fs/f2fs/checkpoint.c | 17 ++++++++----- fs/f2fs/f2fs.h | 3 ++- fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++--------- 3 files changed, 60 insertions(+), 19 deletions(-)
F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
------------[ cut here ]------------
WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308
pc : dquot_writeback_dquots+0x2fc/0x308
lr : f2fs_quota_sync+0xcc/0x1c4
Call trace:
dquot_writeback_dquots+0x2fc/0x308
f2fs_quota_sync+0xcc/0x1c4
f2fs_write_checkpoint+0x3d4/0x9b0
f2fs_issue_checkpoint+0x1bc/0x2c0
f2fs_sync_fs+0x54/0x150
f2fs_do_sync_file+0x2f8/0x814
__f2fs_ioctl+0x1960/0x3244
f2fs_ioctl+0x54/0xe0
__arm64_sys_ioctl+0xa8/0xe4
invoke_syscall+0x58/0x114
checkpoint and f2fs_remount may race as below, resulting triggering warning
in dquot_writeback_dquots().
atomic write remount
- do_remount
- down_write(&sb->s_umount);
- f2fs_remount
- ioctl
- f2fs_do_sync_file
- f2fs_sync_fs
- f2fs_write_checkpoint
- block_operations
- locked = down_read_trylock(&sbi->sb->s_umount)
: fail to lock due to the write lock was held by remount
- up_write(&sb->s_umount);
- f2fs_quota_sync
- dquot_writeback_dquots
- WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount))
: trigger warning because s_umount lock was unlocked by remount
If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of
checkpoint has already held s_umount lock, calling dquot_writeback_dquots()
in the context should be safe.
So let's record task to sbi->umount_lock_holder, so that checkpoint can
know whether the lock has held in the context or not by checking current
w/ it.
In addition, in order to misrepresent caller of checkpoint, we should not
allow to trigger async checkpoint for those callers: mount/umount/remount/
freeze/quotactl.
Fixes: af033b2aa8a8 ("f2fs: guarantee journalled quota data by checkpoint")
Signed-off-by: Chao Yu <chao@kernel.org>
---
fs/f2fs/checkpoint.c | 17 ++++++++-----
fs/f2fs/f2fs.h | 3 ++-
fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++---------
3 files changed, 60 insertions(+), 19 deletions(-)
diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
index efda9a022981..baff639ac0c4 100644
--- a/fs/f2fs/checkpoint.c
+++ b/fs/f2fs/checkpoint.c
@@ -1237,7 +1237,8 @@ static int block_operations(struct f2fs_sb_info *sbi)
retry_flush_quotas:
f2fs_lock_all(sbi);
if (__need_flush_quota(sbi)) {
- int locked;
+ bool need_lock = sbi->umount_lock_holder != current;
+ bool locked = false;
if (++cnt > DEFAULT_RETRY_QUOTA_FLUSH_COUNT) {
set_sbi_flag(sbi, SBI_QUOTA_SKIP_FLUSH);
@@ -1246,10 +1247,13 @@ static int block_operations(struct f2fs_sb_info *sbi)
}
f2fs_unlock_all(sbi);
- /* only failed during mount/umount/freeze/quotactl */
- locked = down_read_trylock(&sbi->sb->s_umount);
- f2fs_quota_sync(sbi->sb, -1);
- if (locked)
+ /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
+ if (need_lock && !down_read_trylock(&sbi->sb->s_umount)) {
+ cond_resched();
+ goto retry_flush_quotas;
+ }
+ f2fs_do_quota_sync(sbi->sb, -1);
+ if (need_lock)
up_read(&sbi->sb->s_umount);
cond_resched();
goto retry_flush_quotas;
@@ -1867,7 +1871,8 @@ int f2fs_issue_checkpoint(struct f2fs_sb_info *sbi)
struct cp_control cpc;
cpc.reason = __get_cp_reason(sbi);
- if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC) {
+ if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC ||
+ sbi->umount_lock_holder == current) {
int ret;
f2fs_down_write(&sbi->gc_lock);
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 62b7fed1514a..7174dea641e9 100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -1670,6 +1670,7 @@ struct f2fs_sb_info {
unsigned int nquota_files; /* # of quota sysfile */
struct f2fs_rwsem quota_sem; /* blocking cp for flags */
+ struct task_struct *umount_lock_holder; /* s_umount lock holder */
/* # of pages, see count_type */
atomic_t nr_pages[NR_COUNT_TYPE];
@@ -3652,7 +3653,7 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync);
void f2fs_inode_synced(struct inode *inode);
int f2fs_dquot_initialize(struct inode *inode);
int f2fs_enable_quota_files(struct f2fs_sb_info *sbi, bool rdonly);
-int f2fs_quota_sync(struct super_block *sb, int type);
+int f2fs_do_quota_sync(struct super_block *sb, int type);
loff_t max_file_blocks(struct inode *inode);
void f2fs_quota_off_umount(struct super_block *sb);
void f2fs_save_errors(struct f2fs_sb_info *sbi, unsigned char flag);
diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index ef639a6d82e5..cb9d7b6fa3ad 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -1740,22 +1740,28 @@ int f2fs_sync_fs(struct super_block *sb, int sync)
static int f2fs_freeze(struct super_block *sb)
{
+ struct f2fs_sb_info *sbi = F2FS_SB(sb);
+
if (f2fs_readonly(sb))
return 0;
/* IO error happened before */
- if (unlikely(f2fs_cp_error(F2FS_SB(sb))))
+ if (unlikely(f2fs_cp_error(sbi)))
return -EIO;
/* must be clean, since sync_filesystem() was already called */
- if (is_sbi_flag_set(F2FS_SB(sb), SBI_IS_DIRTY))
+ if (is_sbi_flag_set(sbi, SBI_IS_DIRTY))
return -EINVAL;
+ sbi->umount_lock_holder = current;
+
/* Let's flush checkpoints and stop the thread. */
- f2fs_flush_ckpt_thread(F2FS_SB(sb));
+ f2fs_flush_ckpt_thread(sbi);
+
+ sbi->umount_lock_holder = NULL;
/* to avoid deadlock on f2fs_evict_inode->SB_FREEZE_FS */
- set_sbi_flag(F2FS_SB(sb), SBI_IS_FREEZING);
+ set_sbi_flag(sbi, SBI_IS_FREEZING);
return 0;
}
@@ -2332,6 +2338,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
