Re: [PATCH block/for-4.2-writeback] v9fs: fix error handling in v9fs_session_init()

From: Jens Axboe
Date: Mon Jun 08 2015 - 11:10:39 EST

Next message: Lukasz Majewski: "Re: [PATCHv2 1/2] ARM: exynos_defconfig: Enable CONFIG_SND_SOC_ODROIDX2 for Odroid-XU3"
Previous message: Peter Zijlstra: "Re: [PATCH 08/14] hrtimer: Allow hrtimer::function() to free the timer"
In reply to: Tejun Heo: "[PATCH block/for-4.2-writeback] v9fs: fix error handling in v9fs_session_init()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/07/2015 11:57 PM, Tejun Heo wrote:

On failure, v9fs_session_init() returns with the v9fs_session_info
struct partially initialized and expects the caller to invoke
v9fs_session_close() to clean it up; however, it doesn't track whether
the bdi is initialized or not and curiously invokes bdi_destroy() in
both vfs_session_init() failure path too.

A. If v9fs_session_init() fails before the bdi is initialized, the
follow-up v9fs_session_close() will invoke bdi_destroy() on an
uninitialized bdi.

B. If v9fs_session_init() fails after the bdi is initialized,
bdi_destroy() will be called twice on the same bdi - once in the
failure path of v9fs_session_init() and then by
v9fs_session_close().

A is broken no matter what. B used to be okay because bdi_destroy()
allowed being invoked multiple times on the same bdi, which BTW was
broken in its own way - if bdi_destroy() was invoked on an initialiezd
but !registered bdi, it'd fail to free percpu counters. Since
f0054bb1e1f3 ("writeback: move backing_dev_info->wb_lock and
->worklist into bdi_writeback"), this no longer work - bdi_destroy()
on an initialized but not registered bdi works correctly but multiple
invocations of bdi_destroy() is no longer allowed.

The obvious culprit here is v9fs_session_init()'s odd and broken error
behavior. It should simply clean up after itself on failures. This
patch makes the following updates to v9fs_session_init().

* @rc -> @retval error return propagation removed. It didn't serve
any purpose. Just use @rc.

* Move addition to v9fs_sessionlist to the end of the function so that
incomplete sessions are not put on the list or iterated and error
path doesn't have to worry about it.

* Update error handling so that it cleans up after itself.

Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
Reported-by: Sasha Levin <sasha.levin@xxxxxxxxxx>

Added to for-4.2/writeback, thanks.

--
Jens Axboe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lukasz Majewski: "Re: [PATCHv2 1/2] ARM: exynos_defconfig: Enable CONFIG_SND_SOC_ODROIDX2 for Odroid-XU3"
Previous message: Peter Zijlstra: "Re: [PATCH 08/14] hrtimer: Allow hrtimer::function() to free the timer"
In reply to: Tejun Heo: "[PATCH block/for-4.2-writeback] v9fs: fix error handling in v9fs_session_init()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]