From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.3 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BB17C4743E for ; Tue, 8 Jun 2021 08:43:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 779736127A for ; Tue, 8 Jun 2021 08:43:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231239AbhFHIpn (ORCPT ); Tue, 8 Jun 2021 04:45:43 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:50342 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230280AbhFHIpm (ORCPT ); Tue, 8 Jun 2021 04:45:42 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id DCEF11FD2A; Tue, 8 Jun 2021 08:43:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1623141828; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=iISBLZW6vnOrxf1PW5nBJaiWFRRWjobdH4Xa3xTC/lU=; b=njPEmPPpqnXg+tK+t2CDK3LGjIjtcmBh4GjeomQYXxUy4wdWJIv5Qfh3tYvVx3Ji5/9kO1 QyjjZEfBuDOcJoAU1stmecuDDIuh4TJjuDElafj2O8/cIeoJSYIjozJzVJ9hj7ekFDz1VO EJ39+iqOxFuiRomisRKW5s6b6jEbKjY= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1623141828; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=iISBLZW6vnOrxf1PW5nBJaiWFRRWjobdH4Xa3xTC/lU=; b=WZxVu+knMuzzI4pcbDtECurFxUjtzwLXtn+LHGOZ/eE7TJvRoflemPzoPTgweVLDUQPNMX Inv4z139hONYZOCQ== Received: from quack2.suse.cz (unknown [10.100.200.198]) by relay2.suse.de (Postfix) with ESMTP id BC035A3B87; Tue, 8 Jun 2021 08:43:48 +0000 (UTC) Received: by quack2.suse.cz (Postfix, from userid 1000) id 83E781F2C94; Tue, 8 Jun 2021 10:43:48 +0200 (CEST) Date: Tue, 8 Jun 2021 10:43:48 +0200 From: Jan Kara To: Roman Gushchin Cc: Jan Kara , Tejun Heo , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Viro , Dennis Zhou , Dave Chinner , cgroups@vger.kernel.org Subject: Re: [PATCH v8 2/8] writeback, cgroup: add smp_mb() to cgroup_writeback_umount() Message-ID: <20210608084348.GA5562@quack2.suse.cz> References: <20210608013123.1088882-1-guro@fb.com> <20210608013123.1088882-3-guro@fb.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210608013123.1088882-3-guro@fb.com> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon 07-06-21 18:31:17, Roman Gushchin wrote: > A full memory barrier is required between clearing SB_ACTIVE flag > in generic_shutdown_super() and checking isw_nr_in_flight in > cgroup_writeback_umount(), otherwise a new switch operation might > be scheduled after atomic_read(&isw_nr_in_flight) returned 0. > This would result in a non-flushed isw_wq, and a potential crash. > > The problem hasn't yet been seen in the real life and was discovered > by Jan Kara by looking into the code. > > Suggested-by: Jan Kara > Signed-off-by: Roman Gushchin Looks good. Feel free to add: Reviewed-by: Jan Kara Honza > --- > fs/fs-writeback.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c > index bd99890599e0..3564efcc4b78 100644 > --- a/fs/fs-writeback.c > +++ b/fs/fs-writeback.c > @@ -1000,6 +1000,12 @@ int cgroup_writeback_by_id(u64 bdi_id, int memcg_id, unsigned long nr, > */ > void cgroup_writeback_umount(void) > { > + /* > + * SB_ACTIVE should be reliably cleared before checking > + * isw_nr_in_flight, see generic_shutdown_super(). > + */ > + smp_mb(); > + > if (atomic_read(&isw_nr_in_flight)) { > /* > * Use rcu_barrier() to wait for all pending callbacks to > -- > 2.31.1 > -- Jan Kara SUSE Labs, CR