Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp4912116pxb;
        Mon, 15 Feb 2021 04:48:06 -0800 (PST)
X-Google-Smtp-Source: ABdhPJyFhBWnB/jx/zJc237vaGzdLdz3EWGMZ9fDpwe8TYpjMzH1I+E+m8NF1Bfy9wP+2RG4/r/3
X-Received: by 2002:a17:906:8287:: with SMTP id h7mr7824748ejx.222.1613393285975;
        Mon, 15 Feb 2021 04:48:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1613393285; cv=none;
        d=google.com; s=arc-20160816;
        b=YbCm0yFMt18ksFpL4sTmZtBMMMgwppRmXmWpT8wzNsWJ2TbRApCDsPRN0wZ4aP+FIT
         2so2JdYDyBCMTiYlJiHWEu4SB8k3l9fhMt8OfTQud3YG6gbtsPWK8y7y3LnRY42XbGxs
         LnVHujS2/s94K3LUMztynwuf6cNvg1ZXwHmn4rfqbFcV+6ldLyeNQ0QcyE8TaF9s6JOh
         xfCUs4ZIGLuJDgApvo/OVAqcsLOt9m/vgGXsh2eolX/MV6b1JgbVDaF03gFAzylX/qon
         E8v+vSYaWtdqhSyyxh2DVsW6oRI/XP0+mFre3UllAhiCHpEz8h09Rnu5TwCgpkMB/hIu
         j6ow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=yYr4B1rfjrLJWUDJfjtwp7LbK3xz77UqN3cgfdJMw4Q=;
        b=BDx53aA01qm6NadkLASM9GRaLQ+mYfst16JYoZiBaJEGvtvTQq+WqqwD3lyAKX0dvc
         zrPKMmZKjgUfFMp4EuJDNLc4PboxU6mddG55hrp1hTg3ER+lvhpC4PN+fQtQmXhyqOgv
         dDJrx/ZgdgT6oynm+uVANZwEZGgUE84/tknpPI6kBdAkrlXTWnIxN+zDM8BAUDYazWZW
         GyZzhOC6xKYVuvD6THU6MChc1CMkvsN8LLcMlIBc8rytZipsjUJJ1cvMA7DV9D9hRona
         HIHi+ARhoEYBYaSSWdwLvpmbpDEo4lVOGkMy5xK0SinxTOXrwo7QA67WbbpXziTOZ0WI
         couQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id n25si11654154eja.737.2021.02.15.04.47.43;
        Mon, 15 Feb 2021 04:48:05 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230388AbhBOMqR (ORCPT <rfc822;lowstz@gmail.com> + 99 others);
        Mon, 15 Feb 2021 07:46:17 -0500
Received: from mx2.suse.de ([195.135.220.15]:41286 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230145AbhBOMqC (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 15 Feb 2021 07:46:02 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
        by mx2.suse.de (Postfix) with ESMTP id 7449CAC32;
        Mon, 15 Feb 2021 12:45:20 +0000 (UTC)
Received: by quack2.suse.cz (Postfix, from userid 1000)
        id ECF951E6305; Mon, 15 Feb 2021 13:45:19 +0100 (CET)
Date:   Mon, 15 Feb 2021 13:45:19 +0100
From:   Jan Kara <jack@suse.cz>
To:     Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc:     Jan Kara <jack@suse.cz>, jack@suse.com, linux-ext4@vger.kernel.org,
        linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com,
        tytso@mit.edu, mhocko@suse.cz, linux-mm@kvack.org,
        syzbot <syzbot+bfdded10ab7dcd7507ae@syzkaller.appspotmail.com>
Subject: Re: possible deadlock in start_this_handle (2)
Message-ID: <20210215124519.GA22417@quack2.suse.cz>
References: <000000000000563a0205bafb7970@google.com>
 <20210211104947.GL19070@quack2.suse.cz>
 <bf1088e3-b051-6361-57dd-6b836b1c3b46@i-love.sakura.ne.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <bf1088e3-b051-6361-57dd-6b836b1c3b46@i-love.sakura.ne.jp>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat 13-02-21 23:26:37, Tetsuo Handa wrote:
> On 2021/02/11 19:49, Jan Kara wrote:
> > This stacktrace should never happen. ext4_xattr_set() starts a transaction.
> > That internally goes through start_this_handle() which calls:
> > 
> > 	handle->saved_alloc_context = memalloc_nofs_save();
> > 
> > and we restore the allocation context only in stop_this_handle() when
> > stopping the handle. And with this fs_reclaim_acquire() should remove
> > __GFP_FS from the mask and not call __fs_reclaim_acquire().
> 
> Excuse me, but it seems to me that nothing prevents
> ext4_xattr_set_handle() from reaching ext4_xattr_inode_lookup_create()
> without memalloc_nofs_save() when hitting ext4_get_nojournal() path.
> Will you explain when ext4_get_nojournal() path is executed?

That's a good question but sadly I don't think that's it.
ext4_get_nojournal() is called when the filesystem is created without a
journal. In that case we also don't acquire jbd2_handle lockdep map. In the
syzbot report we can see:

kswapd0/2246 is trying to acquire lock:
ffff888041a988e0 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xf81/0x1380 fs/jbd2/transaction.c:444

but task is already holding lock:
ffffffff8be892c0 (fs_reclaim){+.+.}-{0:0}, at: __fs_reclaim_acquire+0x0/0x30 mm/page_alloc.c:5195

So this filesystem has very clearly been created with a journal. Also the
journal lockdep tracking machinery uses:

rwsem_acquire_read(&journal->j_trans_commit_map, 0, 0, _THIS_IP_);

so a lockdep key is per-filesystem. Thus it is not possible that lockdep
would combine lock dependencies from two different filesystems.

But I guess we could narrow the search for this problem by adding WARN_ONs
to ext4_xattr_set_handle() and ext4_xattr_inode_lookup_create() like:

WARN_ON(ext4_handle_valid(handle) && !(current->flags & PF_MEMALLOC_NOFS));

It would narrow down a place in which PF_MEMALLOC_NOFS flag isn't set
properly... At least that seems like the most plausible way forward to me.

								Honza

> 
> ext4_xattr_set() {
>   handle = ext4_journal_start(inode, EXT4_HT_XATTR, credits) == __ext4_journal_start() {
>       return __ext4_journal_start_sb() {
>         journal = EXT4_SB(sb)->s_journal;
>         if (!journal || (EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY))
>           return ext4_get_nojournal(); // Never calls memalloc_nofs_save() despite returning !IS_ERR() value.
>         return jbd2__journal_start(journal, blocks, rsv_blocks, revoke_creds, GFP_NOFS, type, line); // Calls memalloc_nofs_save() when start_this_handle() returns 0.
>       }
>     }
>   }
>   error = ext4_xattr_set_handle(handle, inode, name_index, name, value, value_len, flags); {
>     ext4_write_lock_xattr(inode, &no_expand); // Grabs &ei->xattr_sem
>     error = ext4_xattr_ibody_set(handle, inode, &i, &is) {
>       error = ext4_xattr_set_entry(i, s, handle, inode, false /* is_block */) {
>         ret = ext4_xattr_inode_lookup_create(handle, inode, i->value, i->value_len, &new_ea_inode); // Using GFP_KERNEL based on assumption that ext4_journal_start() called memalloc_nofs_save().
>       }
>     }
>   }
> }
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR