Shyam and Pavel noticed things which didn't make sense
e.g. in cifs_writepages weare putting the reference unconditionally
but in cifs_write_from_iter we are doing the same thing. So how was
this working before - should have resulted in a reference leak and
direct i/o shouldn't have had a chance to complete??
and wouldn't there be an underrun if a retryable error with your patch
with it getting called twice?
Jeff,
Any thoughts on this?
On Wed, May 13, 2020 at 6:55 AM Adam McCoy <adam@xxxxxxxxxxxxxxx> wrote:
>
> Failed async writes that are requeued may not clean up a refcount
> on the file, which can result in a leaked open. This scenario arises
> very reliably when using persistent handles and a reconnect occurs
> while writing.
>
> cifs_writev_requeue only releases the reference if the write fails
> (rc != 0). The server->ops->async_writev operation will take its own
> reference, so the initial reference can always be released.
>
> Signed-off-by: Adam McCoy <adam@xxxxxxxxxxxxxxx>
> ---
> fs/cifs/cifssmb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index 182b864b3075..5014a82391ff 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -2152,8 +2152,8 @@ cifs_writev_requeue(struct cifs_writedata *wdata)
> }
> }
>
> + kref_put(&wdata2->refcount, cifs_writedata_release);
> if (rc) {
> - kref_put(&wdata2->refcount, cifs_writedata_release);
> if (is_retryable_error(rc))
> continue;
> i += nr_pages;
> --
> 2.17.1
>
--
Thanks,
Steve
