* [CHECKER] possible reiserfs deadlock in 2.6.8.1
@ 2004-09-08 3:16 Dawson Engler
2004-09-08 3:36 ` viro
0 siblings, 1 reply; 4+ messages in thread
From: Dawson Engler @ 2004-09-08 3:16 UTC (permalink / raw)
To: linux-kernel; +Cc: developers
Hi All,
below is a possible deadlock in the linux-2.6.8.1 reiserfs code found by
a static deadlock checker I'm writing. Let me know if it looks valid
and/or whether the output is too cryptic. Note, one of the locks is
through a struct pointer, so the deadlock depends on both acquisitions
being to the same struct.
Thanks,
Dawson
ERROR:DEADLOCK: 2 thread cycle:
lock_kernel <<===>> *jl->struct reiserfs_journal_list->j_commit_lock
thread 1: lock_kernel ==>> *jl->struct reiserfs_journal_list->j_commit_lock
trace 1: ncalls=1, ncond=3
fs/reiserfs/journal.c:flush_async_commits
2933: static void flush_async_commits(void *p) {
2934: struct super_block *p_s_sb = p;
2935: struct reiserfs_journal_list *jl;
2936: struct list_head *entry;
2937:
===> 2938: lock_kernel();
2939: if (!list_empty(&SB_JOURNAL(p_s_sb)->j_journal_list)) {
2940: /* last entry is the youngest, commit it and you get everything */
2941: entry = SB_JOURNAL(p_s_sb)->j_journal_list.prev;
2942: jl = JOURNAL_LIST_ENTRY(entry);
===> 2943: flush_commit_list(p_s_sb, jl, 1);
fs/reiserfs/journal.c:flush_commit_list
906: */
907: static int flush_commit_list(struct super_block *s, struct reiserfs_journal_list *jl, int flushall) {
908: int i;
909: int bn ;
910: struct buffer_head *tbh = NULL ;
...
932: }
933: }
934:
935: /* make sure nobody is trying to flush this one at the same time */
===> 936: down(&jl->j_commit_lock);
trace 3: ncalls=2, ncond=4
fs/reiserfs/namei.c:reiserfs_create
587: struct nameidata *nd)
588: {
589: int retval;
590: struct inode * inode;
591: int jbegin_count = JOURNAL_PER_BALANCE_CNT * 2 ;
...
600: return retval;
601:
602: locked = reiserfs_cache_default_acl (dir);
603:
// [NOTE: this calls lock_kernel()!]
===> 604: reiserfs_write_lock(dir->i_sb);
...
618:
619: inode->i_op = &reiserfs_file_inode_operations;
620: inode->i_fop = &reiserfs_file_operations;
621: inode->i_mapping->a_ops = &reiserfs_address_space_operations ;
622:
...
624: inode, 1/*visible*/);
625: if (retval) {
626: inode->i_nlink--;
627: reiserfs_update_sd (&th, inode);
===> 628: journal_end(&th, dir->i_sb, jbegin_count) ;
fs/reiserfs/journal.c:journal_end
2799:
2800: int journal_end(struct reiserfs_transaction_handle *th, struct super_block *p_s_sb, unsigned long nblocks) {
2801: if (!current->journal_info && th->t_refcount > 1)
2802: reiserfs_warning (p_s_sb, "REISER-NESTING: th NULL, refcount %d",
2803: th->t_refcount);
...
2817: th->t_trans_id = 0;
2818: }
2819: return 0;
2820: } else {
===> 2821: return do_journal_end(th, p_s_sb, nblocks, 0) ;
fs/reiserfs/journal.c:do_journal_end
3313: static int do_journal_end(struct reiserfs_transaction_handle *th, struct super_block * p_s_sb, unsigned long nblocks,
3314: int flags) {
3315: struct reiserfs_journal_cnode *cn, *next, *jl_cn;
3316: struct reiserfs_journal_cnode *last_cn = NULL;
3317: struct reiserfs_journal_desc *desc ;
...
3403: * we want to make sure nobody tries to run flush_commit_list until
3404: * the new transaction is fully setup, and we've already flushed the
3405: * ordered bh list
3406: */
===> 3407: down(&jl->j_commit_lock);
-----------
thread 2: *jl->struct reiserfs_journal_list->j_commit_lock ==>> lock_kernel
trace 1: ncalls=0, ncond=0
fs/reiserfs/journal.c:do_journal_end
3313: static int do_journal_end(struct reiserfs_transaction_handle *th, struct super_block * p_s_sb, unsigned long nblocks,
3314: int flags) {
...
