xfs: protect xfs_sync_worker with s_umount semaphore
xfs_sync_worker checks the MS_ACTIVE flag in s_flags to avoid doing
work during mount and unmount. This flag can be cleared by unmount
after the xfs_sync_worker checks it but before the work is completed.
The has caused crashes in the completion handler for the dummy
transaction commited by xfs_sync_worker:
PID: 27544 TASK:
ffff88013544e040 CPU: 3 COMMAND: "kworker/3:0"
#0 [
ffff88016fdff930] machine_kexec at
ffffffff810244e9
#1 [
ffff88016fdff9a0] crash_kexec at
ffffffff8108d053
#2 [
ffff88016fdffa70] oops_end at
ffffffff813ad1b8
#3 [
ffff88016fdffaa0] no_context at
ffffffff8102bd48
#4 [
ffff88016fdffaf0] __bad_area_nosemaphore at
ffffffff8102c04d
#5 [
ffff88016fdffb40] bad_area_nosemaphore at
ffffffff8102c12e
#6 [
ffff88016fdffb50] do_page_fault at
ffffffff813afaee
#7 [
ffff88016fdffc60] page_fault at
ffffffff813ac635
[exception RIP: xlog_get_lowest_lsn+0x30]
RIP:
ffffffffa04a9910 RSP:
ffff88016fdffd10 RFLAGS:
00010246
RAX:
ffffc90014e48000 RBX:
ffff88014d879980 RCX:
ffff88014d879980
RDX:
ffff8802214ee4c0 RSI:
0000000000000000 RDI:
0000000000000000
RBP:
ffff88016fdffd10 R8:
ffff88014d879a80 R9:
0000000000000000
R10:
0000000000000001 R11:
0000000000000000 R12:
ffff8802214ee400
R13:
ffff88014d879980 R14:
0000000000000000 R15:
ffff88022fd96605
ORIG_RAX:
ffffffffffffffff CS: 0010 SS: 0018
#8 [
ffff88016fdffd18] xlog_state_do_callback at
ffffffffa04aa186 [xfs]
#9 [
ffff88016fdffd98] xlog_state_done_syncing at
ffffffffa04aa568 [xfs]
Protect xfs_sync_worker by using the s_umount semaphore at the read
level to provide exclusion with unmount while work is progressing.
Reviewed-by: Mark Tinguely <tinguely@sgi.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit