diff mbox

fuse: freezing abort when use wait_event_killable{,_exclusive}().

Message ID 1480907985-1494-1-git-send-email-cuilifei@xiaomi.com (mailing list archive)
State New, archived
Headers show

Commit Message

cuilifei Dec. 5, 2016, 3:19 a.m. UTC
Freezing process can abort when a client is waiting uninterruptibly
for a response. Add new macro wait_fatal_freezable to try to fix it.

Signed-off-by: cuilifei <cuilifei@xiaomi.com>
---
 fs/fuse/dev.c           | 30 ++++++++++++++++++++++++++----
 include/linux/freezer.h | 26 ++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 4 deletions(-)

Comments

Rafael J. Wysocki Dec. 6, 2016, 10:15 p.m. UTC | #1
On Monday, December 05, 2016 11:19:45 AM cuilifei wrote:
> Freezing process can abort when a client is waiting uninterruptibly
> for a response. Add new macro wait_fatal_freezable to try to fix it.
> 
> Signed-off-by: cuilifei <cuilifei@xiaomi.com>

I'm not a big fan of this to be honest.

Do we really want to suspend the system (or freeze tasks for other reasons)
if that happens?

> ---
>  fs/fuse/dev.c           | 30 ++++++++++++++++++++++++++----
>  include/linux/freezer.h | 26 ++++++++++++++++++++++++++
>  2 files changed, 52 insertions(+), 4 deletions(-)
> 
> diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
> index 70ea57c..e33a081 100644
> --- a/fs/fuse/dev.c
> +++ b/fs/fuse/dev.c
> @@ -19,6 +19,7 @@
>  #include <linux/pipe_fs_i.h>
>  #include <linux/swap.h>
>  #include <linux/splice.h>
> +#include <linux/freezer.h>
>  
>  MODULE_ALIAS_MISCDEV(FUSE_MINOR);
>  MODULE_ALIAS("devname:fuse");
> @@ -99,6 +100,19 @@ void fuse_request_free(struct fuse_req *req)
>  	kmem_cache_free(fuse_req_cachep, req);
>  }
>  
> +static void block_sigs(sigset_t *oldset)
> +{
> +	sigset_t mask;
> +
> +	siginitsetinv(&mask, sigmask(SIGKILL));
> +	sigprocmask(SIG_BLOCK, &mask, oldset);
> +}
> +
> +static void restore_sigs(sigset_t *oldset)
> +{
> +	sigprocmask(SIG_SETMASK, oldset, NULL);
> +}
> +
>  void __fuse_get_request(struct fuse_req *req)
>  {
>  	atomic_inc(&req->count);
> @@ -134,13 +148,18 @@ static struct fuse_req *__fuse_get_req(struct fuse_conn *fc, unsigned npages,
>  				       bool for_background)
>  {
>  	struct fuse_req *req;
> +	sigset_t oldset;
> +	int intr;
>  	int err;
>  	atomic_inc(&fc->num_waiting);
>  
>  	if (fuse_block_alloc(fc, for_background)) {
>  		err = -EINTR;
> -		if (wait_event_killable_exclusive(fc->blocked_waitq,
> -				!fuse_block_alloc(fc, for_background)))
> +		block_sigs(&oldset);
> +		intr = wait_fatal_freezable(fc->blocked_waitq,
> +				!fuse_block_alloc(fc, for_background), true);
> +		restore_sigs(&oldset);
> +		if (intr)
>  			goto out;
>  	}
>  	/* Matches smp_wmb() in fuse_set_initialized() */
> @@ -427,9 +446,12 @@ static void request_wait_answer(struct fuse_conn *fc, struct fuse_req *req)
>  	}
>  
>  	if (!test_bit(FR_FORCE, &req->flags)) {
> +		sigset_t oldset;
>  		/* Only fatal signals may interrupt this */
> -		err = wait_event_killable(req->waitq,
> -					test_bit(FR_FINISHED, &req->flags));
> +		block_sigs(&oldset);
> +		err = wait_fatal_freezable(req->waitq,
> +				test_bit(FR_FINISHED, &req->flags), false);
> +		restore_sigs(&oldset);
>  		if (!err)
>  			return;
>  
> diff --git a/include/linux/freezer.h b/include/linux/freezer.h
> index dd03e83..2504cd0 100644
> --- a/include/linux/freezer.h
> +++ b/include/linux/freezer.h
> @@ -256,6 +256,22 @@ static inline int freezable_schedule_hrtimeout_range(ktime_t *expires,
>  	__retval;							\
>  })
>  
> +#define wait_fatal_freezable(wq, condition, exclusive)			\
> +({									\
> +	int __ret = 0;							\
> +	do {								\
> +		if (exclusive)						\
> +			__ret = wait_event_interruptible_exclusive(wq,	\
> +							condition);	\
> +		else							\
> +			__ret = wait_event_interruptible(wq,		\
> +							condition);	\
> +		if (!__ret || fatal_signal_pending(current))		\
> +			break;						\
> +	} while (try_to_freeze());					\
> +	__ret;								\
> +})
> +
>  #else /* !CONFIG_FREEZER */
>  static inline bool frozen(struct task_struct *p) { return false; }
>  static inline bool freezing(struct task_struct *p) { return false; }
> @@ -296,6 +312,16 @@ static inline void set_freezable(void) {}
>  #define wait_event_freezekillable_unsafe(wq, condition)			\
>  		wait_event_killable(wq, condition)
>  
> +#define wait_fatal_freezable(wq, condition, exclusive)			\
> +({									\
> +	int __ret = 0;							\
> +	if (exclusive)							\
> +		__ret = wait_event_killable_exclusive(wq, condition);	\
> +	else								\
> +		__ret = wait_event_killable(wq,	condition);		\
> +	__ret;								\
> +})
> +
>  #endif /* !CONFIG_FREEZER */
>  
>  #endif	/* FREEZER_H_INCLUDED */
> 

