* [PATCH 6.1.y] f2fs: avoid dead loop in f2fs_issue_checkpoint()
@ 2024-07-25 11:19 Sergio González Collado
2024-07-25 12:32 ` Greg KH
0 siblings, 1 reply; 2+ messages in thread
From: Sergio González Collado @ 2024-07-25 11:19 UTC (permalink / raw)
To: stable
Cc: linux-kernel-mentees, Chao Yu, Jaegeuk Kim,
Sergio González Collado, syzbot+d0ab8746c920a592aeab
From: Chao Yu <chao@kernel.org>
[ Upstream commit 5079e1c0c879311668b77075de3e701869804adf ]
generic/082 reports a bug as below:
__schedule+0x332/0xf60
schedule+0x6f/0xf0
schedule_timeout+0x23b/0x2a0
wait_for_completion+0x8f/0x140
f2fs_issue_checkpoint+0xfe/0x1b0
f2fs_sync_fs+0x9d/0xb0
sync_filesystem+0x87/0xb0
dquot_load_quota_sb+0x41b/0x460
dquot_load_quota_inode+0xa5/0x130
dquot_quota_on+0x4b/0x60
f2fs_quota_on+0xe3/0x1b0
do_quotactl+0x483/0x700
__x64_sys_quotactl+0x15c/0x310
do_syscall_64+0x3f/0x90
entry_SYSCALL_64_after_hwframe+0x72/0xdc
The root casue is race case as below:
Thread A Kworker IRQ
- write()
: write data to quota.user file
- writepages
- f2fs_submit_page_write
- __is_cp_guaranteed return false
- inc_page_count(F2FS_WB_DATA)
- submit_bio
- quotactl(Q_QUOTAON)
- f2fs_quota_on
- dquot_quota_on
- dquot_load_quota_inode
- vfs_setup_quota_inode
: inode->i_flags |= S_NOQUOTA
- f2fs_write_end_io
- __is_cp_guaranteed return true
- dec_page_count(F2FS_WB_CP_DATA)
- dquot_load_quota_sb
- f2fs_sync_fs
- f2fs_issue_checkpoint
- do_checkpoint
- f2fs_wait_on_all_pages(F2FS_WB_CP_DATA)
: loop due to F2FS_WB_CP_DATA count is negative
Calling filemap_fdatawrite() and filemap_fdatawait() to keep all data
clean before quota file setup.
Signed-off-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(cherry picked from commit 5079e1c0c879311668b77075de3e701869804adf)
Signed-off-by: Sergio González Collado <sergio.collado@gmail.com>
Reported-by: syzbot+d0ab8746c920a592aeab@syzkaller.appspotmail.com
---
fs/f2fs/super.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 6bd8c231069a..2d586a6bfe5f 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -2824,15 +2824,26 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
return -EBUSY;
}
+ if (path->dentry->d_sb != sb)
+ return -EXDEV;
+
err = f2fs_quota_sync(sb, type);
if (err)
return err;
- err = dquot_quota_on(sb, type, format_id, path);
+ inode = d_inode(path->dentry);
+
+ err = filemap_fdatawrite(inode->i_mapping);
if (err)
return err;
- inode = d_inode(path->dentry);
+ err = filemap_fdatawait(inode->i_mapping);
+ if (err)
+ return err;
+
+ err = dquot_quota_on(sb, type, format_id, path);
+ if (err)
+ return err;
inode_lock(inode);
F2FS_I(inode)->i_flags |= F2FS_NOATIME_FL | F2FS_IMMUTABLE_FL;
--
2.39.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 6.1.y] f2fs: avoid dead loop in f2fs_issue_checkpoint()
2024-07-25 11:19 [PATCH 6.1.y] f2fs: avoid dead loop in f2fs_issue_checkpoint() Sergio González Collado
@ 2024-07-25 12:32 ` Greg KH
0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2024-07-25 12:32 UTC (permalink / raw)
To: Sergio González Collado
Cc: stable, linux-kernel-mentees, Chao Yu, Jaegeuk Kim,
syzbot+d0ab8746c920a592aeab
On Thu, Jul 25, 2024 at 01:19:33PM +0200, Sergio González Collado wrote:
> From: Chao Yu <chao@kernel.org>
>
> [ Upstream commit 5079e1c0c879311668b77075de3e701869804adf ]
>
> generic/082 reports a bug as below:
>
> __schedule+0x332/0xf60
> schedule+0x6f/0xf0
> schedule_timeout+0x23b/0x2a0
> wait_for_completion+0x8f/0x140
> f2fs_issue_checkpoint+0xfe/0x1b0
> f2fs_sync_fs+0x9d/0xb0
> sync_filesystem+0x87/0xb0
> dquot_load_quota_sb+0x41b/0x460
> dquot_load_quota_inode+0xa5/0x130
> dquot_quota_on+0x4b/0x60
> f2fs_quota_on+0xe3/0x1b0
> do_quotactl+0x483/0x700
> __x64_sys_quotactl+0x15c/0x310
> do_syscall_64+0x3f/0x90
> entry_SYSCALL_64_after_hwframe+0x72/0xdc
>
> The root casue is race case as below:
>
> Thread A Kworker IRQ
> - write()
> : write data to quota.user file
>
> - writepages
> - f2fs_submit_page_write
> - __is_cp_guaranteed return false
> - inc_page_count(F2FS_WB_DATA)
> - submit_bio
> - quotactl(Q_QUOTAON)
> - f2fs_quota_on
> - dquot_quota_on
> - dquot_load_quota_inode
> - vfs_setup_quota_inode
> : inode->i_flags |= S_NOQUOTA
> - f2fs_write_end_io
> - __is_cp_guaranteed return true
> - dec_page_count(F2FS_WB_CP_DATA)
> - dquot_load_quota_sb
> - f2fs_sync_fs
> - f2fs_issue_checkpoint
> - do_checkpoint
> - f2fs_wait_on_all_pages(F2FS_WB_CP_DATA)
> : loop due to F2FS_WB_CP_DATA count is negative
>
> Calling filemap_fdatawrite() and filemap_fdatawait() to keep all data
> clean before quota file setup.
>
> Signed-off-by: Chao Yu <chao@kernel.org>
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> (cherry picked from commit 5079e1c0c879311668b77075de3e701869804adf)
> Signed-off-by: Sergio González Collado <sergio.collado@gmail.com>
> Reported-by: syzbot+d0ab8746c920a592aeab@syzkaller.appspotmail.com
> ---
> fs/f2fs/super.c | 15 +++++++++++++--
> 1 file changed, 13 insertions(+), 2 deletions(-)
Now queued up, thanks.
greg k-h
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-07-25 12:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-25 11:19 [PATCH 6.1.y] f2fs: avoid dead loop in f2fs_issue_checkpoint() Sergio González Collado
2024-07-25 12:32 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox