[PATCH] libcfs: Fix a sleep-in-atomic bug in cfs_wi_deschedule

From: Jia-Ju Bai
Date: Wed May 31 2017 - 03:47:20 EST


The driver may sleep under a spin lock, and the function call path is:
cfs_wi_deschedule (acquire the lock by spin_lock)
LASSERT
lbug_with_loc
libcfs_debug_dumplog
schedule and kthread_run --> may sleep

To fix it, all "LASSERT" is placed out of the spin_lock and spin_unlock.

Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxx>
---
drivers/staging/lustre/lnet/libcfs/workitem.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/drivers/staging/lustre/lnet/libcfs/workitem.c b/drivers/staging/lustre/lnet/libcfs/workitem.c
index dbc2a9b..7e25eb9 100644
--- a/drivers/staging/lustre/lnet/libcfs/workitem.c
+++ b/drivers/staging/lustre/lnet/libcfs/workitem.c
@@ -140,6 +140,11 @@ struct cfs_wi_sched {

LASSERT(!in_interrupt()); /* because we use plain spinlock */
LASSERT(!sched->ws_stopping);
+ if (wi->wi_scheduled) {
+ LASSERT(!list_empty(&wi->wi_list));
+ LASSERT(sched->ws_nscheduled > 0);
+ }
+ LASSERT(list_empty(&wi->wi_list));

/*
* return 0 if it's running already, otherwise return 1, which
@@ -151,17 +156,11 @@ struct cfs_wi_sched {
rc = !(wi->wi_running);

if (wi->wi_scheduled) { /* cancel pending schedules */
- LASSERT(!list_empty(&wi->wi_list));
list_del_init(&wi->wi_list);
-
- LASSERT(sched->ws_nscheduled > 0);
sched->ws_nscheduled--;
-
wi->wi_scheduled = 0;
}

- LASSERT(list_empty(&wi->wi_list));
-
spin_unlock(&sched->ws_lock);
return rc;
}
--
1.7.9.5