs/xfs_aops.c @@ -531,8 +531,19 @@ xfs_submit_ioend( { /* Convert CoW extents to regular */ if (!status && ioend->io_type == XFS_IO_COW) { + /* + * Yuk. This can do memory allocation, but is not a + * transactional operation so everything is done in GFP_KERNEL + * context. That can deadlock, because we hold pages in + * writeback state and GFP_KERNEL allocations can block on them. + * Hence we must operate in nofs conditions here. + */ + unsigned nofs_flag; + + nofs_flag = memalloc_nofs_save(); status = xfs_reflink_convert_cow(XFS_I(ioend->io_inode), ioend->io_offset, ioend->io_size); + memalloc_nofs_restore(nofs_flag); } /* Reserve log space if we might write beyond the on-disk inode size. */ diff --git a/fs/xfs/xfs_buf.c b/fs/xfs/xfs_buf.c index 980bc48979e9..e9c058e3761c 100644 --- a/fs/xfs/xfs_buf.c +++ b/fs/xfs/xfs_buf.c @@ -21,7 +21,6 @@ #include #include #include -#include #include "xfs_format.h" #include "xfs_log_format.h" diff --git a/fs/xfs/xfs_linux.h b/fs/xfs/xfs_linux.h index ae1e66fa3f61..1631cf4546f2 100644 --- a/fs/xfs/xfs_linux.h +++ b/fs/xfs/xfs_linux.h @@ -26,6 +26,7 @@ typedef __u32 xfs_nlink_t; #include #include +#include #include #include #include -- 2.17.0