From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, John Hubbard <jhubbard@nvidia.com>,
Trond Myklebust <trond.myklebust@hammerspace.com>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.9 17/83] NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
Date: Wed, 4 Sep 2019 19:53:09 +0200 [thread overview]
Message-ID: <20190904175305.430416704@linuxfoundation.org> (raw)
In-Reply-To: <20190904175303.488266791@linuxfoundation.org>
[ Upstream commit c77e22834ae9a11891cb613bd9a551be1b94f2bc ]
John Hubbard reports seeing the following stack trace:
nfs4_do_reclaim
rcu_read_lock /* we are now in_atomic() and must not sleep */
nfs4_purge_state_owners
nfs4_free_state_owner
nfs4_destroy_seqid_counter
rpc_destroy_wait_queue
cancel_delayed_work_sync
__cancel_work_timer
__flush_work
start_flush_work
might_sleep:
(kernel/workqueue.c:2975: BUG)
The solution is to separate out the freeing of the state owners
from nfs4_purge_state_owners(), and perform that outside the atomic
context.
Reported-by: John Hubbard <jhubbard@nvidia.com>
Fixes: 0aaaf5c424c7f ("NFS: Cache state owners after files are closed")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/nfs/nfs4_fs.h | 3 ++-
fs/nfs/nfs4client.c | 5 ++++-
fs/nfs/nfs4state.c | 27 ++++++++++++++++++++++-----
3 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h
index 1452177c822db..c719389381dc4 100644
--- a/fs/nfs/nfs4_fs.h
+++ b/fs/nfs/nfs4_fs.h
@@ -434,7 +434,8 @@ static inline void nfs4_schedule_session_recovery(struct nfs4_session *session,
extern struct nfs4_state_owner *nfs4_get_state_owner(struct nfs_server *, struct rpc_cred *, gfp_t);
extern void nfs4_put_state_owner(struct nfs4_state_owner *);
-extern void nfs4_purge_state_owners(struct nfs_server *);
+extern void nfs4_purge_state_owners(struct nfs_server *, struct list_head *);
+extern void nfs4_free_state_owners(struct list_head *head);
extern struct nfs4_state * nfs4_get_open_state(struct inode *, struct nfs4_state_owner *);
extern void nfs4_put_open_state(struct nfs4_state *);
extern void nfs4_close_state(struct nfs4_state *, fmode_t);
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
index 43f42cc30a606..1ec6dd4f3e2e4 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -781,9 +781,12 @@ found:
static void nfs4_destroy_server(struct nfs_server *server)
{
+ LIST_HEAD(freeme);
+
nfs_server_return_all_delegations(server);
unset_pnfs_layoutdriver(server);
- nfs4_purge_state_owners(server);
+ nfs4_purge_state_owners(server, &freeme);
+ nfs4_free_state_owners(&freeme);
}
/*
diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index 6f474b0670323..4e63daeef6339 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c
@@ -611,24 +611,39 @@ void nfs4_put_state_owner(struct nfs4_state_owner *sp)
/**
* nfs4_purge_state_owners - Release all cached state owners
* @server: nfs_server with cached state owners to release
+ * @head: resulting list of state owners
*
* Called at umount time. Remaining state owners will be on
* the LRU with ref count of zero.
+ * Note that the state owners are not freed, but are added
+ * to the list @head, which can later be used as an argument
+ * to nfs4_free_state_owners.
