Ocfs2 devel - Mar 2015 - [PATCH] ocfs2: check if the ocfs2 lock resource be initialized before calling ocfs2_dlm_lock

If ocfs2 lockres has not been initialized before calling ocfs2_dlm_lock,
the lock won't be dropped and then will lead umount hung. The case is
described below:

ocfs2_mknod
    ocfs2_mknod_locked
        __ocfs2_mknod_locked
            ocfs2_journal_access_di
            Failed because of -ENOMEM or other reasons, the inode lockres
            has not been initialized yet.

    iput(inode)
        ocfs2_evict_inode
            ocfs2_delete_inode
                ocfs2_inode_lock
                    ocfs2_inode_lock_full_nested
                        __ocfs2_cluster_lock
                        Succeeds and allocates a new dlm lockres.
            ocfs2_clear_inode
                ocfs2_open_unlock
                    ocfs2_drop_inode_locks
                        ocfs2_drop_lock
                        Since lockres has not been initialized, the lock
                        can't be dropped and the lockres can't be
                        migrated, thus umount will hang forever.

Signed-off-by: Alex Chen <alex.chen at huawei.com>
Reviewed-by: Joseph Qi <joseph.qi at huawei.com>
Reviewed-by: joyce.xue <xuejiufei at huawei.com>

---
 fs/ocfs2/dlmglue.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/fs/ocfs2/dlmglue.c b/fs/ocfs2/dlmglue.c
index 11849a4..8b23aa2 100644
--- a/fs/ocfs2/dlmglue.c
+++ b/fs/ocfs2/dlmglue.c
@@ -1391,6 +1391,11 @@ static int __ocfs2_cluster_lock(struct ocfs2_super *osb,
 	int noqueue_attempted = 0;
 	int dlm_locked = 0;

+	if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED)) {
+		mlog_errno(-EINVAL);
+		return -EINVAL;
+	}
+
 	ocfs2_init_mask_waiter(&mw);

 	if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB)
-- 
1.8.4.3

On Mon, 30 Mar 2015 11:22:13 +0800 alex chen <alex.chen at huawei.com>
wrote:
> --- a/fs/ocfs2/dlmglue.c
> +++ b/fs/ocfs2/dlmglue.c
> @@ -1391,6 +1391,11 @@ static int __ocfs2_cluster_lock(struct ocfs2_super
*osb,
>  	int noqueue_attempted = 0;
>  	int dlm_locked = 0;
> 
> +	if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED)) {
> +		mlog_errno(-EINVAL);
> +		return -EINVAL;
> +	}
hm.  How about we do this?


From: Andrew Morton <akpm at linux-foundation.org>
Subject: ocfs2: make mlog_errno return the errno

ocfs2 does

	mlog_errno(v);
	return v;

in many places.  Change mlog_errno() so we can do

	return mlog_errno(v);

For some weird reason this patch reduces the size of ocfs2 by 6k:

akpm3:/usr/src/25> size fs/ocfs2/ocfs2.ko
   text    data     bss     dec     hex filename
1146613   82767  832192 2061572  1f7504 fs/ocfs2/ocfs2.ko-before
1140857   82767  832192 2055816  1f5e88 fs/ocfs2/ocfs2.ko-after

Cc: Mark Fasheh <mfasheh at suse.com>
Cc: Joel Becker <jlbec at evilplan.org>
Cc: alex chen <alex.chen at huawei.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
---

 fs/ocfs2/cluster/masklog.h |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff -puN fs/ocfs2/cluster/masklog.h~a fs/ocfs2/cluster/masklog.h
--- a/fs/ocfs2/cluster/masklog.h~a
+++ a/fs/ocfs2/cluster/masklog.h
@@ -196,13 +196,14 @@ extern struct mlog_bits mlog_and_bits, m
 	}								\
 } while (0)
 
-#define mlog_errno(st) do {						\
+#define mlog_errno(st) ({						\
 	int _st = (st);							\
 	if (_st != -ERESTARTSYS && _st != -EINTR &&			\
 	    _st != AOP_TRUNCATED_PAGE && _st != -ENOSPC &&		\
 	    _st != -EDQUOT)						\
 		mlog(ML_ERROR, "status = %lld\n", (long long)_st);	\
-} while (0)
+	st;								\
+})
 
 #define mlog_bug_on_msg(cond, fmt, args...) do {			\
 	if (cond) {							\
_

Hi Alex,

On 03/30/2015 11:22 AM, alex chen wrote:
> If ocfs2 lockres has not been initialized before calling ocfs2_dlm_lock,
> the lock won't be dropped and then will lead umount hung. The case is
> described below:
> 
> ocfs2_mknod
>     ocfs2_mknod_locked
>         __ocfs2_mknod_locked
>             ocfs2_journal_access_di
>             Failed because of -ENOMEM or other reasons, the inode lockres
>             has not been initialized yet.
If failed here, is OCFS2_I(inode)->ip_inode_lockres initialized?  If not
how can you break __ocfs2_cluster_lock with the following condition?

if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED))

Thanks,
Junxiao.
> 
>     iput(inode)
>         ocfs2_evict_inode
>             ocfs2_delete_inode
>                 ocfs2_inode_lock
>                     ocfs2_inode_lock_full_nested
>                         __ocfs2_cluster_lock
>                         Succeeds and allocates a new dlm lockres.
>             ocfs2_clear_inode
>                 ocfs2_open_unlock
>                     ocfs2_drop_inode_locks
>                         ocfs2_drop_lock
>                         Since lockres has not been initialized, the lock
>                         can't be dropped and the lockres can't be
>                         migrated, thus umount will hang forever.
> 
> Signed-off-by: Alex Chen <alex.chen at huawei.com>
> Reviewed-by: Joseph Qi <joseph.qi at huawei.com>
> Reviewed-by: joyce.xue <xuejiufei at huawei.com>
> 
> ---
>  fs/ocfs2/dlmglue.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/fs/ocfs2/dlmglue.c b/fs/ocfs2/dlmglue.c
> index 11849a4..8b23aa2 100644
> --- a/fs/ocfs2/dlmglue.c
> +++ b/fs/ocfs2/dlmglue.c
> @@ -1391,6 +1391,11 @@ static int __ocfs2_cluster_lock(struct ocfs2_super
*osb,
>  	int noqueue_attempted = 0;
>  	int dlm_locked = 0;
> 
> +	if (!(lockres->l_flags & OCFS2_LOCK_INITIALIZED)) {
> +		mlog_errno(-EINVAL);
> +		return -EINVAL;
> +	}
> +
>  	ocfs2_init_mask_waiter(&mw);
> 
>  	if (lockres->l_ops->flags & LOCK_TYPE_USES_LVB)
>