[PATCH 4.4 33/86] md/raid5: fix oops during stripe resizing

stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, KoWei Sung <winders@amazon.com>,
	Song Liu <songliubraving@fb.com>
Subject: [PATCH 4.4 33/86] md/raid5: fix oops during stripe resizing
Date: Mon,  9 Nov 2020 13:54:40 +0100	[thread overview]
Message-ID: <20201109125022.451961167@linuxfoundation.org> (raw)
In-Reply-To: <20201109125020.852643676@linuxfoundation.org>

From: Song Liu <songliubraving@fb.com>

commit b44c018cdf748b96b676ba09fdbc5b34fc443ada upstream.

KoWei reported crash during raid5 reshape:

[ 1032.252932] Oops: 0002 [#1] SMP PTI
[...]
[ 1032.252943] RIP: 0010:memcpy_erms+0x6/0x10
[...]
[ 1032.252947] RSP: 0018:ffffba1ac0c03b78 EFLAGS: 00010286
[ 1032.252949] RAX: 0000784ac0000000 RBX: ffff91bec3d09740 RCX: 0000000000001000
[ 1032.252951] RDX: 0000000000001000 RSI: ffff91be6781c000 RDI: 0000784ac0000000
[ 1032.252953] RBP: ffffba1ac0c03bd8 R08: 0000000000001000 R09: ffffba1ac0c03bf8
[ 1032.252954] R10: 0000000000000000 R11: 0000000000000000 R12: ffffba1ac0c03bf8
[ 1032.252955] R13: 0000000000001000 R14: 0000000000000000 R15: 0000000000000000
[ 1032.252958] FS:  0000000000000000(0000) GS:ffff91becf500000(0000) knlGS:0000000000000000
[ 1032.252959] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1032.252961] CR2: 0000784ac0000000 CR3: 000000031780a002 CR4: 00000000001606e0
[ 1032.252962] Call Trace:
[ 1032.252969]  ? async_memcpy+0x179/0x1000 [async_memcpy]
[ 1032.252977]  ? raid5_release_stripe+0x8e/0x110 [raid456]
[ 1032.252982]  handle_stripe_expansion+0x15a/0x1f0 [raid456]
[ 1032.252988]  handle_stripe+0x592/0x1270 [raid456]
[ 1032.252993]  handle_active_stripes.isra.0+0x3cb/0x5a0 [raid456]
[ 1032.252999]  raid5d+0x35c/0x550 [raid456]
[ 1032.253002]  ? schedule+0x42/0xb0
[ 1032.253006]  ? schedule_timeout+0x10e/0x160
[ 1032.253011]  md_thread+0x97/0x160
[ 1032.253015]  ? wait_woken+0x80/0x80
[ 1032.253019]  kthread+0x104/0x140
[ 1032.253022]  ? md_start_sync+0x60/0x60
[ 1032.253024]  ? kthread_park+0x90/0x90
[ 1032.253027]  ret_from_fork+0x35/0x40

This is because cache_size_mutex was unlocked too early in resize_stripes,
which races with grow_one_stripe() that grow_one_stripe() allocates a
stripe with wrong pool_size.

Fix this issue by unlocking cache_size_mutex after updating pool_size.

Cc: <stable@vger.kernel.org> # v4.4+
Reported-by: KoWei Sung <winders@amazon.com>
Signed-off-by: Song Liu <songliubraving@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/md/raid5.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/drivers/md/raid5.c
+++ b/drivers/md/raid5.c
@@ -2238,8 +2238,6 @@ static int resize_stripes(struct r5conf
 	} else
 		err = -ENOMEM;
 
-	mutex_unlock(&conf->cache_size_mutex);
-
 	conf->slab_cache = sc;
 	conf->active_name = 1-conf->active_name;
 
@@ -2262,6 +2260,8 @@ static int resize_stripes(struct r5conf
 
 	if (!err)
 		conf->pool_size = newsize;
+	mutex_unlock(&conf->cache_size_mutex);
+
 	return err;
 }

next prev parent reply	other threads:[~2020-11-09 13:47 UTC|newest]

