From 29aa053fda5cdf71b4288aafa8276dbd2625f867 Mon Sep 17 00:00:00 2001 From: Brian Behlendorf Date: Mon, 9 Jul 2018 11:03:04 -0700 Subject: [PATCH] Fix zpl_mount() deadlock Commit 93b43af10 inadvertently introduced the following scenario which can result in a deadlock. This issue was most easily reproduced by LXD containers using a ZFS storage backend but should be reproducible under any workload which is frequently mounting and unmounting. ``` -- THREAD A -- spa_sync() spa_sync_upgrades() rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG); <- Waiting on B -- THREAD B -- mount_fs() zpl_mount() zpl_mount_impl() dmu_objset_hold() dmu_objset_hold_flags() dsl_pool_hold() dsl_pool_config_enter() rrw_enter(&dp->dp_config_rwlock, RW_READER, tag); sget() sget_userns() grab_super() down_write(&s->s_umount); <- Waiting on C -- THREAD C -- cleanup_mnt() deactivate_super() down_write(&s->s_umount); deactivate_locked_super() zpl_kill_sb() kill_anon_super() generic_shutdown_super() sync_filesystem() zpl_sync_fs() zfs_sync() zil_commit() txg_wait_synced() <- Waiting ON A ``` Signed-off-by: Brian Behlendorf Issue #7691 --- include/sys/zfs_vfsops.h | 1 + module/zfs/zpl_super.c | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/include/sys/zfs_vfsops.h b/include/sys/zfs_vfsops.h index febfdff97f25..31c9c6d7f74b 100644 --- a/include/sys/zfs_vfsops.h +++ b/include/sys/zfs_vfsops.h @@ -32,6 +32,7 @@ #include #include #include +#include #include #ifdef __cplusplus diff --git a/module/zfs/zpl_super.c b/module/zfs/zpl_super.c index fc10271b787f..c71d08c169ca 100644 --- a/module/zfs/zpl_super.c +++ b/module/zfs/zpl_super.c @@ -271,8 +271,17 @@ zpl_mount_impl(struct file_system_type *fs_type, int flags, zfs_mnt_t *zm) if (err) return (ERR_PTR(-err)); + /* + * The dsl pool lock must be released prior to calling zpl_sget(). + * Otherwise it is possible to block on the semaphore in grab_super(), + * which is held by deactivate_super() waiting on spa_sync(), and in + * turn the sync is blocked on zpl_mount_impl() holding the dsl pool + * lock. Only the dataset lock needs to held over the zpl_sget(). + */ + dsl_pool_rele(dmu_objset_pool(os), FTAG); s = zpl_sget(fs_type, zpl_test_super, set_anon_super, flags, os); - dmu_objset_rele(os, FTAG); + dsl_dataset_rele(dmu_objset_ds(os), FTAG); + if (IS_ERR(s)) return (ERR_CAST(s));