[spruce-project] [PATCH] xfs: fix deadlock on failure path in xfs_setattr_nonsize()

Brian Foster bfoster at redhat.com
Thu Oct 16 16:40:48 MSK 2014


On Wed, Oct 15, 2014 at 11:22:48PM +0200, Alexey Khoroshilov wrote:
> If xfs_trans_reserve() fails, xfs_setattr_nonsize() does not deallocate
> the transaction and does not release "freeze" lock. That leads to the
> following warning from lockdep:
>   [ BUG: lock held when returning to user space! ]
>   ------------------------------------------------
>   fs-driver-tests/7127 is leaving the kernel with locks still held!
>   1 lock held by fs-driver-tests/7127:
>    #0:  (sb_internal){.+.+.+}, at: [<ffffffffa0389a44>] xfs_trans_alloc+0x24/0x40 [xfs]
> 
> The patch adds xfs_trans_cancel() on the failure path.
> 
> Found by Linux File System Verification project (linuxtesting.org).
> 
> Signed-off-by: Alexey Khoroshilov <khoroshilov at ispras.ru>
> ---

Looks good, thanks for the patch.

Reviewed-by: Brian Foster <bfoster at redhat.com>

>  fs/xfs/xfs_iops.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c
> index 72129493e9d3..e2e785eec831 100644
> --- a/fs/xfs/xfs_iops.c
> +++ b/fs/xfs/xfs_iops.c
> @@ -599,8 +599,10 @@ xfs_setattr_nonsize(
>  
>  	tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE);
>  	error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0);
> -	if (error)
> +	if (error) {
> +		xfs_trans_cancel(tp, 0);
>  		goto out_dqrele;
> +	}
>  
>  	xfs_ilock(ip, XFS_ILOCK_EXCL);
>  
> -- 
> 1.9.1
> 



More information about the spruce-project mailing list