Thread overview: 92+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-09 12:54 [PATCH 4.4 00/86] 4.4.242-rc1 review Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 01/86] SUNRPC: ECONNREFUSED should cause a rebind Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 02/86] scripts/setlocalversion: make git describe output more reliable Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 03/86] powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt handler Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 04/86] efivarfs: Replace invalid slashes with exclamation marks in dentries Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 05/86] ravb: Fix bit fields checking in ravb_hwtstamp_get() Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 06/86] tipc: fix memory leak caused by tipc_buf_append() Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 07/86] mtd: lpddr: Fix bad logic in print_drs_error Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 08/86] ata: sata_rcar: Fix DMA boundary mask Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 09/86] fscrypt: return -EXDEV for incompatible rename or link into encrypted dir Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 10/86] f2fs crypto: avoid unneeded memory allocation in ->readdir Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 11/86] powerpc/powernv/smp: Fix spurious DBG() warning Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 12/86] sparc64: remove mm_cpumask clearing to fix kthread_use_mm race Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 13/86] f2fs: fix to check segment boundary during SIT page readahead Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 14/86] um: change sigio_spinlock to a mutex Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 15/86] xfs: fix realtime bitmap/summary file truncation when growing rt volume Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 16/86] video: fbdev: pvr2fb: initialize variables Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 17/86] ath10k: fix VHT NSS calculation when STBC is enabled Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 18/86] mmc: via-sdmmc: Fix data race bug Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 19/86] printk: reduce LOG_BUF_SHIFT range for H8300 Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 20/86] kgdb: Make "kgdbcon" work properly with "kgdb_earlycon" Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 21/86] USB: adutux: fix debugging Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 22/86] drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 23/86] power: supply: test_power: add missing newlines when printing parameters by sysfs Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 24/86] md/bitmap: md_bitmap_get_counter returns wrong blocks Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 25/86] clk: ti: clockdomain: fix static checker warning Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 26/86] net: 9p: initialize sun_server.sun_path to have addrs value only when addr is valid Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 27/86] drivers: watchdog: rdc321x_wdt: Fix race condition bugs Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 28/86] ext4: Detect already used quota file early Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 29/86] gfs2: add validation checks for size of superblock Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 30/86] memory: emif: Remove bogus debugfs error handling Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 31/86] ARM: dts: s5pv210: move PMU node out of clock controller Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 32/86] ARM: dts: s5pv210: remove dedicated audio-subsystem node Greg Kroah-Hartman
2020-11-09 12:54 ` Greg Kroah-Hartman [this message]
2020-11-09 12:54 ` [PATCH 4.4 34/86] leds: bcm6328, bcm6358: use devres LED registering function Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 35/86] NFS: fix nfs_path in case of a rename retry Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 36/86] ACPI / extlog: Check for RDMSR failure Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 37/86] ACPI: video: use ACPI backlight for HP 635 Notebook Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 38/86] acpi-cpufreq: Honor _PSD table setting on new AMD CPUs Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 39/86] w1: mxc_w1: Fix timeout resolution problem leading to bus error Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 40/86] scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 41/86] btrfs: reschedule if necessary when logging directory items Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 42/86] vt: keyboard, simplify vt_kdgkbsent Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 43/86] vt: keyboard, extend func_buf_lock to readers Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 44/86] dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 45/86] iio:gyro:itg3200: Fix timestamp alignment and prevent data leak Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 46/86] powerpc/powernv/elog: Fix race while processing OPAL error log event Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 47/86] ubifs: dent: Fix some potential memory leaks while iterating entries Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 48/86] ubi: check kthread_should_stop() after the setting of task state Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 49/86] ia64: fix build error with !COREDUMP Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 50/86] ceph: promote to unsigned long long before shifting Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 51/86] libceph: clear con->out_msg on Policy::stateful_server faults Greg Kroah-Hartman
2020-11-09 12:54 ` [PATCH 4.4 52/86] 9P: Cast to loff_t before multiplying Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 53/86] ring-buffer: Return 0 on success from ring_buffer_resize() Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 54/86] vringh: fix __vringh_iov() when riov and wiov are different Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 55/86] tty: make FONTX ioctl use the tty pointer they were actually passed Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 56/86] arm64: berlin: Select DW_APB_TIMER_OF Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 57/86] cachefiles: Handle readpage error correctly Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 58/86] hil/parisc: Disable HIL driver when it gets stuck Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 59/86] ARM: samsung: fix PM debug build with DEBUG_LL but !MMU Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 60/86] ARM: s3c24xx: fix missing system reset Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 61/86] device property: Keep secondary firmware node secondary by type Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 62/86] device property: Dont clear secondary pointer for shared primary firmware node Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 63/86] staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 64/86] xen/events: dont use chip_data for legacy IRQs Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 65/86] tipc: fix use-after-free in tipc_bcast_get_mode Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 66/86] gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 67/86] gianfar: Account for Tx PTP timestamp in the skb headroom Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 68/86] Fonts: Replace discarded const qualifier Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 69/86] ALSA: usb-audio: Add implicit feedback quirk for Qu-16 Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 70/86] ftrace: Fix recursion check for NMI test Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 71/86] ftrace: Handle tracing when switching between context Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 72/86] ARM: dts: sun4i-a10: fix cpu_alert temperature Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 73/86] x86/kexec: Use up-to-dated screen_info copy to fill boot params Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 74/86] of: Fix reserved-memory overlap detection Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 75/86] scsi: core: Dont start concurrent async scan on same host Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 76/86] vsock: use ns_capable_noaudit() on socket create Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 77/86] vt: Disable KD_FONT_OP_COPY Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 78/86] fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 79/86] serial: 8250_mtk: Fix uart_get_baud_rate warning Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 80/86] serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 81/86] USB: serial: cyberjack: fix write-URB completion race Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 82/86] USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 83/86] USB: serial: option: add Telit FN980 composition 0x1055 Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 84/86] USB: Add NO_LPM quirk for Kingston flash drive Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 85/86] ARC: stack unwinding: avoid indefinite looping Greg Kroah-Hartman
2020-11-09 12:55 ` [PATCH 4.4 86/86] Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE" Greg Kroah-Hartman
2020-11-09 15:39 ` [PATCH 4.4 00/86] 4.4.242-rc1 review Jon Hunter
2020-11-09 18:51 ` Pavel Machek
2020-11-09 23:04 ` Guenter Roeck
2020-11-09 23:27 ` Shuah Khan
2020-11-10 10:36 ` Naresh Kamboju

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201109125022.451961167@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=songliubraving@fb.com \
    --cc=stable@vger.kernel.org \
    --cc=winders@amazon.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).