*/
-void nfs4_purge_state_owners(struct nfs_server *server)
+void nfs4_purge_state_owners(struct nfs_server *server, struct list_head *head)
{
struct nfs_client *clp = server->nfs_client;
struct nfs4_state_owner *sp, *tmp;
- LIST_HEAD(doomed);
spin_lock(&clp->cl_lock);
list_for_each_entry_safe(sp, tmp, &server->state_owners_lru, so_lru) {
- list_move(&sp->so_lru, &doomed);
+ list_move(&sp->so_lru, head);
nfs4_remove_state_owner_locked(sp);
}
spin_unlock(&clp->cl_lock);
+}
- list_for_each_entry_safe(sp, tmp, &doomed, so_lru) {
+/**
+ * nfs4_purge_state_owners - Release all cached state owners
+ * @head: resulting list of state owners
+ *
+ * Frees a list of state owners that was generated by
+ * nfs4_purge_state_owners
+ */
+void nfs4_free_state_owners(struct list_head *head)
+{
+ struct nfs4_state_owner *sp, *tmp;
+
+ list_for_each_entry_safe(sp, tmp, head, so_lru) {
list_del(&sp->so_lru);
nfs4_free_state_owner(sp);
}
@@ -1764,12 +1779,13 @@ static int nfs4_do_reclaim(struct nfs_client *clp, const struct nfs4_state_recov
struct nfs4_state_owner *sp;
struct nfs_server *server;
struct rb_node *pos;
+ LIST_HEAD(freeme);
int status = 0;
restart:
rcu_read_lock();
list_for_each_entry_rcu(server, &clp->cl_superblocks, client_link) {
- nfs4_purge_state_owners(server);
+ nfs4_purge_state_owners(server, &freeme);
spin_lock(&clp->cl_lock);
for (pos = rb_first(&server->state_owners);
pos != NULL;
@@ -1798,6 +1814,7 @@ restart:
spin_unlock(&clp->cl_lock);
}
rcu_read_unlock();
+ nfs4_free_state_owners(&freeme);
return 0;
}
--
2.20.1
next prev parent reply other threads:[~2019-09-04 17:59 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-04 17:52 [PATCH 4.9 00/83] 4.9.191-stable review Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 01/83] HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 02/83] MIPS: kernel: only use i8253 clocksource with periodic clockevent Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 03/83] netfilter: ebtables: fix a memory leak bug in compat Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 04/83] ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 05/83] bonding: Force slave speed check after link state recovery for 802.3ad Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 06/83] can: dev: call netif_carrier_off() in register_candev() Greg Kroah-Hartman
2019-09-04 17:52 ` [PATCH 4.9 07/83] ASoC: Fail card instantiation if DAI format setup fails Greg Kroah-Hartman
2019-09-04 18:10 ` Mark Brown
2019-09-04 18:35 ` Greg Kroah-Hartman
2019-09-04 19:05 ` Mark Brown
2019-09-05 18:56 ` Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 08/83] st21nfca_connectivity_event_received: null check the allocation Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 09/83] st_nci_hci_connectivity_event_received: " Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 10/83] ASoC: ti: davinci-mcasp: Correct slot_width posed constraint Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 11/83] net: usb: qmi_wwan: Add the BroadMobi BM818 card Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 12/83] isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain() Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 13/83] isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 14/83] perf bench numa: Fix cpu0 binding Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 15/83] can: sja1000: force the string buffer NULL-terminated Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 16/83] can: peak_usb: " Greg Kroah-Hartman
2019-09-04 17:53 ` Greg Kroah-Hartman [this message]
2019-09-04 17:53 ` [PATCH 4.9 18/83] HID: input: fix a4tech horizontal wheel custom usage Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 19/83] net: cxgb3_main: Fix a resource leak in a error path in init_one() Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 20/83] net: hisilicon: make hip04_tx_reclaim non-reentrant Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 21/83] net: hisilicon: fix hip04-xmit never return TX_BUSY Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 22/83] net: hisilicon: Fix dma_map_single failed on arm64 Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 23/83] libata: add SG safety checks in SFF pio transfers Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 24/83] x86/lib/cpu: Address missing prototypes warning Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 25/83] drm/vmwgfx: fix memory leak when too many retries have occurred Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 26/83] perf pmu-events: Fix missing "cpu_clk_unhalted.core" event Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 27/83] selftests: kvm: Adding config fragments Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 28/83] HID: wacom: correct misreported EKR ring values Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 29/83] HID: wacom: Correct distance scale for 2nd-gen Intuos devices Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 30/83] Revert "dm bufio: fix deadlock with loop device" Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 31/83] gpiolib: never report open-drain/source lines as input to user-space Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 32/83] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 33/83] x86/retpoline: Dont clobber RFLAGS during CALL_NOSPEC on i386 Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 34/83] x86/apic: Handle missing global clockevent gracefully Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 35/83] x86/boot: Save fields explicitly, zero out everything else Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 