org_mount_opt = sbi->mount_opt;
old_sb_flags = sb->s_flags;
+ sbi->umount_lock_holder = current;
+
#ifdef CONFIG_QUOTA
org_mount_opt.s_jquota_fmt = F2FS_OPTION(sbi).s_jquota_fmt;
for (i = 0; i < MAXQUOTAS; i++) {
@@ -2555,6 +2563,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
limit_reserve_root(sbi);
*flags = (*flags & ~SB_LAZYTIME) | (sb->s_flags & SB_LAZYTIME);
+
+ sbi->umount_lock_holder = NULL;
return 0;
restore_checkpoint:
if (need_enable_checkpoint) {
@@ -2595,6 +2605,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
#endif
sbi->mount_opt = org_mount_opt;
sb->s_flags = old_sb_flags;
+
+ sbi->umount_lock_holder = NULL;
return err;
}
@@ -2911,7 +2923,7 @@ static int f2fs_quota_sync_file(struct f2fs_sb_info *sbi, int type)
return ret;
}
-int f2fs_quota_sync(struct super_block *sb, int type)
+int f2fs_do_quota_sync(struct super_block *sb, int type)
{
struct f2fs_sb_info *sbi = F2FS_SB(sb);
struct quota_info *dqopt = sb_dqopt(sb);
@@ -2959,6 +2971,16 @@ int f2fs_quota_sync(struct super_block *sb, int type)
return ret;
}
+static int f2fs_quota_sync(struct super_block *sb, int type)
+{
+ int ret;
+
+ F2FS_SB(sb)->umount_lock_holder = current;
+ ret = f2fs_do_quota_sync(sb, type);
+ F2FS_SB(sb)->umount_lock_holder = NULL;
+ return ret;
+}
+
static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
const struct path *path)
{
@@ -2974,30 +2996,33 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
if (path->dentry->d_sb != sb)
return -EXDEV;
- err = f2fs_quota_sync(sb, type);
+ F2FS_SB(sb)->umount_lock_holder = current;
+
+ err = f2fs_do_quota_sync(sb, type);
if (err)
- return err;
+ goto out;
inode = d_inode(path->dentry);
err = filemap_fdatawrite(inode->i_mapping);
if (err)
- return err;
+ goto out;
err = filemap_fdatawait(inode->i_mapping);
if (err)
- return err;
+ goto out;
err = dquot_quota_on(sb, type, format_id, path);
if (err)
- return err;
+ goto out;
inode_lock(inode);
F2FS_I(inode)->i_flags |= F2FS_QUOTA_DEFAULT_FL;
f2fs_set_inode_flags(inode);
inode_unlock(inode);
f2fs_mark_inode_dirty_sync(inode, false);
-
+out:
+ F2FS_SB(sb)->umount_lock_holder = NULL;
return 0;
}
@@ -3009,7 +3034,7 @@ static int __f2fs_quota_off(struct super_block *sb, int type)
if (!inode || !igrab(inode))
return dquot_quota_off(sb, type);
- err = f2fs_quota_sync(sb, type);
+ err = f2fs_do_quota_sync(sb, type);
if (err)
goto out_put;
@@ -3032,6 +3057,8 @@ static int f2fs_quota_off(struct super_block *sb, int type)
struct f2fs_sb_info *sbi = F2FS_SB(sb);
int err;
+ F2FS_SB(sb)->umount_lock_holder = current;
+
err = __f2fs_quota_off(sb, type);
/*
@@ -3041,6 +3068,9 @@ static int f2fs_quota_off(struct super_block *sb, int type)
*/
if (is_journalled_quota(sbi))
set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
+
+ F2FS_SB(sb)->umount_lock_holder = NULL;
+
return err;
}
@@ -4715,6 +4745,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
if (err)
goto free_compress_inode;
+ sbi->umount_lock_holder = current;
#ifdef CONFIG_QUOTA
/* Enable quota usage during mount */
if (f2fs_sb_has_quota_ino(sbi) && !f2fs_readonly(sb)) {
@@ -4841,6 +4872,8 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
f2fs_update_time(sbi, CP_TIME);
f2fs_update_time(sbi, REQ_TIME);
clear_sbi_flag(sbi, SBI_CP_DISABLED_QUICK);
+
+ sbi->umount_lock_holder = NULL;
return 0;
sync_free_meta:
@@ -4945,6 +4978,8 @@ static void kill_f2fs_super(struct super_block *sb)
struct f2fs_sb_info *sbi = F2FS_SB(sb);
if (sb->s_root) {
+ sbi->umount_lock_holder = current;
+
set_sbi_flag(sbi, SBI_IS_CLOSE);
f2fs_stop_gc_thread(sbi);
f2fs_stop_discard_thread(sbi);
--
2.48.1.502.g6dc24dfdaf-googChao Yu via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
于2025年2月6日周四 14:50写道:
>
> F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
>
> ------------[ cut here ]------------
> WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308
> pc : dquot_writeback_dquots+0x2fc/0x308
> lr : f2fs_quota_sync+0xcc/0x1c4
> Call trace:
> dquot_writeback_dquots+0x2fc/0x308
> f2fs_quota_sync+0xcc/0x1c4
> f2fs_write_checkpoint+0x3d4/0x9b0
> f2fs_issue_checkpoint+0x1bc/0x2c0
> f2fs_sync_fs+0x54/0x150
> f2fs_do_sync_file+0x2f8/0x814
> __f2fs_ioctl+0x1960/0x3244
> f2fs_ioctl+0x54/0xe0
> __arm64_sys_ioctl+0xa8/0xe4
> invoke_syscall+0x58/0x114
>
> checkpoint and f2fs_remount may race as below, resulting triggering warning
> in dquot_writeback_dquots().
>
> atomic write remount
> - do_remount
> - down_write(&sb->s_umount);
> - f2fs_remount
> - ioctl
> - f2fs_do_sync_file
> - f2fs_sync_fs
> - f2fs_write_checkpoint
> - block_operations
> - locked = down_read_trylock(&sbi->sb->s_umount)
> : fail to lock due to the write lock was held by remount
> - up_write(&sb->s_umount);
> - f2fs_quota_sync
> - dquot_writeback_dquots
> - WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount))
> : trigger warning because s_umount lock was unlocked by remount
>
> If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of
> checkpoint has already held s_umount lock, calling dquot_writeback_dquots()
> in the context should be safe.
>
> So let's record task to sbi->umount_lock_holder, so that checkpoint can
> know whether the lock has held in the context or not by checking current
> w/ it.
>
> In addition, in order to misrepresent caller of checkpoint, we should not
> allow to trigger async checkpoint for those callers: mount/umount/remount/
> freeze/quotactl.
>
> Fixes: af033b2aa8a8 ("f2fs: guarantee journalled quota data by checkpoint")
> Signed-off-by: Chao Yu <chao@kernel.org>
> ---
> fs/f2fs/checkpoint.c | 17 ++++++++-----
> fs/f2fs/f2fs.h | 3 ++-
> fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++---------
> 3 files changed, 60 insertions(+), 19 deletions(-)
>
> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
> index efda9a022981..baff639ac0c4 100644
> --- a/fs/f2fs/checkpoint.c
> +++ b/fs/f2fs/checkpoint.c
> @@ -1237,7 +1237,8 @@ static int block_operations(struct f2fs_sb_info *sbi)
> retry_flush_quotas:
> f2fs_lock_all(sbi);
> if (__need_flush_quota(sbi)) {
> - int locked;
> + bool need_lock = sbi->umount_lock_holder != current;
> + bool locked = false;
>
> if (++cnt > DEFAULT_RETRY_QUOTA_FLUSH_COUNT) {
> set_sbi_flag(sbi, SBI_QUOTA_SKIP_FLUSH);
> @@ -1246,10 +1247,13 @@ static int block_operations(struct f2fs_sb_info *sbi)
> }
> f2fs_unlock_all(sbi);
>
> - /* only failed during mount/umount/freeze/quotactl */
> - locked = down_read_trylock(&sbi->sb->s_umount);
> - f2fs_quota_sync(sbi->sb, -1);
> - if (locked)
> + /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
> + if (need_lock && !down_read_trylock(&sbi->sb->s_umount)) {
> + cond_resched();
> + goto retry_flush_quotas;
> + }
> + f2fs_do_quota_sync(sbi->sb, -1);
> + if (need_lock)
> up_read(&sbi->sb->s_umount);
> cond_resched();
> goto retry_flush_quotas;
> @@ -1867,7 +1871,8 @@ int f2fs_issue_checkpoint(struct f2fs_sb_info *sbi)
> struct cp_control cpc;
>
> cpc.reason = __get_cp_reason(sbi);
> - if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC) {
> + if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC ||
> + sbi->umount_lock_holder == current) {
> int ret;
>
> f2fs_down_write(&sbi->gc_lock);
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index 62b7fed1514a..7174dea641e9 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -1670,6 +1670,7 @@ struct f2fs_sb_info {
>
> unsigned int nquota_files; /* # of quota sysfile */
> struct f2fs_rwsem quota_sem; /* blocking cp for flags */
> + struct task_struct *umount_lock_holder; /* s_umount lock holder */
>
> /* # of pages, see count_type */
> atomic_t nr_pages[NR_COUNT_TYPE];
> @@ -3652,7 +3653,7 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync);
> void f2fs_inode_synced(struct inode *inode);
> int f2fs_dquot_initialize(struct inode *inode);
> int f2fs_enable_quota_files(struct f2fs_sb_info *sbi, bool rdonly);
> -int f2fs_quota_sync(struct super_block *sb, int type);
> +int f2fs_do_quota_sync(struct super_block *sb, int type);
> loff_t max_file_blocks(struct inode *inode);
> void f2fs_quota_off_umount(struct super_block *sb);
> void f2fs_save_errors(struct f2fs_sb_info *sbi, unsigned char flag);
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index ef639a6d82e5..cb9d7b6fa3ad 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -1740,22 +1740,28 @@ int f2fs_sync_fs(struct super_block *sb, int sync)
>
> static int f2fs_freeze(struct super_block *sb)
> {
> + struct f2fs_sb_info *sbi = F2FS_SB(sb);
> +
> if (f2fs_readonly(sb))
> return 0;
>
> /* IO error happened before */
> - if (unlikely(f2fs_cp_error(F2FS_SB(sb))))
> + if (unlikely(f2fs_cp_error(sbi)))
> return -EIO;
>
> /* must be clean, since sync_filesystem() was already called */
> - if (is_sbi_flag_set(F2FS_SB(sb), SBI_IS_DIRTY))
> + if (is_sbi_flag_set(sbi, SBI_IS_DIRTY))
> return -EINVAL;
>
> + sbi->umount_lock_holder = current;
> +
> /* Let's flush checkpoints and stop the thread. */
> - f2fs_flush_ckpt_thread(F2FS_SB(sb));
> + f2fs_flush_ckpt_thread(sbi);
> +
> + sbi->umount_lock_holder = NULL;
>
> /* to avoid deadlock on f2fs_evict_inode->SB_FREEZE_FS */
> - set_sbi_flag(F2FS_SB(sb), SBI_IS_FREEZING);
> + set_sbi_flag(sbi, SBI_IS_FREEZING);
> return 0;
> }
>
> @@ -2332,6 +2338,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
> org_mount_opt = sbi->mount_opt;
> old_sb_flags = sb->s_flags;
>
> + sbi->umount_lock_holder = current;
> +
> #ifdef CONFIG_QUOTA
> org_mount_opt.s_jquota_fmt = F2FS_OPTION(sbi).s_jquota_fmt;
> for (i = 0; i < MAXQUOTAS; i++) {
> @@ -2555,6 +2563,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>
> limit_reserve_root(sbi);
> *flags = (*flags & ~SB_LAZYTIME) | (sb->s_flags & SB_LAZYTIME);
> +
> + sbi->umount_lock_holder = NULL;
> return 0;
> restore_checkpoint:
> if (need_enable_checkpoint) {
> @@ -2595,6 +2605,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
> #endif
> sbi->mount_opt = org_mount_opt;
> sb->s_flags = old_sb_flags;
> +
> + sbi->umount_lock_holder = NULL;
> return err;
> }
>
> @@ -2911,7 +2923,7 @@ static int f2fs_quota_sync_file(struct f2fs_sb_info *sbi, int type)
> return ret;
> }
>
> -int f2fs_quota_sync(struct super_block *sb, int type)
> +int f2fs_do_quota_sync(struct super_block *sb, int type)
> {
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
> struct quota_info *dqopt = sb_dqopt(sb);
> @@ -2959,6 +2971,16 @@ int f2fs_quota_sync(struct super_block *sb, int type)
> return ret;
> }
>
> +static int f2fs_quota_sync(struct super_block *sb, int type)
> +{
> + int ret;
> +
> + F2FS_SB(sb)->umount_lock_holder = current;
> + ret = f2fs_do_quota_sync(sb, type);
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> + return ret;
> +}
> +
> static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
> const struct path *path)
> {
> @@ -2974,30 +2996,33 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
> if (path->dentry->d_sb != sb)
> return -EXDEV;
>
> - err = f2fs_quota_sync(sb, type);
> + F2FS_SB(sb)->umount_lock_holder = current;
> +
> + err = f2fs_do_quota_sync(sb, type);
> if (err)
> - return err;
> + goto out;
>
> inode = d_inode(path->dentry);
>
> err = filemap_fdatawrite(inode->i_mapping);
> if (err)
> - return err;
> + goto out;
>
> err = filemap_fdatawait(inode->i_mapping);
> if (err)
> - return err;
> + goto out;
>
> err = dquot_quota_on(sb, type, format_id, path);
> if (err)
> - return err;
> + goto out;
>
> inode_lock(inode);
> F2FS_I(inode)->i_flags |= F2FS_QUOTA_DEFAULT_FL;
> f2fs_set_inode_flags(inode);
> inode_unlock(inode);
> f2fs_mark_inode_dirty_sync(inode, false);
> -
> +out:
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> return 0;
Hi Chao,
Here should return err? and init err=0 in the beginning?
thanks!
> }
>
> @@ -3009,7 +3034,7 @@ static int __f2fs_quota_off(struct super_block *sb, int type)
> if (!inode || !igrab(inode))
> return dquot_quota_off(sb, type);
>
> - err = f2fs_quota_sync(sb, type);
> + err = f2fs_do_quota_sync(sb, type);
> if (err)
> goto out_put;
>
> @@ -3032,6 +3057,8 @@ static int f2fs_quota_off(struct super_block *sb, int type)
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
> int err;
>
> + F2FS_SB(sb)->umount_lock_holder = current;
> +
> err = __f2fs_quota_off(sb, type);
>
> /*
> @@ -3041,6 +3068,9 @@ static int f2fs_quota_off(struct super_block *sb, int type)
> */
> if (is_journalled_quota(sbi))
> set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
> +
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> +
> return err;
> }
>
> @@ -4715,6 +4745,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
> if (err)
> goto free_compress_inode;
>
> + sbi->umount_lock_holder = current;
> #ifdef CONFIG_QUOTA
> /* Enable quota usage during mount */
> if (f2fs_sb_has_quota_ino(sbi) && !f2fs_readonly(sb)) {
> @@ -4841,6 +4872,8 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
> f2fs_update_time(sbi, CP_TIME);
> f2fs_update_time(sbi, REQ_TIME);
> clear_sbi_flag(sbi, SBI_CP_DISABLED_QUICK);
> +
> + sbi->umount_lock_holder = NULL;
> return 0;
>
> sync_free_meta:
> @@ -4945,6 +4978,8 @@ static void kill_f2fs_super(struct super_block *sb)
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>
> if (sb->s_root) {
> + sbi->umount_lock_holder = current;
> +
> set_sbi_flag(sbi, SBI_IS_CLOSE);
> f2fs_stop_gc_thread(sbi);
> f2fs_stop_discard_thread(sbi);
> --
> 2.48.1.502.g6dc24dfdaf-goog
>
>
>
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
On 2/7/25 09:30, Zhiguo Niu wrote:
> Chao Yu via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
> 于2025年2月6日周四 14:50写道:
>>
>> F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
>>
>> ------------[ cut here ]------------
>> WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308
>> pc : dquot_writeback_dquots+0x2fc/0x308
>> lr : f2fs_quota_sync+0xcc/0x1c4
>> Call trace:
>> dquot_writeback_dquots+0x2fc/0x308
>> f2fs_quota_sync+0xcc/0x1c4
>> f2fs_write_checkpoint+0x3d4/0x9b0
>> f2fs_issue_checkpoint+0x1bc/0x2c0
>> f2fs_sync_fs+0x54/0x150
>> f2fs_do_sync_file+0x2f8/0x814
>> __f2fs_ioctl+0x1960/0x3244
>> f2fs_ioctl+0x54/0xe0
>> __arm64_sys_ioctl+0xa8/0xe4
>> invoke_syscall+0x58/0x114
>>
>> checkpoint and f2fs_remount may race as below, resulting triggering warning
>> in dquot_writeback_dquots().
>>
>> atomic write remount
>> - do_remount
>> - down_write(&sb->s_umount);
>> - f2fs_remount
>> - ioctl
>> - f2fs_do_sync_file
>> - f2fs_sync_fs
>> - f2fs_write_checkpoint
>> - block_operations
>> - locked = down_read_trylock(&sbi->sb->s_umount)
>> : fail to lock due to the write lock was held by remount
>> - up_write(&sb->s_umount);
>> - f2fs_quota_sync
>> - dquot_writeback_dquots
>> - WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount))
>> : trigger warning because s_umount lock was unlocked by remount
>>
>> If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of
>> checkpoint has already held s_umount lock, calling dquot_writeback_dquots()
>> in the context should be safe.
>>
>> So let's record task to sbi->umount_lock_holder, so that checkpoint can
>> know whether the lock has held in the context or not by checking current
>> w/ it.
>>
>> In addition, in order to misrepresent caller of checkpoint, we should not
>> allow to trigger async checkpoint for those callers: mount/umount/remount/
>> freeze/quotactl.
>>
>> Fixes: af033b2aa8a8 ("f2fs: guarantee journalled quota data by checkpoint")
>> Signed-off-by: Chao Yu <chao@kernel.org>
>> ---
>> fs/f2fs/checkpoint.c | 17 ++++++++-----
>> fs/f2fs/f2fs.h | 3 ++-
>> fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++---------
>> 3 files changed, 60 insertions(+), 19 deletions(-)
>>
>> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
>> index efda9a022981..baff639ac0c4 100644
>> --- a/fs/f2fs/checkpoint.c
>> +++ b/fs/f2fs/checkpoint.c
>> @@ -1237,7 +1237,8 @@ static int block_operations(struct f2fs_sb_info *sbi)
>> retry_flush_quotas:
>> f2fs_lock_all(sbi);
>> if (__need_flush_quota(sbi)) {
>> - int locked;
>> + bool need_lock = sbi->umount_lock_holder != current;
>> + bool locked = false;
>>
>> if (++cnt > DEFAULT_RETRY_QUOTA_FLUSH_COUNT) {
>> set_sbi_flag(sbi, SBI_QUOTA_SKIP_FLUSH);
>> @@ -1246,10 +1247,13 @@ static int block_operations(struct f2fs_sb_info *sbi)
>> }
>> f2fs_unlock_all(sbi);
>>
>> - /* only failed during mount/umount/freeze/quotactl */
>> - locked = down_read_trylock(&sbi->sb->s_umount);
>> - f2fs_quota_sync(sbi->sb, -1);
>> - if (locked)
>> + /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
>> + if (need_lock && !down_read_trylock(&sbi->sb->s_umount)) {
>> + cond_resched();
>> + goto retry_flush_quotas;
>> + }
>> + f2fs_do_quota_sync(sbi->sb, -1);
>> + if (need_lock)
>> up_read(&sbi->sb->s_umount);
>> cond_resched();
>> goto retry_flush_quotas;
>> @@ -1867,7 +1871,8 @@ int f2fs_issue_checkpoint(struct f2fs_sb_info *sbi)
>> struct cp_control cpc;
>>
>> cpc.reason = __get_cp_reason(sbi);
>> - if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC) {
>> + if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC ||
>> + sbi->umount_lock_holder == current) {
>> int ret;
>>
>> f2fs_down_write(&sbi->gc_lock);
>> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
>> index 62b7fed1514a..7174dea641e9 100644
>> --- a/fs/f2fs/f2fs.h
>> +++ b/fs/f2fs/f2fs.h
>> @@ -1670,6 +1670,7 @@ struct f2fs_sb_info {
>>
>> unsigned int nquota_files; /* # of quota sysfile */
>> struct f2fs_rwsem quota_sem; /* blocking cp for flags */
>> + struct task_struct *umount_lock_holder; /* s_umount lock holder */
>>
>> /* # of pages, see count_type */
>> atomic_t nr_pages[NR_COUNT_TYPE];
>> @@ -3652,7 +3653,7 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync);
>> void f2fs_inode_synced(struct inode *inode);
>> int f2fs_dquot_initialize(struct inode *inode);
>> int f2fs_enable_quota_files(struct f2fs_sb_info *sbi, bool rdonly);
>> -int f2fs_quota_sync(struct super_block *sb, int type);
>> +int f2fs_do_quota_sync(struct super_block *sb, int type);
>> loff_t max_file_blocks(struct inode *inode);
>> void f2fs_quota_off_umount(struct super_block *sb);
>> void f2fs_save_errors(struct f2fs_sb_info *sbi, unsigned char flag);
>> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
>> index ef639a6d82e5..cb9d7b6fa3ad 100644
>> --- a/fs/f2fs/super.c
>> +++ b/fs/f2fs/super.c
>> @@ -1740,22 +1740,28 @@ int f2fs_sync_fs(struct super_block *sb, int sync)
>>
>> static int f2fs_freeze(struct super_block *sb)
>> {
>> + struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> +
>> if (f2fs_readonly(sb))
>> return 0;
>>
>> /* IO error happened before */
>> - if (unlikely(f2fs_cp_error(F2FS_SB(sb))))
>> + if (unlikely(f2fs_cp_error(sbi)))
>> return -EIO;
>>
>> /* must be clean, since sync_filesystem() was already called */
>> - if (is_sbi_flag_set(F2FS_SB(sb), SBI_IS_DIRTY))
>> + if (is_sbi_flag_set(sbi, SBI_IS_DIRTY))
>> return -EINVAL;
>>
>> + sbi->umount_lock_holder = current;
>> +
>> /* Let's flush checkpoints and stop the thread. */
>> - f2fs_flush_ckpt_thread(F2FS_SB(sb));
>> + f2fs_flush_ckpt_thread(sbi);
>> +
>> + sbi->umount_lock_holder = NULL;
>>
>> /* to avoid deadlock on f2fs_evict_inode->SB_FREEZE_FS */
>> - set_sbi_flag(F2FS_SB(sb), SBI_IS_FREEZING);
>> + set_sbi_flag(sbi, SBI_IS_FREEZING);
>> return 0;
>> }
>>
>> @@ -2332,6 +2338,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>> org_mount_opt = sbi->mount_opt;
>> old_sb_flags = sb->s_flags;
>>
>> + sbi->umount_lock_holder = current;
>> +
>> #ifdef CONFIG_QUOTA
>> org_mount_opt.s_jquota_fmt = F2FS_OPTION(sbi).s_jquota_fmt;
>> for (i = 0; i < MAXQUOTAS; i++) {
>> @@ -2555,6 +2563,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>>
>> limit_reserve_root(sbi);
>> *flags = (*flags & ~SB_LAZYTIME) | (sb->s_flags & SB_LAZYTIME);
>> +
>> + sbi->umount_lock_holder = NULL;
>> return 0;
>> restore_checkpoint:
>> if (need_enable_checkpoint) {
>> @@ -2595,6 +2605,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>> #endif
>> sbi->mount_opt = org_mount_opt;
>> sb->s_flags = old_sb_flags;
>> +
>> + sbi->umount_lock_holder = NULL;
>> return err;
>> }
>>
>> @@ -2911,7 +2923,7 @@ static int f2fs_quota_sync_file(struct f2fs_sb_info *sbi, int type)
>> return ret;
>> }
>>
>> -int f2fs_quota_sync(struct super_block *sb, int type)
>> +int f2fs_do_quota_sync(struct super_block *sb, int type)
>> {
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> struct quota_info *dqopt = sb_dqopt(sb);
>> @@ -2959,6 +2971,16 @@ int f2fs_quota_sync(struct super_block *sb, int type)
>> return ret;
>> }
>>
>> +static int f2fs_quota_sync(struct super_block *sb, int type)
>> +{
>> + int ret;
>> +
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> + ret = f2fs_do_quota_sync(sb, type);
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> + return ret;
>> +}
>> +
>> static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
>> const struct path *path)
>> {
>> @@ -2974,30 +2996,33 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
>> if (path->dentry->d_sb != sb)
>> return -EXDEV;
>>
>> - err = f2fs_quota_sync(sb, type);
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> +
>> + err = f2fs_do_quota_sync(sb, type);
>> if (err)
>> - return err;
>> + goto out;
>>
>> inode = d_inode(path->dentry);
>>
>> err = filemap_fdatawrite(inode->i_mapping);
>> if (err)
>> - return err;
>> + goto out;
>>
>> err = filemap_fdatawait(inode->i_mapping);
>> if (err)
>> - return err;
>> + goto out;
>>
>> err = dquot_quota_on(sb, type, format_id, path);
>> if (err)
>> - return err;
>> + goto out;
>>
>> inode_lock(inode);
>> F2FS_I(inode)->i_flags |= F2FS_QUOTA_DEFAULT_FL;
>> f2fs_set_inode_flags(inode);
>> inode_unlock(inode);
>> f2fs_mark_inode_dirty_sync(inode, false);
>> -
>> +out:
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> return 0;
> Hi Chao,
> Here should return err? and init err=0 in the beginning?
Zhiguo,
Oh, yes, let me fix this, thank you for the review.
Thanks,
> thanks!
>> }
>>
>> @@ -3009,7 +3034,7 @@ static int __f2fs_quota_off(struct super_block *sb, int type)
>> if (!inode || !igrab(inode))
>> return dquot_quota_off(sb, type);
>>
>> - err = f2fs_quota_sync(sb, type);
>> + err = f2fs_do_quota_sync(sb, type);
>> if (err)
>> goto out_put;
>>
>> @@ -3032,6 +3057,8 @@ static int f2fs_quota_off(struct super_block *sb, int type)
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> int err;
>>
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> +
>> err = __f2fs_quota_off(sb, type);
>>
>> /*
>> @@ -3041,6 +3068,9 @@ static int f2fs_quota_off(struct super_block *sb, int type)
>> */
>> if (is_journalled_quota(sbi))
>> set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
>> +
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> +
>> return err;
>> }
>>
>> @@ -4715,6 +4745,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>> if (err)
>> goto free_compress_inode;
>>
>> + sbi->umount_lock_holder = current;
>> #ifdef CONFIG_QUOTA
>> /* Enable quota usage during mount */
>> if (f2fs_sb_has_quota_ino(sbi) && !f2fs_readonly(sb)) {
>> @@ -4841,6 +4872,8 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>> f2fs_update_time(sbi, CP_TIME);
>> f2fs_update_time(sbi, REQ_TIME);
>> clear_sbi_flag(sbi, SBI_CP_DISABLED_QUICK);
>> +
>> + sbi->umount_lock_holder = NULL;
>> return 0;
>>
>> sync_free_meta:
>> @@ -4945,6 +4978,8 @@ static void kill_f2fs_super(struct super_block *sb)
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>>
>> if (sb->s_root) {
>> + sbi->umount_lock_holder = current;
>> +
>> set_sbi_flag(sbi, SBI_IS_CLOSE);
>> f2fs_stop_gc_thread(sbi);
>> f2fs_stop_discard_thread(sbi);
>> --
>> 2.48.1.502.g6dc24dfdaf-goog
>>
>>
>>
>> _______________________________________________
>> Linux-f2fs-devel mailing list
>> Linux-f2fs-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
On 02/06, Chao Yu wrote:
> F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
>
> ------------[ cut here ]------------
> WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308
> pc : dquot_writeback_dquots+0x2fc/0x308
> lr : f2fs_quota_sync+0xcc/0x1c4
> Call trace:
> dquot_writeback_dquots+0x2fc/0x308
> f2fs_quota_sync+0xcc/0x1c4
> f2fs_write_checkpoint+0x3d4/0x9b0
> f2fs_issue_checkpoint+0x1bc/0x2c0
> f2fs_sync_fs+0x54/0x150
> f2fs_do_sync_file+0x2f8/0x814
> __f2fs_ioctl+0x1960/0x3244
> f2fs_ioctl+0x54/0xe0
> __arm64_sys_ioctl+0xa8/0xe4
> invoke_syscall+0x58/0x114
>
> checkpoint and f2fs_remount may race as below, resulting triggering warning
> in dquot_writeback_dquots().
>
> atomic write remount
> - do_remount
> - down_write(&sb->s_umount);
> - f2fs_remount
> - ioctl
> - f2fs_do_sync_file
> - f2fs_sync_fs
> - f2fs_write_checkpoint
> - block_operations
> - locked = down_read_trylock(&sbi->sb->s_umount)
> : fail to lock due to the write lock was held by remount
> - up_write(&sb->s_umount);
> - f2fs_quota_sync
> - dquot_writeback_dquots
> - WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount))
> : trigger warning because s_umount lock was unlocked by remount
>
> If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of
> checkpoint has already held s_umount lock, calling dquot_writeback_dquots()
> in the context should be safe.
>
> So let's record task to sbi->umount_lock_holder, so that checkpoint can
> know whether the lock has held in the context or not by checking current
> w/ it.
>
> In addition, in order to misrepresent caller of checkpoint, we should not
> allow to trigger async checkpoint for those callers: mount/umount/remount/
> freeze/quotactl.
>
> Fixes: af033b2aa8a8 ("f2fs: guarantee journalled quota data by checkpoint")
> Signed-off-by: Chao Yu <chao@kernel.org>
> ---
> fs/f2fs/checkpoint.c | 17 ++++++++-----
> fs/f2fs/f2fs.h | 3 ++-
> fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++---------
> 3 files changed, 60 insertions(+), 19 deletions(-)
>
> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
> index efda9a022981..baff639ac0c4 100644
> --- a/fs/f2fs/checkpoint.c
> +++ b/fs/f2fs/checkpoint.c
> @@ -1237,7 +1237,8 @@ static int block_operations(struct f2fs_sb_info *sbi)
> retry_flush_quotas:
> f2fs_lock_all(sbi);
> if (__need_flush_quota(sbi)) {
> - int locked;
> + bool need_lock = sbi->umount_lock_holder != current;
> + bool locked = false;
I removed the above unnecessary locked.
