lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220425161650.GE17025@magnolia>
Date:   Mon, 25 Apr 2022 09:16:50 -0700
From:   "Darrick J. Wong" <djwong@...nel.org>
To:     Wang Jianchao <jianchao.wan9@...il.com>
Cc:     linux-xfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] xfs: fix the ABBA deadlock around agf and inode

On Mon, Apr 25, 2022 at 03:10:02PM +0800, Wang Jianchao wrote:
> The deadlock context is as following,
> hold inode, try to require agf
> 
> inode buf xfs_buf.b_log_item ffff9ca7491eb2c0
> 
> PID: 82240  TASK: ffff9ca4cd633d80  CPU: 88  COMMAND: ""
>  #0 [ffffb696ad7f7410] __schedule at ffffffffa0067073
>  #1 [ffffb696ad7f74b0] schedule at ffffffffa0067678
>  #2 [ffffb696ad7f74b8] schedule_timeout at ffffffffa006b88d
>  #3 [ffffb696ad7f7558] __down at ffffffffa0069dcb
>  #4 [ffffb696ad7f75b8] down at ffffffff9f90890b
>  #5 [ffffb696ad7f75d0] xfs_buf_lock at ffffffffc6cb1133 [xfs]
>  #6 [ffffb696ad7f75f0] xfs_buf_find at ffffffffc6cb15fa [xfs]
>  #7 [ffffb696ad7f7688] xfs_buf_get_map at ffffffffc6cb18e0 [xfs]
>  #8 [ffffb696ad7f76d0] xfs_buf_read_map at ffffffffc6cb20e8 [xfs]
>  #9 [ffffb696ad7f7710] xfs_trans_read_buf_map at ffffffffc6ce6796 [xfs]
> #10 [ffffb696ad7f7750] xfs_read_agf at ffffffffc6c66fde [xfs]
> #11 [ffffb696ad7f77b8] xfs_alloc_read_agf at ffffffffc6c670ae [xfs]
> #12 [ffffb696ad7f77f0] xfs_alloc_fix_freelist at ffffffffc6c675dc [xfs]
> #13 [ffffb696ad7f7900] xfs_alloc_vextent at ffffffffc6c6796b [xfs]
> #14 [ffffb696ad7f7940] __xfs_inobt_alloc_block at ffffffffc6c972f0 [xfs]
> #15 [ffffb696ad7f79f8] __xfs_btree_split at ffffffffc6c7ee5d [xfs]
> #16 [ffffb696ad7f7ab8] xfs_btree_split at ffffffffc6c7f34b [xfs]
> #17 [ffffb696ad7f7b68] xfs_btree_make_block_unfull at ffffffffc6c80882 [xfs]
> #18 [ffffb696ad7f7bc8] xfs_btree_insrec at ffffffffc6c80ccd [xfs]
> #19 [ffffb696ad7f7ca0] xfs_btree_insert at ffffffffc6c80e3b [xfs]
> #20 [ffffb696ad7f7d60] xfs_difree_finobt at ffffffffc6c94859 [xfs]
> #21 [ffffb696ad7f7db8] xfs_difree at ffffffffc6c9634e [xfs]
> #22 [ffffb696ad7f7e08] xfs_ifree at ffffffffc6cc63d2 [xfs]
> #23 [ffffb696ad7f7e58] xfs_inactive_ifree at ffffffffc6cc6551 [xfs]
> #24 [ffffb696ad7f7e88] xfs_inactive at ffffffffc6cc66fe [xfs]
> #25 [ffffb696ad7f7ea0] xfs_fs_destroy_inode at ffffffffc6ccfdb8 [xfs]
> #26 [ffffb696ad7f7ec0] do_unlinkat at ffffffff9face066
> #27 [ffffb696ad7f7f38] do_syscall_64 at ffffffff9f8041cb
> #28 [ffffb696ad7f7f50] entry_SYSCALL_64_after_hwframe at ffffffffa02000ad
>     RIP: 00007f5e27b64e57  RSP: 00007f5e0d1f9a98  RFLAGS: 00000202
>     RAX: ffffffffffffffda  RBX: 00007f578b4011a0  RCX: 00007f5e27b64e57
>     RDX: 00007f5b1684e680  RSI: 0000000000000070  RDI: 00007f5b1684e680
>     RBP: 00007f578b4011c0   R8: 00000000000002e8   R9: 0000000000000007
>     R10: 00007f5e0d1fae20  R11: 0000000000000202  R12: 00007f5e0d1f9c00
>     R13: 00007f5d191e2118  R14: 00007f5d191e22d0  R15: 00007f5e0d1f9b50
>     ORIG_RAX: 0000000000000057  CS: 0033  SS: 002b
> 
> 
> The task hold agf, try to require inode
> 
> 
> PID: 1653499  TASK: ffff9c9f5490bd80  CPU: 66  COMMAND: "kworker/u209:2"
>  #0 [ffffb696ccdff270] __schedule at ffffffffa0067073
>  #1 [ffffb696ccdff310] schedule at ffffffffa0067678
>  #2 [ffffb696ccdff318] schedule_timeout at ffffffffa006b88d
>  #3 [ffffb696ccdff3b8] __down at ffffffffa0069dcb
>  #4 [ffffb696ccdff410] down at ffffffff9f90890b
>  #5 [ffffb696ccdff428] xfs_buf_lock at ffffffffc6cb1133 [xfs]
>  #6 [ffffb696ccdff448] xfs_buf_find at ffffffffc6cb15fa [xfs]
>  #7 [ffffb696ccdff4e0] xfs_buf_get_map at ffffffffc6cb18e0 [xfs]
>  #8 [ffffb696ccdff528] xfs_buf_read_map at ffffffffc6cb20e8 [xfs]
>  #9 [ffffb696ccdff568] xfs_trans_read_buf_map at ffffffffc6ce6796 [xfs]
> #10 [ffffb696ccdff5a8] xfs_imap_to_bp at ffffffffc6c9a3e7 [xfs]
> #11 [ffffb696ccdff608] xfs_trans_log_inode at ffffffffc6ce757e [xfs]
> #12 [ffffb696ccdff658] xfs_bmap_btalloc at ffffffffc6c75ccc [xfs]
> #13 [ffffb696ccdff750] xfs_bmapi_write at ffffffffc6c77ca0 [xfs]
> #14 [ffffb696ccdff8a8] xfs_bmapi_convert_delalloc at ffffffffc6c782a4 [xfs]
> #15 [ffffb696ccdff8d0] xfs_iomap_write_allocate at ffffffffc6cc11a7 [xfs]
> #16 [ffffb696ccdff940] xfs_map_blocks at ffffffffc6ca9f97 [xfs]
> #17 [ffffb696ccdff9d0] xfs_do_writepage at ffffffffc6caa911 [xfs]
> #18 [ffffb696ccdffa48] write_cache_pages at ffffffff9fa20675
> #19 [ffffb696ccdffb40] xfs_vm_writepages at ffffffffc6caa3e4 [xfs]
> #20 [ffffb696ccdffba8] do_writepages at ffffffff9fa217c1
> #21 [ffffb696ccdffc10] __writeback_single_inode at ffffffff9faec1bd
> #22 [ffffb696ccdffc58] writeback_sb_inodes at ffffffff9faec953
> #23 [ffffb696ccdffd38] __writeback_inodes_wb at ffffffff9faecc1d
> #24 [ffffb696ccdffd78] wb_writeback at ffffffff9faecf9f
> #25 [ffffb696ccdffe08] wb_workfn at ffffffff9faed8a2
> #26 [ffffb696ccdffe98] process_one_work at ffffffff9f8cd9f7
> #27 [ffffb696ccdffed8] worker_thread at ffffffff9f8ce0fa
> #28 [ffffb696ccdfff10] kthread at ffffffff9f8d3802
> #29 [ffffb696ccdfff50] ret_from_fork at ffffffffa020023f

Does this solve the same problem as[1]?

[1]
https://lore.kernel.org/linux-xfs/20220404232204.GT1544202@dread.disaster.area/

--D

> 
> 
> Thanks
> Jianchao
> 
> On 2022/4/25 3:06 下午, Wang Jianchao (Kuaishou) wrote:
> > Recently, we encounter a deadlock case where there are many tasks
> > hung on agi and agf xfs_buf. It end up with a deadlock between
> > agf and inode xfs_buf as following,
> > 
> > xfs_ifree()             xfs_bmap_btalloc()
> > xfs_iunlink_remove()    xfs_alloc_vextent()
> >   hold inode bp           hold agf
> > xfs_difree()            xfs_trans_log_inode()
> >   require agf             require inode bp
> > 
> > The task requires inode bp with agf held block other tasks which
> > want to require agf with agi held. Then the whole filesystem
> > looks like a agi/agf deadlock. To fix this issue, get agf in
> > xfs_iunlink_remove() after it get agi and before get indoe bp.
> > 
> > Signed-off-by: Wang Jianchao (Kuaishou) <jianchao.wan9@...il.com>
> > ---
> >  fs/xfs/xfs_inode.c | 10 ++++++++++
> >  1 file changed, 10 insertions(+)
> > 
> > diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
> > index 9de6205fe134..c0a29fd00b0e 100644
> > --- a/fs/xfs/xfs_inode.c
> > +++ b/fs/xfs/xfs_inode.c
> > @@ -36,6 +36,7 @@
> >  #include "xfs_reflink.h"
> >  #include "xfs_ag.h"
> >  #include "xfs_log_priv.h"
> > +#include "xfs_alloc.h"
> >  
> >  struct kmem_cache *xfs_inode_cache;
> >  
> > @@ -2337,6 +2338,7 @@ xfs_iunlink_remove(
> >  {
> >  	struct xfs_mount	*mp = tp->t_mountp;
> >  	struct xfs_agi		*agi;
> > +	struct xfs_buf		*agfbp;
> >  	struct xfs_buf		*agibp;
> >  	struct xfs_buf		*last_ibp;
> >  	struct xfs_dinode	*last_dip = NULL;
> > @@ -2352,6 +2354,14 @@ xfs_iunlink_remove(
> >  	error = xfs_read_agi(mp, tp, pag->pag_agno, &agibp);
> >  	if (error)
> >  		return error;
> > +
> > +	/*
> > +	 * Get the agf buffer first to ensure the lock ordering against inode bp
> > +	 */
> > +	error = xfs_read_agf(mp, tp, pag->pag_agno, 0, &agfbp);
> > +	if (error)
> > +		return error;
> > +
> >  	agi = agibp->b_addr;
> >  
> >  	/*

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