Thanks,
Rafael

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
cuilifei Dec. 8, 2016, 6:31 a.m. UTC | #2
Hi Rafael,

The fuse we used is without the commit "fuse: don't mess with blocking signals" committed by Al Viro.
So we find the issue SIGBUS. In the page fault, trying to read page in fuse is interrupted,
which will lead to SIGBUS issue.

All Android platforms, include Android N, have the SIGUBS issue. All the SIGBUS issues are produced
in the freezing process.

In our Android platform, the root-cause of SIGBUS is :
suspend procedure will set the signal pending flag(TIF_SIGPENDING) and then wake up the task
which is TASK_INTERRUPTIBLE status . The request_wait_answer, which calls wait_event_interruptible,
is interrupted and the fuse request is still in pending status, which leads to SIGBUS sent to caller.

This issue can be reproduced by adding delays in funciton handle_read,
which is in the Android sdcard daemon process.

So we merge the commit "fuse: don't mess with blocking signals", which just use wait_event_killable{,_exclusive}().
It fix the SIGBUS issue. But the freezing will fail, because the freezing procedure cannot wake up the task which
is in TASK_KILLABLE(TASK_WAKEKILL | TASK_UNINTERRUPTIBLE) status. And the suspend procedure will abort
until the time is out.

In this patch, we try to fix the issue mentioned above.
> ---
>   fs/fuse/dev.c           | 30 ++++++++++++++++++++++++++----
>   include/linux/freezer.h | 26 ++++++++++++++++++++++++++
>   2 files changed, 52 insertions(+), 4 deletions(-)
> 
> diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
> index 70ea57c..e33a081 100644
> --- a/fs/fuse/dev.c
> +++ b/fs/fuse/dev.c
> @@ -19,6 +19,7 @@
>   #include <linux/pipe_fs_i.h>
>   #include <linux/swap.h>
>   #include <linux/splice.h>
> +#include <linux/freezer.h>
>   
>   MODULE_ALIAS_MISCDEV(FUSE_MINOR);
>   MODULE_ALIAS("devname:fuse");
> @@ -99,6 +100,19 @@ void fuse_request_free(struct fuse_req *req)
>         kmem_cache_free(fuse_req_cachep, req);
>   }
>   
> +static void block_sigs(sigset_t *oldset)
> +{
> +     sigset_t mask;
> +
> +     siginitsetinv(&mask, sigmask(SIGKILL));
> +     sigprocmask(SIG_BLOCK, &mask, oldset);
> +}
> +
> +static void restore_sigs(sigset_t *oldset)
> +{
> +     sigprocmask(SIG_SETMASK, oldset, NULL);
> +}
> +
>   void __fuse_get_request(struct fuse_req *req)
>   {
>         atomic_inc(&req->count);
> @@ -134,13 +148,18 @@ static struct fuse_req *__fuse_get_req(struct fuse_conn *fc, unsigned npages,
>                                        bool for_background)
>   {
>         struct fuse_req *req;
> +     sigset_t oldset;
> +     int intr;
>         int err;
>         atomic_inc(&fc->num_waiting);
>   
>         if (fuse_block_alloc(fc, for_background)) {
>                 err = -EINTR;
> -             if (wait_event_killable_exclusive(fc->blocked_waitq,
> -                             !fuse_block_alloc(fc, for_background)))
> +             block_sigs(&oldset);
> +             intr = wait_fatal_freezable(fc->blocked_waitq,
> +                             !fuse_block_alloc(fc, for_background), true);
> +             restore_sigs(&oldset);
> +             if (intr)
>                         goto out;
>         }
>         /* Matches smp_wmb() in fuse_set_initialized() */
> @@ -427,9 +446,12 @@ static void request_wait_answer(struct fuse_conn *fc, struct fuse_req *req)
>         }
>   
>         if (!test_bit(FR_FORCE, &req->flags)) {
> +             sigset_t oldset;
>                 /* Only fatal signals may interrupt this */