>
> if (++cnt > DEFAULT_RETRY_QUOTA_FLUSH_COUNT) {
> set_sbi_flag(sbi, SBI_QUOTA_SKIP_FLUSH);
> @@ -1246,10 +1247,13 @@ static int block_operations(struct f2fs_sb_info *sbi)
> }
> f2fs_unlock_all(sbi);
>
> - /* only failed during mount/umount/freeze/quotactl */
> - locked = down_read_trylock(&sbi->sb->s_umount);
> - f2fs_quota_sync(sbi->sb, -1);
> - if (locked)
> + /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
> + if (need_lock && !down_read_trylock(&sbi->sb->s_umount)) {
> + cond_resched();
> + goto retry_flush_quotas;
> + }
> + f2fs_do_quota_sync(sbi->sb, -1);
> + if (need_lock)
> up_read(&sbi->sb->s_umount);
> cond_resched();
> goto retry_flush_quotas;
Modified to:
/* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
if (!need_lock) {
f2fs_do_quota_sync(sbi->sb, -1);
} else if (down_read_trylock(&sbi->sb->s_umount)) {
f2fs_do_quota_sync(sbi->sb, -1);
up_read(&sbi->sb->s_umount);
}
cond_resched();
goto retry_flush_quotas;
> @@ -1867,7 +1871,8 @@ int f2fs_issue_checkpoint(struct f2fs_sb_info *sbi)
> struct cp_control cpc;
>
> cpc.reason = __get_cp_reason(sbi);
> - if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC) {
> + if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC ||
> + sbi->umount_lock_holder == current) {
> int ret;
>
> f2fs_down_write(&sbi->gc_lock);
> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> index 62b7fed1514a..7174dea641e9 100644
> --- a/fs/f2fs/f2fs.h
> +++ b/fs/f2fs/f2fs.h
> @@ -1670,6 +1670,7 @@ struct f2fs_sb_info {
>
> unsigned int nquota_files; /* # of quota sysfile */
> struct f2fs_rwsem quota_sem; /* blocking cp for flags */
> + struct task_struct *umount_lock_holder; /* s_umount lock holder */
>
> /* # of pages, see count_type */
> atomic_t nr_pages[NR_COUNT_TYPE];
> @@ -3652,7 +3653,7 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync);
> void f2fs_inode_synced(struct inode *inode);
> int f2fs_dquot_initialize(struct inode *inode);
> int f2fs_enable_quota_files(struct f2fs_sb_info *sbi, bool rdonly);
> -int f2fs_quota_sync(struct super_block *sb, int type);
> +int f2fs_do_quota_sync(struct super_block *sb, int type);
> loff_t max_file_blocks(struct inode *inode);
> void f2fs_quota_off_umount(struct super_block *sb);
> void f2fs_save_errors(struct f2fs_sb_info *sbi, unsigned char flag);
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index ef639a6d82e5..cb9d7b6fa3ad 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -1740,22 +1740,28 @@ int f2fs_sync_fs(struct super_block *sb, int sync)
>
> static int f2fs_freeze(struct super_block *sb)
> {
> + struct f2fs_sb_info *sbi = F2FS_SB(sb);
> +
> if (f2fs_readonly(sb))
> return 0;
>
> /* IO error happened before */
> - if (unlikely(f2fs_cp_error(F2FS_SB(sb))))
> + if (unlikely(f2fs_cp_error(sbi)))
> return -EIO;
>
> /* must be clean, since sync_filesystem() was already called */
> - if (is_sbi_flag_set(F2FS_SB(sb), SBI_IS_DIRTY))
> + if (is_sbi_flag_set(sbi, SBI_IS_DIRTY))
> return -EINVAL;
>
> + sbi->umount_lock_holder = current;
> +
> /* Let's flush checkpoints and stop the thread. */
> - f2fs_flush_ckpt_thread(F2FS_SB(sb));
> + f2fs_flush_ckpt_thread(sbi);
> +
> + sbi->umount_lock_holder = NULL;
>
> /* to avoid deadlock on f2fs_evict_inode->SB_FREEZE_FS */
> - set_sbi_flag(F2FS_SB(sb), SBI_IS_FREEZING);
> + set_sbi_flag(sbi, SBI_IS_FREEZING);
> return 0;
> }
>
> @@ -2332,6 +2338,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
> org_mount_opt = sbi->mount_opt;
> old_sb_flags = sb->s_flags;
>
> + sbi->umount_lock_holder = current;
> +
> #ifdef CONFIG_QUOTA
> org_mount_opt.s_jquota_fmt = F2FS_OPTION(sbi).s_jquota_fmt;
> for (i = 0; i < MAXQUOTAS; i++) {
> @@ -2555,6 +2563,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>
> limit_reserve_root(sbi);
> *flags = (*flags & ~SB_LAZYTIME) | (sb->s_flags & SB_LAZYTIME);
> +
> + sbi->umount_lock_holder = NULL;
> return 0;
> restore_checkpoint:
> if (need_enable_checkpoint) {
> @@ -2595,6 +2605,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
> #endif
> sbi->mount_opt = org_mount_opt;
> sb->s_flags = old_sb_flags;
> +
> + sbi->umount_lock_holder = NULL;
> return err;
> }
>
> @@ -2911,7 +2923,7 @@ static int f2fs_quota_sync_file(struct f2fs_sb_info *sbi, int type)
> return ret;
> }
>
> -int f2fs_quota_sync(struct super_block *sb, int type)
> +int f2fs_do_quota_sync(struct super_block *sb, int type)
> {
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
> struct quota_info *dqopt = sb_dqopt(sb);
> @@ -2959,6 +2971,16 @@ int f2fs_quota_sync(struct super_block *sb, int type)
> return ret;
> }
>
> +static int f2fs_quota_sync(struct super_block *sb, int type)
> +{
> + int ret;
> +
> + F2FS_SB(sb)->umount_lock_holder = current;
> + ret = f2fs_do_quota_sync(sb, type);
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> + return ret;
> +}
> +
> static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
> const struct path *path)
> {
> @@ -2974,30 +2996,33 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
> if (path->dentry->d_sb != sb)
> return -EXDEV;
>
> - err = f2fs_quota_sync(sb, type);
> + F2FS_SB(sb)->umount_lock_holder = current;
> +
> + err = f2fs_do_quota_sync(sb, type);
> if (err)
> - return err;
> + goto out;
>
> inode = d_inode(path->dentry);
>
> err = filemap_fdatawrite(inode->i_mapping);
> if (err)
> - return err;
> + goto out;
>
> err = filemap_fdatawait(inode->i_mapping);
> if (err)
> - return err;
> + goto out;
>
> err = dquot_quota_on(sb, type, format_id, path);
> if (err)
> - return err;
> + goto out;
>
> inode_lock(inode);
> F2FS_I(inode)->i_flags |= F2FS_QUOTA_DEFAULT_FL;
> f2fs_set_inode_flags(inode);
> inode_unlock(inode);
> f2fs_mark_inode_dirty_sync(inode, false);
> -
> +out:
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> return 0;
> }
>
> @@ -3009,7 +3034,7 @@ static int __f2fs_quota_off(struct super_block *sb, int type)
> if (!inode || !igrab(inode))
> return dquot_quota_off(sb, type);
>
> - err = f2fs_quota_sync(sb, type);
> + err = f2fs_do_quota_sync(sb, type);
> if (err)
> goto out_put;
>
> @@ -3032,6 +3057,8 @@ static int f2fs_quota_off(struct super_block *sb, int type)
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
> int err;
>
> + F2FS_SB(sb)->umount_lock_holder = current;
> +
> err = __f2fs_quota_off(sb, type);
>
> /*
> @@ -3041,6 +3068,9 @@ static int f2fs_quota_off(struct super_block *sb, int type)
> */
> if (is_journalled_quota(sbi))
> set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
> +
> + F2FS_SB(sb)->umount_lock_holder = NULL;
> +
> return err;
> }
>
> @@ -4715,6 +4745,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
> if (err)
> goto free_compress_inode;
>
> + sbi->umount_lock_holder = current;
> #ifdef CONFIG_QUOTA
> /* Enable quota usage during mount */
> if (f2fs_sb_has_quota_ino(sbi) && !f2fs_readonly(sb)) {
> @@ -4841,6 +4872,8 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
> f2fs_update_time(sbi, CP_TIME);
> f2fs_update_time(sbi, REQ_TIME);
> clear_sbi_flag(sbi, SBI_CP_DISABLED_QUICK);
> +
> + sbi->umount_lock_holder = NULL;
> return 0;
>
> sync_free_meta:
> @@ -4945,6 +4978,8 @@ static void kill_f2fs_super(struct super_block *sb)
> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>
> if (sb->s_root) {
> + sbi->umount_lock_holder = current;
> +
> set_sbi_flag(sbi, SBI_IS_CLOSE);
> f2fs_stop_gc_thread(sbi);
> f2fs_stop_discard_thread(sbi);
> --
> 2.48.1.502.g6dc24dfdaf-goog
On 2/7/25 05:47, Jaegeuk Kim wrote:
> On 02/06, Chao Yu wrote:
>> F2FS-fs (dm-59): checkpoint=enable has some unwritten data.
>>
>> ------------[ cut here ]------------
>> WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308
>> pc : dquot_writeback_dquots+0x2fc/0x308
>> lr : f2fs_quota_sync+0xcc/0x1c4
>> Call trace:
>> dquot_writeback_dquots+0x2fc/0x308
>> f2fs_quota_sync+0xcc/0x1c4
>> f2fs_write_checkpoint+0x3d4/0x9b0
>> f2fs_issue_checkpoint+0x1bc/0x2c0
>> f2fs_sync_fs+0x54/0x150
>> f2fs_do_sync_file+0x2f8/0x814
>> __f2fs_ioctl+0x1960/0x3244
>> f2fs_ioctl+0x54/0xe0
>> __arm64_sys_ioctl+0xa8/0xe4
>> invoke_syscall+0x58/0x114
>>
>> checkpoint and f2fs_remount may race as below, resulting triggering warning
>> in dquot_writeback_dquots().
>>
>> atomic write remount
>> - do_remount
>> - down_write(&sb->s_umount);
>> - f2fs_remount
>> - ioctl
>> - f2fs_do_sync_file
>> - f2fs_sync_fs
>> - f2fs_write_checkpoint
>> - block_operations
>> - locked = down_read_trylock(&sbi->sb->s_umount)
>> : fail to lock due to the write lock was held by remount
>> - up_write(&sb->s_umount);
>> - f2fs_quota_sync
>> - dquot_writeback_dquots
>> - WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount))
>> : trigger warning because s_umount lock was unlocked by remount
>>
>> If checkpoint comes from mount/umount/remount/freeze/quotactl, caller of
>> checkpoint has already held s_umount lock, calling dquot_writeback_dquots()
>> in the context should be safe.
>>
>> So let's record task to sbi->umount_lock_holder, so that checkpoint can
>> know whether the lock has held in the context or not by checking current
>> w/ it.
>>
>> In addition, in order to misrepresent caller of checkpoint, we should not
>> allow to trigger async checkpoint for those callers: mount/umount/remount/
>> freeze/quotactl.
>>
>> Fixes: af033b2aa8a8 ("f2fs: guarantee journalled quota data by checkpoint")
>> Signed-off-by: Chao Yu <chao@kernel.org>
>> ---
>> fs/f2fs/checkpoint.c | 17 ++++++++-----
>> fs/f2fs/f2fs.h | 3 ++-
>> fs/f2fs/super.c | 59 +++++++++++++++++++++++++++++++++++---------
>> 3 files changed, 60 insertions(+), 19 deletions(-)
>>
>> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
>> index efda9a022981..baff639ac0c4 100644
>> --- a/fs/f2fs/checkpoint.c
>> +++ b/fs/f2fs/checkpoint.c
>> @@ -1237,7 +1237,8 @@ static int block_operations(struct f2fs_sb_info *sbi)
>> retry_flush_quotas:
>> f2fs_lock_all(sbi);
>> if (__need_flush_quota(sbi)) {
>> - int locked;
>> + bool need_lock = sbi->umount_lock_holder != current;
>> + bool locked = false;
>
> I removed the above unnecessary locked.
>
>>
>> if (++cnt > DEFAULT_RETRY_QUOTA_FLUSH_COUNT) {
>> set_sbi_flag(sbi, SBI_QUOTA_SKIP_FLUSH);
>> @@ -1246,10 +1247,13 @@ static int block_operations(struct f2fs_sb_info *sbi)
>> }
>> f2fs_unlock_all(sbi);
>>
>> - /* only failed during mount/umount/freeze/quotactl */
>> - locked = down_read_trylock(&sbi->sb->s_umount);
>> - f2fs_quota_sync(sbi->sb, -1);
>> - if (locked)
>> + /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
>> + if (need_lock && !down_read_trylock(&sbi->sb->s_umount)) {
>> + cond_resched();
>> + goto retry_flush_quotas;
>> + }
>> + f2fs_do_quota_sync(sbi->sb, -1);
>> + if (need_lock)
>> up_read(&sbi->sb->s_umount);
>> cond_resched();
>> goto retry_flush_quotas;
>
> Modified to:
> /* don't grab s_umount lock during mount/umount/remount/freeze/quotactl */
> if (!need_lock) {
> f2fs_do_quota_sync(sbi->sb, -1);
> } else if (down_read_trylock(&sbi->sb->s_umount)) {
> f2fs_do_quota_sync(sbi->sb, -1);
> up_read(&sbi->sb->s_umount);
> }
> cond_resched();
> goto retry_flush_quotas;
Will update it into v2 anyway, thanks.
