diff mbox series

[01/20] lustre: ptlrpc: protect rq_repmsg in ptlrpc_req_drop_rs()

Message ID 1665783491-13827-2-git-send-email-jsimmons@infradead.org (mailing list archive)
State New, archived
Headers show
Series lustre: backport OpenSFS work as of Oct 14, 2022 | expand

Commit Message

James Simmons Oct. 14, 2022, 9:37 p.m. UTC 
From: Lei Feng <flei@whamcloud.com>

There is a race condition that: on server side, one thread sent
reply message and is deleting the reply message, another is
searching for existing request and print some debug information
in _debug_req() if there is a duplicated request. They both operate on
req->rq_repmsg but it is not protected in ptlrpc_req_drop_rs().
So we protected it with req->rq_early_free_lock.

WC-bug-id: https://jira.whamcloud.com/browse/LU-15986
Lustre-commit: aaef545cff2dd9584 ("LU-15986 ptlrpc: protect rq_repmsg in ptlrpc_req_drop_rs()")
Signed-off-by: Lei Feng <flei@whamcloud.com>
Reviewed-on: https://review.whamcloud.com/47839
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Li Xi <lixi@ddn.com>
Reviewed-by: Qian Yingjin <qian@ddn.com>
Reviewed-by: Andrew Perepechko <andrew.perepechko@hpe.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
 fs/lustre/include/lustre_net.h | 9 ++++++++-
 fs/lustre/ptlrpc/service.c     | 1 +
 2 files changed, 9 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/fs/lustre/include/lustre_net.h b/fs/lustre/include/lustre_net.h
index f8d28619a6d7..1605fcc64fc4 100644
--- a/fs/lustre/include/lustre_net.h
+++ b/fs/lustre/include/lustre_net.h
@@ -2234,9 +2234,16 @@  static inline void ptlrpc_req_drop_rs(struct ptlrpc_request *req)
 {
 	if (!req->rq_reply_state)
 		return; /* shouldn't occur */
+
+	/* req_repmsg equals rq_reply_state->rs_msg,
+	 * so set it to NULL before rq_reply_state is possibly freed
+	 */
+	spin_lock(&req->rq_early_free_lock);
+	req->rq_repmsg = NULL;
+	spin_unlock(&req->rq_early_free_lock);
+
 	ptlrpc_rs_decref(req->rq_reply_state);
 	req->rq_reply_state = NULL;
-	req->rq_repmsg = NULL;
 }
 
 static inline u32 lustre_request_magic(struct ptlrpc_request *req)
diff --git a/fs/lustre/ptlrpc/service.c b/fs/lustre/ptlrpc/service.c
index 277fbdbc590a..59fe1f4aa18f 100644
--- a/fs/lustre/ptlrpc/service.c
+++ b/fs/lustre/ptlrpc/service.c
@@ -1136,6 +1136,7 @@  static int ptlrpc_at_send_early_reply(struct ptlrpc_request *req)
 	}
 
 	*reqcopy = *req;
+	spin_lock_init(&reqcopy->rq_early_free_lock);
 	reqcopy->rq_reply_state = NULL;
 	reqcopy->rq_rep_swab_mask = 0;
 	reqcopy->rq_pack_bulk = 0;