hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/include
History
Dmitry Monakhov 794446c694 jbd2: fix race between jbd2_journal_remove_checkpoint and ->j_commit_callback 
The following race is possible:

[kjournald2]                              other_task
jbd2_journal_commit_transaction()
  j_state = T_FINISHED;
  spin_unlock(&journal->j_list_lock);
                                         ->jbd2_journal_remove_checkpoint()
					   ->jbd2_journal_free_transaction();
					     ->kmem_cache_free(transaction)
  ->j_commit_callback(journal, transaction);
    -> USE_AFTER_FREE

WARNING: at lib/list_debug.c:62 __list_del_entry+0x1c0/0x250()
Hardware name:
list_del corruption. prev->next should be ffff88019a4ec198, but was 6b6b6b6b6b6b6b6b
Modules linked in: cpufreq_ondemand acpi_cpufreq freq_table mperf coretemp kvm_intel kvm crc32c_intel ghash_clmulni_intel microcode sg xhci_hcd button sd_mod crc_t10dif aesni_intel ablk_helper cryptd lrw aes_x86_64 xts gf128mul ahci libahci pata_acpi ata_generic dm_mirror dm_region_hash dm_log dm_mod
Pid: 16400, comm: jbd2/dm-1-8 Tainted: G        W    3.8.0-rc3+ #107
Call Trace:
 [<ffffffff8106fb0d>] warn_slowpath_common+0xad/0xf0
 [<ffffffff8106fc06>] warn_slowpath_fmt+0x46/0x50
 [<ffffffff813637e9>] ? ext4_journal_commit_callback+0x99/0xc0
 [<ffffffff8148cae0>] __list_del_entry+0x1c0/0x250
 [<ffffffff813637bf>] ext4_journal_commit_callback+0x6f/0xc0
 [<ffffffff813ca336>] jbd2_journal_commit_transaction+0x23a6/0x2570
 [<ffffffff8108aa42>] ? try_to_del_timer_sync+0x82/0xa0
 [<ffffffff8108b491>] ? del_timer_sync+0x91/0x1e0
 [<ffffffff813d3ecf>] kjournald2+0x19f/0x6a0
 [<ffffffff810ad630>] ? wake_up_bit+0x40/0x40
 [<ffffffff813d3d30>] ? bit_spin_lock+0x80/0x80
 [<ffffffff810ac6be>] kthread+0x10e/0x120
 [<ffffffff810ac5b0>] ? __init_kthread_worker+0x70/0x70
 [<ffffffff818ff6ac>] ret_from_fork+0x7c/0xb0
 [<ffffffff810ac5b0>] ? __init_kthread_worker+0x70/0x70

In order to demonstrace this issue one should mount ext4 with mount -o
discard option on SSD disk.  This makes callback longer and race
window becomes wider.

In order to fix this we should mark transaction as finished only after
callbacks have completed

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@vger.kernel.org
 		2013-04-03 22:06:52 -04:00
..
acpi Fixes: 2013-03-12 20:25:53 -07:00
asm-generic asm-generic: move cmpxchg*_local defs to cmpxchg.h 2013-03-13 06:11:05 +01:00
clocksource ImgTec Meta architecture changes for v3.9-rc1 2013-03-03 12:06:09 -08:00
crypto
drm drm/radeon: add Richland pci ids 2013-03-15 18:47:19 -04:00
keys
linux jbd2: fix race between jbd2_journal_remove_checkpoint and ->j_commit_callback 2013-04-03 22:06:52 -04:00
math-emu
media [media] media: ov7670: Add possibility to disable pixclk during hblank 2013-02-08 14:35:06 -02:00
memory
misc
net ipv4: Fix ip-header identification for gso packets. 2013-03-26 13:50:05 -04:00
pcmcia
ras edac: add support for error type "Info" 2013-02-21 14:16:27 -03:00
rdma IB/core: Add "type 2" memory windows support 2013-02-21 11:51:45 -08:00
rxrpc
scsi SCSI for-linus on 20130301 2013-03-02 11:42:16 -08:00
sound arm-soc: late OMAP changes 2013-02-28 20:00:40 -08:00
target target: Rename spc_get_write_same_sectors -> sbc_get_write_same_sectors 2013-02-23 12:46:14 -08:00
trace ext4: collapse handling of data=ordered and data=writeback codepaths 2013-04-03 12:39:17 -04:00
uapi net: fix *_DIAG_MAX constants 2013-03-21 12:36:33 -04:00
video ARM: at91: fix LCD-wiring mode 2013-03-13 11:05:04 +01:00
xen for-linus-20130331 2013-03-31 11:38:59 -07:00
Kbuild