xfs: fix quota off hang from non-blocking flush
diff mbox series

Message ID 20200701075144.2633976-1-david@fromorbit.com
State New
Headers show
Series
  • xfs: fix quota off hang from non-blocking flush
Related show

Commit Message

Dave Chinner July 1, 2020, 7:51 a.m. UTC
From: Dave Chinner <dchinner@redhat.com>

Found by inspection after having xfs/305 hang 1 in ~50 iterations
in a quotaoff operation:

[ 8872.301115] xfs_quota       D13888 92262  91813 0x00004002
[ 8872.302538] Call Trace:
[ 8872.303193]  __schedule+0x2d2/0x780
[ 8872.304108]  ? do_raw_spin_unlock+0x57/0xd0
[ 8872.305198]  schedule+0x6e/0xe0
[ 8872.306021]  schedule_timeout+0x14d/0x300
[ 8872.307060]  ? __next_timer_interrupt+0xe0/0xe0
[ 8872.308231]  ? xfs_qm_dqusage_adjust+0x200/0x200
[ 8872.309422]  schedule_timeout_uninterruptible+0x2a/0x30
[ 8872.310759]  xfs_qm_dquot_walk.isra.0+0x15a/0x1b0
[ 8872.311971]  xfs_qm_dqpurge_all+0x7f/0x90
[ 8872.313022]  xfs_qm_scall_quotaoff+0x18d/0x2b0
[ 8872.314163]  xfs_quota_disable+0x3a/0x60
[ 8872.315179]  kernel_quotactl+0x7e2/0x8d0
[ 8872.316196]  ? __do_sys_newstat+0x51/0x80
[ 8872.317238]  __x64_sys_quotactl+0x1e/0x30
[ 8872.318266]  do_syscall_64+0x46/0x90
[ 8872.319193]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 8872.320490] RIP: 0033:0x7f46b5490f2a
[ 8872.321414] Code: Bad RIP value.

Returning -EAGAIN from xfs_qm_dqpurge() without clearing the
XFS_DQ_FREEING flag means the xfs_qm_dqpurge_all() code can never
free the dquot, and we loop forever waiting for the XFS_DQ_FREEING
flag to go away on the dquot that leaked it via -EAGAIN.

Fixes: 8d3d7e2b35ea ("xfs: trylock underlying buffer on dquot flush")
Signed-off-by: Dave Chinner <dchinner@redhat.com>
---
 fs/xfs/xfs_qm.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Christoph Hellwig July 1, 2020, 8:05 a.m. UTC | #1
Looks good,

Reviewed-by: Christoph Hellwig <hch@lst.de>
Brian Foster July 1, 2020, 10:50 a.m. UTC | #2
On Wed, Jul 01, 2020 at 05:51:44PM +1000, Dave Chinner wrote:
> From: Dave Chinner <dchinner@redhat.com>
> 
> Found by inspection after having xfs/305 hang 1 in ~50 iterations
> in a quotaoff operation:
> 
> [ 8872.301115] xfs_quota       D13888 92262  91813 0x00004002
> [ 8872.302538] Call Trace:
> [ 8872.303193]  __schedule+0x2d2/0x780
> [ 8872.304108]  ? do_raw_spin_unlock+0x57/0xd0
> [ 8872.305198]  schedule+0x6e/0xe0
> [ 8872.306021]  schedule_timeout+0x14d/0x300
> [ 8872.307060]  ? __next_timer_interrupt+0xe0/0xe0
> [ 8872.308231]  ? xfs_qm_dqusage_adjust+0x200/0x200
> [ 8872.309422]  schedule_timeout_uninterruptible+0x2a/0x30
> [ 8872.310759]  xfs_qm_dquot_walk.isra.0+0x15a/0x1b0
> [ 8872.311971]  xfs_qm_dqpurge_all+0x7f/0x90
> [ 8872.313022]  xfs_qm_scall_quotaoff+0x18d/0x2b0
> [ 8872.314163]  xfs_quota_disable+0x3a/0x60
> [ 8872.315179]  kernel_quotactl+0x7e2/0x8d0
> [ 8872.316196]  ? __do_sys_newstat+0x51/0x80
> [ 8872.317238]  __x64_sys_quotactl+0x1e/0x30
> [ 8872.318266]  do_syscall_64+0x46/0x90
> [ 8872.319193]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> [ 8872.320490] RIP: 0033:0x7f46b5490f2a
> [ 8872.321414] Code: Bad RIP value.
> 
> Returning -EAGAIN from xfs_qm_dqpurge() without clearing the
> XFS_DQ_FREEING flag means the xfs_qm_dqpurge_all() code can never
> free the dquot, and we loop forever waiting for the XFS_DQ_FREEING
> flag to go away on the dquot that leaked it via -EAGAIN.
> 
> Fixes: 8d3d7e2b35ea ("xfs: trylock underlying buffer on dquot flush")
> Signed-off-by: Dave Chinner <dchinner@redhat.com>
> ---

Reviewed-by: Brian Foster <bfoster@redhat.com>

>  fs/xfs/xfs_qm.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/fs/xfs/xfs_qm.c b/fs/xfs/xfs_qm.c
> index d6cd83317344..938023dd8ce5 100644
> --- a/fs/xfs/xfs_qm.c
> +++ b/fs/xfs/xfs_qm.c
> @@ -148,6 +148,7 @@ xfs_qm_dqpurge(
>  			error = xfs_bwrite(bp);
>  			xfs_buf_relse(bp);
>  		} else if (error == -EAGAIN) {
> +			dqp->dq_flags &= ~XFS_DQ_FREEING;
>  			goto out_unlock;
>  		}
>  		xfs_dqflock(dqp);
> -- 
> 2.26.2.761.g0e0b3e54be
>

Patch
diff mbox series

diff --git a/fs/xfs/xfs_qm.c b/fs/xfs/xfs_qm.c
index d6cd83317344..938023dd8ce5 100644
--- a/fs/xfs/xfs_qm.c
+++ b/fs/xfs/xfs_qm.c
@@ -148,6 +148,7 @@  xfs_qm_dqpurge(
 			error = xfs_bwrite(bp);
 			xfs_buf_relse(bp);
 		} else if (error == -EAGAIN) {
+			dqp->dq_flags &= ~XFS_DQ_FREEING;
 			goto out_unlock;
 		}
 		xfs_dqflock(dqp);