===> 3407: down(&jl->j_commit_lock);
...
3552: if (!list_empty(&jl->j_tail_bh_list)) {
3553: unlock_kernel();
3554: write_ordered_buffers(&SB_JOURNAL(p_s_sb)->j_dirty_buffers_lock,
3555: SB_JOURNAL(p_s_sb), jl, &jl->j_tail_bh_list);
===> 3556: lock_kernel();
-----------
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [CHECKER] possible reiserfs deadlock in 2.6.8.1
2004-09-08 3:16 [CHECKER] possible reiserfs deadlock in 2.6.8.1 Dawson Engler
@ 2004-09-08 3:36 ` viro
2004-09-08 5:10 ` Dawson Engler
0 siblings, 1 reply; 4+ messages in thread
From: viro @ 2004-09-08 3:36 UTC (permalink / raw)
To: Dawson Engler; +Cc: linux-kernel, developers
On Tue, Sep 07, 2004 at 08:16:53PM -0700, Dawson Engler wrote:
> Hi All,
>
> below is a possible deadlock in the linux-2.6.8.1 reiserfs code found by
> a static deadlock checker I'm writing. Let me know if it looks valid
> and/or whether the output is too cryptic. Note, one of the locks is
> through a struct pointer, so the deadlock depends on both acquisitions
> being to the same struct.
Not valid, for the same reason as the above. BKL and down() do not form
a mutual deadlock.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [CHECKER] possible reiserfs deadlock in 2.6.8.1
2004-09-08 3:36 ` viro
@ 2004-09-08 5:10 ` Dawson Engler
2004-09-12 18:37 ` Herbert Poetzl
0 siblings, 1 reply; 4+ messages in thread
From: Dawson Engler @ 2004-09-08 5:10 UTC (permalink / raw)
To: viro; +Cc: Dawson Engler, linux-kernel, developers
> On Tue, Sep 07, 2004 at 08:16:53PM -0700, Dawson Engler wrote:
> > Hi All,
> >
> > below is a possible deadlock in the linux-2.6.8.1 reiserfs code found by
> > a static deadlock checker I'm writing. Let me know if it looks valid
> > and/or whether the output is too cryptic. Note, one of the locks is
> > through a struct pointer, so the deadlock depends on both acquisitions
> > being to the same struct.
>
> Not valid, for the same reason as the above. BKL and down() do not form
> a mutual deadlock.
You know, I actually know this, and the tool "does" take care of this.
I think a bit mask got screwed up somewhere. Along with my brain...
Sorry about the noise.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [CHECKER] possible reiserfs deadlock in 2.6.8.1
2004-09-08 5:10 ` Dawson Engler
@ 2004-09-12 18:37 ` Herbert Poetzl
0 siblings, 0 replies; 4+ messages in thread
From: Herbert Poetzl @ 2004-09-12 18:37 UTC (permalink / raw)
To: Dawson Engler; +Cc: viro, Dawson Engler, linux-kernel, developers
On Tue, Sep 07, 2004 at 10:10:23PM -0700, Dawson Engler wrote:
> > On Tue, Sep 07, 2004 at 08:16:53PM -0700, Dawson Engler wrote:
> > > Hi All,
Hey Dawson!
> > > below is a possible deadlock in the linux-2.6.8.1 reiserfs code found by
> > > a static deadlock checker I'm writing. Let me know if it looks valid
is this tool somewhere available? via CVS or similar?
I would be interested in analyzing some kernel patches
with it. if it isn't available, maybe you could check
some patches with it, and send/publish the results?
TIA,
Herbert
> > > and/or whether the output is too cryptic. Note, one of the locks is
> > > through a struct pointer, so the deadlock depends on both acquisitions
> > > being to the same struct.
> >
> > Not valid, for the same reason as the above. BKL and down() do not form
> > a mutual deadlock.
>
> You know, I actually know this, and the tool "does" take care of this.
> I think a bit mask got screwed up somewhere. Along with my brain...
>
> Sorry about the noise.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-09-12 18:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-09-08 3:16 [CHECKER] possible reiserfs deadlock in 2.6.8.1 Dawson Engler
2004-09-08 3:36 ` viro
2004-09-08 5:10 ` Dawson Engler
2004-09-12 18:37 ` Herbert Poetzl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).