On Wed, Jun 7, 2023 at 4:57 AM <xiubli@xxxxxxxxxx> wrote:
>
> From: Xiubo Li <xiubli@xxxxxxxxxx>
>
> There is a race between capsnaps flush and removing the inode from
> 'mdsc->snap_flush_list' list:
>
> == Thread A == == Thread B ==
> ceph_queue_cap_snap()
> -> allocate 'capsnapA'
> ->ihold('&ci->vfs_inode')
> ->add 'capsnapA' to 'ci->i_cap_snaps'
> ->add 'ci' to 'mdsc->snap_flush_list'
> ...
> == Thread C ==
> ceph_flush_snaps()
> ->__ceph_flush_snaps()
> ->__send_flush_snap()
> handle_cap_flushsnap_ack()
> ->iput('&ci->vfs_inode')
> this also will release 'ci'
> ...
> == Thread D ==
> ceph_handle_snap()
> ->flush_snaps()
> ->iterate 'mdsc->snap_flush_list'
> ->get the stale 'ci'
> ->remove 'ci' from ->ihold(&ci->vfs_inode) this
> 'mdsc->snap_flush_list' will WARNING
>
> To fix this we will increase the inode's i_count ref when adding 'ci'
> to the 'mdsc->snap_flush_list' list.
>
> Cc: stable@xxxxxxxxxxxxxxx
> URL: https://bugzilla.redhat.com/show_bug.cgi?id=2209299
> Reviewed-by: Milind Changire <mchangir@xxxxxxxxxx>
> Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx>
> ---
>
> V4:
> - s/put/need_put/
Hi Xiubo,
The other part of the suggestion was to make it a bool. I made the
adjustment and queued up this patch for 6.4-rc6.
Thanks,
Ilya
