Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp697229pxb; Tue, 5 Apr 2022 19:12:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyvv8iLibQtQT3TGEuQXiPCfdqWMOor3dcQ41+VmRynhiI9+WwmPyIgS6YhxeOYU+3oJmOX X-Received: by 2002:a17:907:da0:b0:6df:d4a4:9d0f with SMTP id go32-20020a1709070da000b006dfd4a49d0fmr6425041ejc.407.1649211126580; Tue, 05 Apr 2022 19:12:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649211126; cv=none; d=google.com; s=arc-20160816; b=UM/tc7V1Z0diUDsTvdn8uEjP2beWdlnn693OPh3XvWrbHoG2X+45xVDxuzycx8FIva TgKBkwfeCQkvCcLl2G7AfUJO6VeWzlCBLtzSXe1qb3bfBZobA9Fg3Si39i5+n28u2E5p LqqZ2NCrbVYvXAnOBYz7RIW5JsbFpPCP5lkyy8cjg2MyAuJsnV9qzyS4SQoBFDC00HiB 0+X/hz5es7LnreivexHS2LtuGboKBxjMRRBhpFUsZ1GhdDInpp2zz91kZkBbsDDzjiKz aDH1PwPA9cIGwIAkL4gm5XXGMIeUpjiZbUYjb/JRqvJvOtCDxeebsAHw1vNyCS+a/Dvo U7sQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=swHCvxKXuMoF68o4KTmqm4Szi7JCWUhCEIOk2Hep/ng=; b=xE7rF7ivpVHMI/HMQF81tr+E7/o9r0/QzrpjvwekoI44xB8H42In66CRLFD2qlRV2P ZC8b1QAj/fObWHuvMYmrCOOy11P+DUnsAARaai22Y7H8/JiT3200O2LipL1tcepX000H U7b9D2txeNif3f3mO2VDPqtbi7zihejZ5+ch0H+XMg7uDUf81y4UCnB8kL/RrrtMn8Xn TvQRhkdLg1oCePvRTc3z/JSthysjDZLL6M76wGrg5D3GBgw8/Gv+QSY+2OMKaoHl7ErN YAwWBca5EyltllXlXYjSJ5XhDziSOKDfThl1urkm2qq90Iv5KpmZLzb4dZ2CbghVdI2q A/hQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=eDuzgrhl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q15-20020a056402518f00b00418c2b5bdd1si11056168edd.179.2022.04.05.19.11.40; Tue, 05 Apr 2022 19:12:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=eDuzgrhl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232991AbiDEH4k (ORCPT + 99 others); Tue, 5 Apr 2022 03:56:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48248 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233597AbiDEHsH (ORCPT ); Tue, 5 Apr 2022 03:48:07 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 24FEA2AC; Tue, 5 Apr 2022 00:46:09 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id B42EB616BF; Tue, 5 Apr 2022 07:46:08 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C4F7EC340EE; Tue, 5 Apr 2022 07:46:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1649144768; bh=FUcnqxzjXH5u3vbw4nDqrygn9TouK/7YERh2EEo0v3w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eDuzgrhlNeklkZzJdNsL+RRPXrVCFmpVD0vpiONQz65KGU2gLUyV+TA3KITRTq4Kh v8pMdfoojP1gJg+Yd47V5tRaKNkTKgO/ytcSYoEfff5a3cer1HK0+P2lERJ3BegWWk 3u4EBi7GEeL/bQL4uTQeheynNLpWYoxxws106m3E= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Mingzhe Zou , Coly Li Subject: [PATCH 5.17 0164/1126] bcache: fixup multiple threads crash Date: Tue, 5 Apr 2022 09:15:11 +0200 Message-Id: <20220405070412.409301981@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220405070407.513532867@linuxfoundation.org> References: <20220405070407.513532867@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mingzhe Zou commit 887554ab96588de2917b6c8c73e552da082e5368 upstream. When multiple threads to check btree nodes in parallel, the main thread wait for all threads to stop or CACHE_SET_IO_DISABLE flag: wait_event_interruptible(check_state->wait, atomic_read(&check_state->started) == 0 || test_bit(CACHE_SET_IO_DISABLE, &c->flags)); However, the bch_btree_node_read and bch_btree_node_read_done maybe call bch_cache_set_error, then the CACHE_SET_IO_DISABLE will be set. If the flag already set, the main thread return error. At the same time, maybe some threads still running and read NULL pointer, the kernel will crash. This patch change the event wait condition, the main thread must wait for all threads to stop. Fixes: 8e7102273f597 ("bcache: make bch_btree_check() to be multithreaded") Signed-off-by: Mingzhe Zou Cc: stable@vger.kernel.org # v5.7+ Signed-off-by: Coly Li Signed-off-by: Greg Kroah-Hartman --- drivers/md/bcache/btree.c | 6 ++++-- drivers/md/bcache/writeback.c | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) --- a/drivers/md/bcache/btree.c +++ b/drivers/md/bcache/btree.c @@ -2060,9 +2060,11 @@ int bch_btree_check(struct cache_set *c) } } + /* + * Must wait for all threads to stop. + */ wait_event_interruptible(check_state->wait, - atomic_read(&check_state->started) == 0 || - test_bit(CACHE_SET_IO_DISABLE, &c->flags)); + atomic_read(&check_state->started) == 0); for (i = 0; i < check_state->total_threads; i++) { if (check_state->infos[i].result) { --- a/drivers/md/bcache/writeback.c +++ b/drivers/md/bcache/writeback.c @@ -998,9 +998,11 @@ void bch_sectors_dirty_init(struct bcach } } + /* + * Must wait for all threads to stop. + */ wait_event_interruptible(state->wait, - atomic_read(&state->started) == 0 || - test_bit(CACHE_SET_IO_DISABLE, &c->flags)); + atomic_read(&state->started) == 0); out: kfree(state);