> -             err = wait_event_killable(req->waitq,
> -                                     test_bit(FR_FINISHED, &req->flags));
> +             block_sigs(&oldset);
> +             err = wait_fatal_freezable(req->waitq,
> +                             test_bit(FR_FINISHED, &req->flags), false);
> +             restore_sigs(&oldset);
>                 if (!err)
>                         return;
>   
> diff --git a/include/linux/freezer.h b/include/linux/freezer.h
> index dd03e83..2504cd0 100644
> --- a/include/linux/freezer.h
> +++ b/include/linux/freezer.h
> @@ -256,6 +256,22 @@ static inline int freezable_schedule_hrtimeout_range(ktime_t *expires,
>         __retval;                                                       \
>   })
>   
> +#define wait_fatal_freezable(wq, condition, exclusive)                       \
> +({                                                                   \
> +     int __ret = 0;                                                  \
> +     do {                                                            \
> +             if (exclusive)                                          \
> +                     __ret = wait_event_interruptible_exclusive(wq,  \    //set the TASK_INTERRUPTIBLE
> +                                                     condition);     \                           //can be waked up by suspend procedure
> +             else                                                    \
> +                     __ret = wait_event_interruptible(wq,            \
> +                                                     condition);     \
> +             if (!__ret || fatal_signal_pending(current))            \           //check condition or there is fatal signal
> +                     break;                                          \                            //if true, wait finish
> +     } while (try_to_freeze());                                      \                   //if freezing is in effect, try to freeze the task
> +     __ret;                                                          \
> +})
> +
>   #else /* !CONFIG_FREEZER */
>   static inline bool frozen(struct task_struct *p) { return false; }
>   static inline bool freezing(struct task_struct *p) { return false; }
> @@ -296,6 +312,16 @@ static inline void set_freezable(void) {}
>   #define wait_event_freezekillable_unsafe(wq, condition)                      \
>                 wait_event_killable(wq, condition)
>   
> +#define wait_fatal_freezable(wq, condition, exclusive)                       \
> +({                                                                   \
> +     int __ret = 0;                                                  \
> +     if (exclusive)                                                  \
> +             __ret = wait_event_killable_exclusive(wq, condition);   \
> +     else                                                            \
> +             __ret = wait_event_killable(wq, condition);             \
> +     __ret;                                                          \
> +})
> +
>   #endif /* !CONFIG_FREEZER */
>   
>   #endif       /* FREEZER_H_INCLUDED */
> 
Thanks.

BR,
cuilifei Dec. 14, 2016, 10:09 a.m. UTC | #3
Rafael,

Any questions about the patch, please let me know.

Thanks!

BR,
Cui Li Fei
Rafael J. Wysocki Dec. 15, 2016, 10:40 p.m. UTC | #4
On Wednesday, December 14, 2016 10:09:25 AM 崔立飞 wrote:
> Rafael,
> 
> Any questions about the patch, please let me know.

To be honest, I don't particularly like it, but I wonder what FUSE maintainers
think about it.

