Re: [syzbot] Re: [syzbot] [jfs?] possible deadlock in diFree (2)

From: syzbot
Date: Thu Dec 19 2024 - 03:52:58 EST

Next message: Peter Zijlstra: "Re: [PATCH v6 10/16] mm: replace vm_lock and detached flag with a reference count"
Previous message: Florian Schmaus: "[PATCH] bcachefs: Fix rate description, it is per second, not nanosecond"
In reply to: syzbot: "Re: [syzbot] Re: [syzbot] [jfs?] possible deadlock in diFree (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For archival purposes, forwarding an incoming command email to
linux-kernel@xxxxxxxxxxxxxxx.

***

Subject: Re: [syzbot] [jfs?] possible deadlock in diFree (2)
Author: lizhi.xu@xxxxxxxxxxxxx

In following calltrace, diAlloc and diFree need to hold same ag lock,
so before calling duplicateIXtree(), we maybe unlock it, and relock it after.

diAlloc()->
diAllocAG()->
diAllocExt()->
diNewIAG()->
duplicateIXtree()->
diFreeSpecial()->
evict()->
jfs_evict_inode()->
diFree()

#syz test

diff --git a/fs/jfs/jfs_imap.c b/fs/jfs/jfs_imap.c
index a360b24ed320..9f105c748447 100644
--- a/fs/jfs/jfs_imap.c
+++ b/fs/jfs/jfs_imap.c
@@ -2594,7 +2594,13 @@ diNewIAG(struct inomap * imap, int *iagnop, int agno, struct metapage ** mpp)
txEnd(tid);
mutex_unlock(&JFS_IP(ipimap)->commit_mutex);

+ IWRITE_UNLOCK(ipimap);
+ IAGFREE_UNLOCK(imap);
+ AG_UNLOCK(imap, agno);
duplicateIXtree(sb, blkno, xlen, &xaddr);
+ AG_LOCK(imap, agno);
+ IAGFREE_LOCK(imap);
+ IWRITE_LOCK(ipimap, RDWRLOCK_IMAP);

/* update the next available iag number */
imap->im_nextiag += 1;

Next message: Peter Zijlstra: "Re: [PATCH v6 10/16] mm: replace vm_lock and detached flag with a reference count"
Previous message: Florian Schmaus: "[PATCH] bcachefs: Fix rate description, it is per second, not nanosecond"
In reply to: syzbot: "Re: [syzbot] Re: [syzbot] [jfs?] possible deadlock in diFree (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]