From: Frederic Weisbecker Date: Wed, 30 Dec 2009 06:12:03 +0000 (+0100) Subject: reiserfs: Fix unwanted recursive reiserfs lock in reiserfs_unlink() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c674905ca74ad0ae5b048afb1ef68663a0d7e987;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git reiserfs: Fix unwanted recursive reiserfs lock in reiserfs_unlink() reiserfs_unlink() may or may not be called under the reiserfs lock. But it also takes the reiserfs lock and can then acquire it recursively which leads to do_journal_begin_r() that fails to relax the reiserfs lock before grabbing the journal mutex, creating an unexpected lock inversion. We need to ensure reiserfs_unlink() won't get the reiserfs lock recursively using reiserfs_write_lock_once(). This fixes the following warning that precedes a lock inversion report (reiserfs lock <-> journal mutex). ------------[ cut here ]------------ WARNING: at fs/reiserfs/lock.c:95 reiserfs_lock_check_recursive+0x3a/0x50() Hardware name: MS-7418 Unwanted recursive reiserfs lock! Pid: 3208, comm: dbench Not tainted 2.6.32-atom #177 Call Trace: [] ? reiserfs_lock_check_recursive+0x3a/0x50 [] ? reiserfs_lock_check_recursive+0x3a/0x50 [] warn_slowpath_common+0x67/0xc0 [] ? reiserfs_lock_check_recursive+0x3a/0x50 [] warn_slowpath_fmt+0x26/0x30 [] reiserfs_lock_check_recursive+0x3a/0x50 [] do_journal_begin_r+0x83/0x360 [] ? __lock_acquire+0x1296/0x19e0 [] ? xattr_unlink+0x57/0xb0 [] journal_begin+0x80/0x130 [] reiserfs_unlink+0x7d/0x2d0 [] ? xattr_unlink+0x57/0xb0 [] ? xattr_unlink+0x57/0xb0 [] ? xattr_unlink+0x57/0xb0 [] xattr_unlink+0x64/0xb0 [] delete_one_xattr+0x29/0x100 [] reiserfs_for_each_xattr+0x10b/0x290 [] ? delete_one_xattr+0x0/0x100 [] ? mutex_lock_nested+0x299/0x340 [] reiserfs_delete_xattrs+0x1a/0x60 [] ? reiserfs_write_lock_once+0x29/0x50 [] reiserfs_delete_inode+0x9f/0x150 [] ? _atomic_dec_and_lock+0x4f/0x70 [] ? reiserfs_delete_inode+0x0/0x150 [] generic_delete_inode+0xa2/0x170 [] generic_drop_inode+0x4f/0x70 [] iput+0x47/0x50 [] do_unlinkat+0xd5/0x160 [] ? up_read+0x16/0x30 [] ? do_page_fault+0x187/0x330 [] ? restore_all_notrace+0x0/0x18 [] ? do_page_fault+0x0/0x330 [] ? trace_hardirqs_on_caller+0x124/0x170 [] sys_unlink+0x10/0x20 [] sysenter_do_call+0x12/0x32 ---[ end trace 2e35d71a6cc69d0c ]--- Signed-off-by: Frederic Weisbecker Tested-by: Christian Kujau Cc: Alexander Beregalov Cc: Chris Mason Cc: Ingo Molnar --- diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index e296ff72a6cc..9d4dcf0b07cb 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c @@ -921,6 +921,7 @@ static int reiserfs_unlink(struct inode *dir, struct dentry *dentry) struct reiserfs_transaction_handle th; int jbegin_count; unsigned long savelink; + int depth; inode = dentry->d_inode; @@ -932,7 +933,7 @@ static int reiserfs_unlink(struct inode *dir, struct dentry *dentry) JOURNAL_PER_BALANCE_CNT * 2 + 2 + 4 * REISERFS_QUOTA_TRANS_BLOCKS(dir->i_sb); - reiserfs_write_lock(dir->i_sb); + depth = reiserfs_write_lock_once(dir->i_sb); retval = journal_begin(&th, dir->i_sb, jbegin_count); if (retval) goto out_unlink; @@ -993,7 +994,7 @@ static int reiserfs_unlink(struct inode *dir, struct dentry *dentry) retval = journal_end(&th, dir->i_sb, jbegin_count); reiserfs_check_path(&path); - reiserfs_write_unlock(dir->i_sb); + reiserfs_write_unlock_once(dir->i_sb, depth); return retval; end_unlink: @@ -1003,7 +1004,7 @@ static int reiserfs_unlink(struct inode *dir, struct dentry *dentry) if (err) retval = err; out_unlink: - reiserfs_write_unlock(dir->i_sb); + reiserfs_write_unlock_once(dir->i_sb, depth); return retval; }