Thanks,
Rafael

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
cuilifei Dec. 16, 2016, 1:34 a.m. UTC | #5
Hi Miklos,

Please help to review the patch.
Thanks.
diff mbox

Patch

diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 70ea57c..e33a081 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -19,6 +19,7 @@ 
 #include <linux/pipe_fs_i.h>
 #include <linux/swap.h>
 #include <linux/splice.h>
+#include <linux/freezer.h>
 
 MODULE_ALIAS_MISCDEV(FUSE_MINOR);
 MODULE_ALIAS("devname:fuse");
@@ -99,6 +100,19 @@  void fuse_request_free(struct fuse_req *req)
 	kmem_cache_free(fuse_req_cachep, req);
 }
 
+static void block_sigs(sigset_t *oldset)
+{
+	sigset_t mask;
+
+	siginitsetinv(&mask, sigmask(SIGKILL));
+	sigprocmask(SIG_BLOCK, &mask, oldset);
+}
+
+static void restore_sigs(sigset_t *oldset)
+{
+	sigprocmask(SIG_SETMASK, oldset, NULL);
+}
+
 void __fuse_get_request(struct fuse_req *req)
 {
 	atomic_inc(&req->count);
@@ -134,13 +148,18 @@  static struct fuse_req *__fuse_get_req(struct fuse_conn *fc, unsigned npages,
 				       bool for_background)
 {
 	struct fuse_req *req;
+	sigset_t oldset;
+	int intr;
 	int err;
 	atomic_inc(&fc->num_waiting);
 
 	if (fuse_block_alloc(fc, for_background)) {
 		err = -EINTR;
-		if (wait_event_killable_exclusive(fc->blocked_waitq,
-				!fuse_block_alloc(fc, for_background)))
+		block_sigs(&oldset);
+		intr = wait_fatal_freezable(fc->blocked_waitq,
+				!fuse_block_alloc(fc, for_background), true);
+		restore_sigs(&oldset);
+		if (intr)
 			goto out;
 	}
 	/* Matches smp_wmb() in fuse_set_initialized() */
@@ -427,9 +446,12 @@  static void request_wait_answer(struct fuse_conn *fc, struct fuse_req *req)
 	}
 
 	if (!test_bit(FR_FORCE, &req->flags)) {
+		sigset_t oldset;
 		/* Only fatal signals may interrupt this */
-		err = wait_event_killable(req->waitq,
-					test_bit(FR_FINISHED, &req->flags));
+		block_sigs(&oldset);
+		err = wait_fatal_freezable(req->waitq,
+				test_bit(FR_FINISHED, &req->flags), false);
+		restore_sigs(&oldset);
 		if (!err)
 			return;
 
diff --git a/include/linux/freezer.h b/include/linux/freezer.h
index dd03e83..2504cd0 100644
--- a/include/linux/freezer.h
+++ b/include/linux/freezer.h
@@ -256,6 +256,22 @@  static inline int freezable_schedule_hrtimeout_range(ktime_t *expires,
 	__retval;							\
 })
 
+#define wait_fatal_freezable(wq, condition, exclusive)			\
+({									\
+	int __ret = 0;							\
+	do {								\
+		if (exclusive)						\
+			__ret = wait_event_interruptible_exclusive(wq,	\
+							condition);	\
+		else							\
+			__ret = wait_event_interruptible(wq,		\
+							condition);	\
+		if (!__ret || fatal_signal_pending(current))		\
+			break;						\
+	} while (try_to_freeze());					\
+	__ret;								\
+})
+
 #else /* !CONFIG_FREEZER */
 static inline bool frozen(struct task_struct *p) { return false; }
 static inline bool freezing(struct task_struct *p) { return false; }
@@ -296,6 +312,16 @@  static inline void set_freezable(void) {}
 #define wait_event_freezekillable_unsafe(wq, condition)			\
 		wait_event_killable(wq, condition)
 
+#define wait_fatal_freezable(wq, condition, exclusive)			\
+({									\
+	int __ret = 0;							\
+	if (exclusive)							\
+		__ret = wait_event_killable_exclusive(wq, condition);	\
+	else								\
+		__ret = wait_event_killable(wq,	condition);		\
+	__ret;								\
+})
+
 #endif /* !CONFIG_FREEZER */
 
 #endif	/* FREEZER_H_INCLUDED */