Commit 3127f101 authored by Yeongjin Gil's avatar Yeongjin Gil Committed by Jaegeuk Kim

f2fs: Prevent s_writer rw_sem count mismatch in f2fs_evict_inode

If f2fs_evict_inode is called between freeze_super and thaw_super, the
s_writer rwsem count may become negative, resulting in hang.

CPU1                       CPU2

f2fs_resize_fs()           f2fs_evict_inode()
  f2fs_freeze
    set SBI_IS_FREEZING
                             skip sb_start_intwrite
  f2fs_unfreeze
    clear SBI_IS_FREEZING
                             sb_end_intwrite

To solve this problem, the call to sb_end_write is determined by whether
sb_start_intwrite is called, rather than the current freezing status.
Reviewed-by: default avatarSungjong Seo <sj1557.seo@samsung.com>
Reviewed-by: default avatarSunmin Jeong <s_min.jeong@samsung.com>
Signed-off-by: default avatarYeongjin Gil <youngjin.gil@samsung.com>
Reviewed-by: default avatarChao Yu <chao@kernel.org>
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
parent ee745e47
...@@ -804,6 +804,7 @@ void f2fs_evict_inode(struct inode *inode) ...@@ -804,6 +804,7 @@ void f2fs_evict_inode(struct inode *inode)
struct f2fs_inode_info *fi = F2FS_I(inode); struct f2fs_inode_info *fi = F2FS_I(inode);
nid_t xnid = fi->i_xattr_nid; nid_t xnid = fi->i_xattr_nid;
int err = 0; int err = 0;
bool freeze_protected = false;
f2fs_abort_atomic_write(inode, true); f2fs_abort_atomic_write(inode, true);
...@@ -843,8 +844,10 @@ void f2fs_evict_inode(struct inode *inode) ...@@ -843,8 +844,10 @@ void f2fs_evict_inode(struct inode *inode)
f2fs_remove_ino_entry(sbi, inode->i_ino, UPDATE_INO); f2fs_remove_ino_entry(sbi, inode->i_ino, UPDATE_INO);
f2fs_remove_ino_entry(sbi, inode->i_ino, FLUSH_INO); f2fs_remove_ino_entry(sbi, inode->i_ino, FLUSH_INO);
if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING)) if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING)) {
sb_start_intwrite(inode->i_sb); sb_start_intwrite(inode->i_sb);
freeze_protected = true;
}
set_inode_flag(inode, FI_NO_ALLOC); set_inode_flag(inode, FI_NO_ALLOC);
i_size_write(inode, 0); i_size_write(inode, 0);
retry: retry:
...@@ -887,7 +890,7 @@ void f2fs_evict_inode(struct inode *inode) ...@@ -887,7 +890,7 @@ void f2fs_evict_inode(struct inode *inode)
if (dquot_initialize_needed(inode)) if (dquot_initialize_needed(inode))
set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR); set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
} }
if (!is_sbi_flag_set(sbi, SBI_IS_FREEZING)) if (freeze_protected)
sb_end_intwrite(inode->i_sb); sb_end_intwrite(inode->i_sb);
no_delete: no_delete:
dquot_drop(inode); dquot_drop(inode);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment