If f2fs_evict_inode is called between freeze_super and thaw_super, the
s_writer rwsem count may become negative, resulting in hang.
CPU1 CPU2
f2fs_resize_fs() f2fs_evict_inode()
f2fs_freeze
set SBI_IS_FREEZING
skip sb_start_intwrite
f2fs_unfreeze
clear SBI_IS_FREEZING
sb_end_intwrite
To solve this problem, the call to sb_end_write is determined by whether
sb_start_intwrite is called, rather than the current freezing status.
Reviewed-by: Sungjong Seo <[email protected]>
Reviewed-by: Sunmin Jeong <[email protected]>
Signed-off-by: Yeongjin Gil <[email protected]>
---
fs/f2fs/inode.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
index c26effdce9aa..12b1fef31f43 100644
--- a/fs/f2fs/inode.c
+++ b/fs/f2fs/inode.c
@@ -804,6 +804,7 @@ void f2fs_evict_inode(struct inode *inode)
struct f2fs_inode_info *fi = F2FS_I(inode);
nid_t xnid = fi->i_xattr_nid;
int err = 0;
+ bool freeze_protected = false;
f2fs_abort_atomic_write(inode, true);
@@ -843,8 +844,10 @@ void f2fs_evict_inode(struct inode *inode)
f2fs_remove_ino_entry(sbi, inode->i_ino, UPDATE_INO);
f2fs_remove_ino_entry(sbi, inode->i_ino, FLUSH_INO);
- if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING))
+ if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING)) {
sb_start_intwrite(inode->i_sb);
+ freeze_protected = true;
+ }
set_inode_flag(inode, FI_NO_ALLOC);
i_size_write(inode, 0);
retry:
@@ -887,7 +890,7 @@ void f2fs_evict_inode(struct inode *inode)
if (dquot_initialize_needed(inode))
set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
}
- if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING))
+ if (freeze_protected)
sb_end_intwrite(inode->i_sb);
no_delete:
dquot_drop(inode);
--
2.40.1
On 2024/3/22 12:16, Yeongjin Gil wrote:
> If f2fs_evict_inode is called between freeze_super and thaw_super, the
> s_writer rwsem count may become negative, resulting in hang.
>
> CPU1 CPU2
>
> f2fs_resize_fs() f2fs_evict_inode()
> f2fs_freeze
> set SBI_IS_FREEZING
> skip sb_start_intwrite
> f2fs_unfreeze
> clear SBI_IS_FREEZING
> sb_end_intwrite
>
> To solve this problem, the call to sb_end_write is determined by whether
> sb_start_intwrite is called, rather than the current freezing status.
>
> Reviewed-by: Sungjong Seo <[email protected]>
> Reviewed-by: Sunmin Jeong <[email protected]>
> Signed-off-by: Yeongjin Gil <[email protected]>
Reviewed-by: Chao Yu <[email protected]>
Thanks,
Hello:
This patch was applied to jaegeuk/f2fs.git (dev)
by Jaegeuk Kim <[email protected]>:
On Fri, 22 Mar 2024 13:16:39 +0900 you wrote:
> If f2fs_evict_inode is called between freeze_super and thaw_super, the
> s_writer rwsem count may become negative, resulting in hang.
>
> CPU1 CPU2
>
> f2fs_resize_fs() f2fs_evict_inode()
> f2fs_freeze
> set SBI_IS_FREEZING
> skip sb_start_intwrite
> f2fs_unfreeze
> clear SBI_IS_FREEZING
> sb_end_intwrite
>
> [...]
Here is the summary with links:
- [f2fs-dev] f2fs: Prevent s_writer rw_sem count mismatch in f2fs_evict_inode
https://git.kernel.org/jaegeuk/f2fs/c/3127f1010c9b
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html