From patchwork Tue Jun 14 11:59:55 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Suresh Jayaraman X-Patchwork-Id: 878922 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter2.kernel.org (8.14.4/8.14.4) with ESMTP id p5EC00Gg000668 for ; Tue, 14 Jun 2011 12:00:00 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756189Ab1FNMAA (ORCPT ); Tue, 14 Jun 2011 08:00:00 -0400 Received: from cantor2.suse.de ([195.135.220.15]:35215 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756083Ab1FNL77 (ORCPT ); Tue, 14 Jun 2011 07:59:59 -0400 Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.221.2]) by mx2.suse.de (Postfix) with ESMTP id 6B3278726A; Tue, 14 Jun 2011 13:59:58 +0200 (CEST) Message-ID: <4DF74D3B.40804@suse.de> Date: Tue, 14 Jun 2011 17:29:55 +0530 From: Suresh Jayaraman User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110414 SUSE/3.1.10 Thunderbird/3.1.10 MIME-Version: 1.0 To: Jeff Layton Cc: linux-cifs@vger.kernel.org, linux-cachefs@redhat.com, dhowells@redhat.com Subject: Re: oops in fscache code when running cifs with -o fsc References: <20110607142922.0816bfae@tlielax.poochiereds.net> <4DF10351.10309@suse.de> In-Reply-To: <4DF10351.10309@suse.de> Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter2.kernel.org [140.211.167.43]); Tue, 14 Jun 2011 12:00:01 +0000 (UTC) On 06/09/2011 11:00 PM, Suresh Jayaraman wrote: > On 06/07/2011 11:59 PM, Jeff Layton wrote: >> While toying with the idea of backporting and enabling fsc support in >> RHEL6, I did some testing of the fsc code in 2.6.39. I mounted a >> filesystem with the following mount options "sec=krb5i,multiuser,fsc". >> I then logged in as an unprivileged user and got a krb5 ticket and ran >> the fsstress program from LTP on the filesystem: >> >> $ fsstress -d /mnt/cifs/fsstress -n1000 -p8 -l0 >> >> ...a few seconds later, the box crashed with the following oopses. This >> is easily reproducible, and seems to crash within a few seconds of >> kicking off the program: > > While trying to reproduce this issue, I'm seeing a "Bad page state in > process fsstress" error. This error is due to page flag "PG_private_2" > still being set for the page when we try to evict the inode. FS-Cache > uses PG_private2 to indicate that the page is known to the cache. > Though cifs_invalidate_page tries to uncache the page (by calling > cifs_fscache_invalidate_page) it does not try to cancel writes that > have not started. I think that is the problem here. Here's a patch that fixes the "Bad page state" errors due to missing invalidation of mapped pages seen during my testing. I suspect this patch will fix the oops seen by Jeff too. Though the problem manifests itself in different ways, I think the root cause remains the same. Jeff: Could you please try this patch and see whether it fixes the issue seen by you? From: Suresh Jayaraman Subject: [PATCH] cifs: invalidate any mapped pages before turning cache off When disabling inode cookie, we were returning the cookie and setting cifsi->fscache to NULL without invalidating any previously mapped pages. This resulted in "Bad page state" errors and manifested in other kind of errors when running fsstress. This patch fixes it by invalidating mapped pages while disabling the inode cookie. Signed-off-by: Suresh Jayaraman --- fs/cifs/fscache.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) > Here is a stack trace captured when the problem was reproducible: > > [ 890.729306] BUG: Bad page state in process fsstress pfn:13ba8 > [ 890.743297] page:ffffea0000450cc0 count:0 mapcount:0 mapping: (null) index:0x150 > [ 890.758439] page flags: 0x2000000000100c(referenced|uptodate|private_2) > [ 890.782264] Pid: 4780, comm: fsstress Not tainted 3.0.0-rc1-12-default+ #6 > [ 890.793971] Call Trace: > [ 890.804777] [] ? dump_page+0x93/0xd0 > [ 890.817221] [] bad_page+0xc9/0x120 > [ 890.835998] [] free_pages_prepare+0xbd/0x100 > [ 890.889885] [] free_hot_cold_page+0x44/0x470 > [ 890.924965] [] __pagevec_free+0x45/0xa0 > [ 890.928862] [] release_pages+0x20d/0x2c0 > [ 890.938960] [] __pagevec_release+0x21/0x30 > [ 890.952214] [] truncate_inode_pages_range+0x1eb/0x450 > [ 890.963341] [] truncate_inode_pages+0x10/0x20 > [ 890.977037] [] cifs_evict_inode+0x1a/0x40 [cifs] > [ 891.000547] [] evict+0x7b/0x150 > [ 891.017301] [] iput+0xda/0x1a0 > [ 891.024691] [] d_kill+0xf8/0x130 > [ 891.036880] [] dput+0xc2/0x180 > [ 891.044544] [] fput+0x15f/0x210 > [ 891.047528] [] filp_close+0x61/0x90 > [ 891.059951] [] put_files_struct+0x80/0xf0 > [ 891.070590] [] exit_files+0x46/0x60 > [ 891.081010] [] do_exit+0x1a2/0x8a0 > [ 891.088572] [] ? vprintk+0x24e/0x430 > [ 891.095035] [] do_group_exit+0x51/0xc0 > [ 891.112728] [] get_signal_to_deliver+0x225/0x460 > [ 891.117800] [] do_signal+0x70/0x790 > [ 891.130115] [] ? cifs_put_link+0x1a/0x20 [cifs] > [ 891.140693] [] ? __switch_to+0x157/0x2f0 > [ 891.164680] [] ? schedule+0x3bb/0x900 > [ 891.176570] [] do_notify_resume+0x55/0x70 > [ 891.198634] [] int_signal+0x12/0x17 > [ 891.205534] Disabling lock debugging due to kernel taint diff --git a/fs/cifs/fscache.c b/fs/cifs/fscache.c index d368a47..d2c268a 100644 --- a/fs/cifs/fscache.c +++ b/fs/cifs/fscache.c @@ -94,6 +94,10 @@ static void cifs_fscache_disable_inode_cookie(struct inode *inode) if (cifsi->fscache) { cFYI(1, "CIFS disabling inode cookie (0x%p)", cifsi->fscache); + /* invalidate any mapped pages that were read in before */ + if (inode->i_mapping && inode->i_mapping->nrpages) + invalidate_inode_pages2(inode->i_mapping); + fscache_relinquish_cookie(cifsi->fscache, 1); cifsi->fscache = NULL; }