36/83] x86/boot: Fix boot regression caused by bootparam sanitizing Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 37/83] dm btree: fix order of block initialization in btree_split_beneath Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 38/83] dm space map metadata: fix missing store of apply_bops() return value Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 39/83] dm table: fix invalid memory accesses with too high sector number Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 40/83] genirq: Properly pair kobject_del() with kobject_add() Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 41/83] mm, page_owner: handle THP splits correctly Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 42/83] mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 43/83] xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 44/83] Revert "perf test 6: Fix missing kvm module load for s390" Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 45/83] x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 46/83] dmaengine: ste_dma40: fix unneeded variable warning Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 47/83] iommu/dma: Handle SG length overflow better Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 48/83] usb: gadget: composite: Clear "suspended" on reset/disconnect Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 49/83] xen/blkback: fix memory leaks Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 50/83] i2c: emev2: avoid race when unregistering slave client Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 51/83] usb: host: fotg2: restart hcd after port reset Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 52/83] tools: hv: fix KVP and VSS daemons exit code Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 53/83] watchdog: bcm2835_wdt: Fix module autoload Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 54/83] scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 55/83] tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 56/83] ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 57/83] ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 58/83] tcp: make sure EPOLLOUT wont be missed Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 59/83] ALSA: line6: Fix memory leak at line6_init_pcm() error path Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 60/83] ALSA: seq: Fix potential concurrent access to the deleted pool Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 61/83] KVM: x86: Dont update RIP or do single-step on faulting emulation Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 62/83] x86/apic: Do not initialize LDR and DFR for bigsmp Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 63/83] x86/apic: Include the LDR when clearing out APIC registers Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 64/83] mm/zsmalloc.c: fix race condition in zs_destroy_pool Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 65/83] usb-storage: Add new JMS567 revision to unusual_devs Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 66/83] USB: cdc-wdm: fix race between write and disconnect due to flag abuse Greg Kroah-Hartman
2019-09-04 17:53 ` [PATCH 4.9 67/83] usb: chipidea: udc: dont do hardware access if gadget has stopped Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 68/83] usb: host: ohci: fix a race condition between shutdown and irq Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 69/83] usb: host: xhci: rcar: Fix typo in compatible string matching Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 70/83] USB: storage: ums-realtek: Update module parameter description for auto_delink_en Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 71/83] USB: storage: ums-realtek: Whitelist auto-delink support Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 72/83] ptrace,x86: Make user_64bit_mode() available to 32-bit builds Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 73/83] uprobes/x86: Fix detection of 32-bit user mode Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 74/83] mmc: sdhci-of-at91: add quirk for broken HS200 Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 75/83] mmc: core: Fix init of SD cards reporting an invalid VDD range Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 76/83] stm class: Fix a double free of stm_source_device Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 77/83] VMCI: Release resource if the work is already queued Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 78/83] Revert "cfg80211: fix processing world regdomain when non modular" Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 79/83] mac80211: fix possible sta leak Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 80/83] KVM: arm/arm64: vgic: Fix potential deadlock when ap_list is long Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 81/83] KVM: arm/arm64: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 82/83] i2c: piix4: Fix port selection for AMD Family 16h Model 30h Greg Kroah-Hartman
2019-09-04 17:54 ` [PATCH 4.9 83/83] x86/ptrace: fix up botched merge of spectrev1 fix Greg Kroah-Hartman
2019-09-05 3:38 ` [PATCH 4.9 00/83] 4.9.191-stable review kernelci.org bot
2019-09-05 14:33 ` shuah
2019-09-05 16:55 ` Guenter Roeck
2019-09-05 17:26 ` Daniel Díaz
2019-09-05 19:53 ` Kelsey Skunberg
2019-09-06 7:36 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190904175305.430416704@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jhubbard@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
--cc=trond.myklebust@hammerspace.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).