From: Josef Bacik <josef@toxicpanda.com>
To: Nikolay Borisov <nborisov@suse.com>, linux-btrfs@vger.kernel.org
Cc: stable@vger.kernel.org
Subject: Re: [PATCH] btrfs: Fix race between extent freeing/allocation when using bitmaps
Date: Wed, 10 Feb 2021 10:17:38 -0500 [thread overview]
Message-ID: <3e2f0922-f492-0cc7-d76f-ed1dcaa86dfd@toxicpanda.com> (raw)
In-Reply-To: <20210208082652.2654024-1-nborisov@suse.com>
On 2/8/21 3:26 AM, Nikolay Borisov wrote:
> During allocation the allocator will try to allocate an extent using
> cluster policy. Once the current cluster is exhausted it will remove the
> its entry under btrfs_free_cluster::lock and subsequently acquire
> btrfs_free_space_ctl::tree_lock to dispose of the already-deleted
> entry and adjust btrfs_free_space_ctl::total_bitmap. This poses a
> problem because there exists a race condition between removing the
> entry under one lock and doing the necessary accounting holding a
> different lock since extent freeing only uses the 2nd lock. This can
> result in the following situation:
>
> T1: T2:
> btrfs_alloc_from_cluster insert_into_bitmap <holds tree_lock>
> if (entry->bytes == 0) if (block_group && !list_empty(&block_group->cluster_list)) {
> rb_erase(entry)
>
> spin_unlock(&cluster->lock);
> (total_bitmaps is still 4) spin_lock(&cluster->lock);
> <doesn't find entry in cluster->root>
> spin_lock(&ctl->tree_lock); <goes to new_bitmap label, adds
> <blocked since T2 holds tree_lock> <a new entry and calls add_new_bitmap>
> recalculate_thresholds <crashes,
> due to total_bitmaps
> becoming 5 and triggering
> an ASSERT>
>
> To fix this ensure that once depleted, the cluster entry is deleted when
> both cluster lock and tree locks are held in the allocator (T1), this
> ensures that even if there is a race with a concurrent
> insert_into_bitmap call it will correctly find the entry in the cluster
> and add the new space to it.
>
> Signed-off-by: Nikolay Borisov <nborisov@suse.com>
> Cc: <stable@vger.kernel.org>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Thanks,
Josef
next prev parent reply other threads:[~2021-02-10 15:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-08 8:26 [PATCH] btrfs: Fix race between extent freeing/allocation when using bitmaps Nikolay Borisov
2021-02-10 15:17 ` Josef Bacik [this message]
2021-02-10 22:26 ` David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3e2f0922-f492-0cc7-d76f-ed1dcaa86dfd@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=nborisov@suse.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).