Thanks,
>
>> @@ -1867,7 +1871,8 @@ int f2fs_issue_checkpoint(struct f2fs_sb_info *sbi)
>> struct cp_control cpc;
>>
>> cpc.reason = __get_cp_reason(sbi);
>> - if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC) {
>> + if (!test_opt(sbi, MERGE_CHECKPOINT) || cpc.reason != CP_SYNC ||
>> + sbi->umount_lock_holder == current) {
>> int ret;
>>
>> f2fs_down_write(&sbi->gc_lock);
>> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
>> index 62b7fed1514a..7174dea641e9 100644
>> --- a/fs/f2fs/f2fs.h
>> +++ b/fs/f2fs/f2fs.h
>> @@ -1670,6 +1670,7 @@ struct f2fs_sb_info {
>>
>> unsigned int nquota_files; /* # of quota sysfile */
>> struct f2fs_rwsem quota_sem; /* blocking cp for flags */
>> + struct task_struct *umount_lock_holder; /* s_umount lock holder */
>>
>> /* # of pages, see count_type */
>> atomic_t nr_pages[NR_COUNT_TYPE];
>> @@ -3652,7 +3653,7 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync);
>> void f2fs_inode_synced(struct inode *inode);
>> int f2fs_dquot_initialize(struct inode *inode);
>> int f2fs_enable_quota_files(struct f2fs_sb_info *sbi, bool rdonly);
>> -int f2fs_quota_sync(struct super_block *sb, int type);
>> +int f2fs_do_quota_sync(struct super_block *sb, int type);
>> loff_t max_file_blocks(struct inode *inode);
>> void f2fs_quota_off_umount(struct super_block *sb);
>> void f2fs_save_errors(struct f2fs_sb_info *sbi, unsigned char flag);
>> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
>> index ef639a6d82e5..cb9d7b6fa3ad 100644
>> --- a/fs/f2fs/super.c
>> +++ b/fs/f2fs/super.c
>> @@ -1740,22 +1740,28 @@ int f2fs_sync_fs(struct super_block *sb, int sync)
>>
>> static int f2fs_freeze(struct super_block *sb)
>> {
>> + struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> +
>> if (f2fs_readonly(sb))
>> return 0;
>>
>> /* IO error happened before */
>> - if (unlikely(f2fs_cp_error(F2FS_SB(sb))))
>> + if (unlikely(f2fs_cp_error(sbi)))
>> return -EIO;
>>
>> /* must be clean, since sync_filesystem() was already called */
>> - if (is_sbi_flag_set(F2FS_SB(sb), SBI_IS_DIRTY))
>> + if (is_sbi_flag_set(sbi, SBI_IS_DIRTY))
>> return -EINVAL;
>>
>> + sbi->umount_lock_holder = current;
>> +
>> /* Let's flush checkpoints and stop the thread. */
>> - f2fs_flush_ckpt_thread(F2FS_SB(sb));
>> + f2fs_flush_ckpt_thread(sbi);
>> +
>> + sbi->umount_lock_holder = NULL;
>>
>> /* to avoid deadlock on f2fs_evict_inode->SB_FREEZE_FS */
>> - set_sbi_flag(F2FS_SB(sb), SBI_IS_FREEZING);
>> + set_sbi_flag(sbi, SBI_IS_FREEZING);
>> return 0;
>> }
>>
>> @@ -2332,6 +2338,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>> org_mount_opt = sbi->mount_opt;
>> old_sb_flags = sb->s_flags;
>>
>> + sbi->umount_lock_holder = current;
>> +
>> #ifdef CONFIG_QUOTA
>> org_mount_opt.s_jquota_fmt = F2FS_OPTION(sbi).s_jquota_fmt;
>> for (i = 0; i < MAXQUOTAS; i++) {
>> @@ -2555,6 +2563,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>>
>> limit_reserve_root(sbi);
>> *flags = (*flags & ~SB_LAZYTIME) | (sb->s_flags & SB_LAZYTIME);
>> +
>> + sbi->umount_lock_holder = NULL;
>> return 0;
>> restore_checkpoint:
>> if (need_enable_checkpoint) {
>> @@ -2595,6 +2605,8 @@ static int f2fs_remount(struct super_block *sb, int *flags, char *data)
>> #endif
>> sbi->mount_opt = org_mount_opt;
>> sb->s_flags = old_sb_flags;
>> +
>> + sbi->umount_lock_holder = NULL;
>> return err;
>> }
>>
>> @@ -2911,7 +2923,7 @@ static int f2fs_quota_sync_file(struct f2fs_sb_info *sbi, int type)
>> return ret;
>> }
>>
>> -int f2fs_quota_sync(struct super_block *sb, int type)
>> +int f2fs_do_quota_sync(struct super_block *sb, int type)
>> {
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> struct quota_info *dqopt = sb_dqopt(sb);
>> @@ -2959,6 +2971,16 @@ int f2fs_quota_sync(struct super_block *sb, int type)
>> return ret;
>> }
>>
>> +static int f2fs_quota_sync(struct super_block *sb, int type)
>> +{
>> + int ret;
>> +
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> + ret = f2fs_do_quota_sync(sb, type);
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> + return ret;
>> +}
>> +
>> static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
>> const struct path *path)
>> {
>> @@ -2974,30 +2996,33 @@ static int f2fs_quota_on(struct super_block *sb, int type, int format_id,
>> if (path->dentry->d_sb != sb)
>> return -EXDEV;
>>
>> - err = f2fs_quota_sync(sb, type);
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> +
>> + err = f2fs_do_quota_sync(sb, type);
>> if (err)
>> - return err;
>> + goto out;
>>
>> inode = d_inode(path->dentry);
>>
>> err = filemap_fdatawrite(inode->i_mapping);
>> if (err)
>> - return err;
>> + goto out;
>>
>> err = filemap_fdatawait(inode->i_mapping);
>> if (err)
>> - return err;
>> + goto out;
>>
>> err = dquot_quota_on(sb, type, format_id, path);
>> if (err)
>> - return err;
>> + goto out;
>>
>> inode_lock(inode);
>> F2FS_I(inode)->i_flags |= F2FS_QUOTA_DEFAULT_FL;
>> f2fs_set_inode_flags(inode);
>> inode_unlock(inode);
>> f2fs_mark_inode_dirty_sync(inode, false);
>> -
>> +out:
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> return 0;
>> }
>>
>> @@ -3009,7 +3034,7 @@ static int __f2fs_quota_off(struct super_block *sb, int type)
>> if (!inode || !igrab(inode))
>> return dquot_quota_off(sb, type);
>>
>> - err = f2fs_quota_sync(sb, type);
>> + err = f2fs_do_quota_sync(sb, type);
>> if (err)
>> goto out_put;
>>
>> @@ -3032,6 +3057,8 @@ static int f2fs_quota_off(struct super_block *sb, int type)
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>> int err;
>>
>> + F2FS_SB(sb)->umount_lock_holder = current;
>> +
>> err = __f2fs_quota_off(sb, type);
>>
>> /*
>> @@ -3041,6 +3068,9 @@ static int f2fs_quota_off(struct super_block *sb, int type)
>> */
>> if (is_journalled_quota(sbi))
>> set_sbi_flag(sbi, SBI_QUOTA_NEED_REPAIR);
>> +
>> + F2FS_SB(sb)->umount_lock_holder = NULL;
>> +
>> return err;
>> }
>>
>> @@ -4715,6 +4745,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>> if (err)
>> goto free_compress_inode;
>>
>> + sbi->umount_lock_holder = current;
>> #ifdef CONFIG_QUOTA
>> /* Enable quota usage during mount */
>> if (f2fs_sb_has_quota_ino(sbi) && !f2fs_readonly(sb)) {
>> @@ -4841,6 +4872,8 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
>> f2fs_update_time(sbi, CP_TIME);
>> f2fs_update_time(sbi, REQ_TIME);
>> clear_sbi_flag(sbi, SBI_CP_DISABLED_QUICK);
>> +
>> + sbi->umount_lock_holder = NULL;
>> return 0;
>>
>> sync_free_meta:
>> @@ -4945,6 +4978,8 @@ static void kill_f2fs_super(struct super_block *sb)
>> struct f2fs_sb_info *sbi = F2FS_SB(sb);
>>
>> if (sb->s_root) {
>> + sbi->umount_lock_holder = current;
>> +
>> set_sbi_flag(sbi, SBI_IS_CLOSE);
>> f2fs_stop_gc_thread(sbi);
>> f2fs_stop_discard_thread(sbi);
>> --
>> 2.48.1.502.g6dc24dfdaf-goog
© 2016 - 2025 Red Hat, Inc.