From 8b19b9ff41af5d72863d493782c0bf04dcb7f6b2 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Sun, 2 Aug 2020 09:03:44 +0200 Subject: [PATCH] 4.14-stable patches added patches: xfs-fix-missed-wakeup-on-l_flush_wait.patch --- queue-4.14/series | 1 + ...fs-fix-missed-wakeup-on-l_flush_wait.patch | 90 +++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 queue-4.14/xfs-fix-missed-wakeup-on-l_flush_wait.patch diff --git a/queue-4.14/series b/queue-4.14/series index 933b40ec9b6..f2f6ca49997 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -22,3 +22,4 @@ random32-remove-net_rand_state-from-the-latent-entropy-gcc-plugin.patch x86-build-lto-fix-truncated-.bss-with-fdata-sections.patch x86-vmlinux.lds-page-align-end-of-.page_aligned-sect.patch rds-prevent-kernel-infoleak-in-rds_notify_queue_get.patch +xfs-fix-missed-wakeup-on-l_flush_wait.patch diff --git a/queue-4.14/xfs-fix-missed-wakeup-on-l_flush_wait.patch b/queue-4.14/xfs-fix-missed-wakeup-on-l_flush_wait.patch new file mode 100644 index 00000000000..ad1e46ee745 --- /dev/null +++ b/queue-4.14/xfs-fix-missed-wakeup-on-l_flush_wait.patch @@ -0,0 +1,90 @@ +From cdea5459ce263fbc963657a7736762ae897a8ae6 Mon Sep 17 00:00:00 2001 +From: Rik van Riel +Date: Thu, 5 Sep 2019 17:32:48 -0700 +Subject: xfs: fix missed wakeup on l_flush_wait + +From: Rik van Riel + +commit cdea5459ce263fbc963657a7736762ae897a8ae6 upstream. + +The code in xlog_wait uses the spinlock to make adding the task to +the wait queue, and setting the task state to UNINTERRUPTIBLE atomic +with respect to the waker. + +Doing the wakeup after releasing the spinlock opens up the following +race condition: + +Task 1 task 2 +add task to wait queue + wake up task +set task state to UNINTERRUPTIBLE + +This issue was found through code inspection as a result of kworkers +being observed stuck in UNINTERRUPTIBLE state with an empty +wait queue. It is rare and largely unreproducable. + +Simply moving the spin_unlock to after the wake_up_all results +in the waker not being able to see a task on the waitqueue before +it has set its state to UNINTERRUPTIBLE. + +This bug dates back to the conversion of this code to generic +waitqueue infrastructure from a counting semaphore back in 2008 +which didn't place the wakeups consistently w.r.t. to the relevant +spin locks. + +[dchinner: Also fix a similar issue in the shutdown path on +xc_commit_wait. Update commit log with more details of the issue.] + +Fixes: d748c62367eb ("[XFS] Convert l_flushsema to a sv_t") +Reported-by: Chris Mason +Signed-off-by: Rik van Riel +Signed-off-by: Dave Chinner +Reviewed-by: Darrick J. Wong +Signed-off-by: Darrick J. Wong +Cc: stable@vger.kernel.org # 4.9.x-4.19.x +[modified for contextual change near xlog_state_do_callback()] +Signed-off-by: Samuel Mendoza-Jonas +Reviewed-by: Frank van der Linden +Reviewed-by: Suraj Jitindar Singh +Reviewed-by: Benjamin Herrenschmidt +Reviewed-by: Anchal Agarwal +Signed-off-by: Greg Kroah-Hartman + +--- + fs/xfs/xfs_log.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +--- a/fs/xfs/xfs_log.c ++++ b/fs/xfs/xfs_log.c +@@ -2684,7 +2684,6 @@ xlog_state_do_callback( + int funcdidcallbacks; /* flag: function did callbacks */ + int repeats; /* for issuing console warnings if + * looping too many times */ +- int wake = 0; + + spin_lock(&log->l_icloglock); + first_iclog = iclog = log->l_iclog; +@@ -2886,11 +2885,9 @@ xlog_state_do_callback( + #endif + + if (log->l_iclog->ic_state & (XLOG_STATE_ACTIVE|XLOG_STATE_IOERROR)) +- wake = 1; +- spin_unlock(&log->l_icloglock); +- +- if (wake) + wake_up_all(&log->l_flush_wait); ++ ++ spin_unlock(&log->l_icloglock); + } + + +@@ -4052,7 +4049,9 @@ xfs_log_force_umount( + * item committed callback functions will do this again under lock to + * avoid races. + */ ++ spin_lock(&log->l_cilp->xc_push_lock); + wake_up_all(&log->l_cilp->xc_commit_wait); ++ spin_unlock(&log->l_cilp->xc_push_lock); + xlog_state_do_callback(log, XFS_LI_ABORTED, NULL); + + #ifdef XFSERRORDEBUG -- 2.47.3