On Fri 02-02-18 09:53:28, Tejun Heo wrote:
FUSE has a bug where it fails to clear congestion states if a connection gets aborted while congested, which can leave nr_wb_congested[] stuck until reboot causing wait_iff_congested() to wait spuriously.
While the bdi owner, FUSE, is primarily responsible for clearing congestion states before destroying bdi_writebacks, bdi layer can ensure that congestion states are not leaked beyond bdi_writeback lifecycle.
Signed-off-by: Tejun Heo tj@kernel.org Reported-by: Joshua Miller joshmiller@fb.com Cc: Johannes Weiner hannes@cmpxchg.org Cc: Jan Kara jack@suse.cz Cc: stable@vger.kernel.org
Looks good. You can add:
Reviewed-by: Jan Kara jack@suse.cz
Honza
include/linux/backing-dev.h | 14 +++++++++++++- mm/backing-dev.c | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-)
--- a/include/linux/backing-dev.h +++ b/include/linux/backing-dev.h @@ -220,6 +220,18 @@ static inline int bdi_sched_wait(void *w return 0; } +static inline void __wb_congested_free(struct bdi_writeback_congested *congested) +{
- /*
* Make sure congestion states are cleared before freeing to avoid* nr_wb_congested() corruption which can lead to misbehaving* wait_iff_congested().*/- clear_wb_congested(congested, BLK_RW_SYNC);
- clear_wb_congested(congested, BLK_RW_ASYNC);
- kfree(congested);
+}
#ifdef CONFIG_CGROUP_WRITEBACK struct bdi_writeback_congested * @@ -409,7 +421,7 @@ wb_congested_get_create(struct backing_d static inline void wb_congested_put(struct bdi_writeback_congested *congested) { if (atomic_dec_and_test(&congested->refcnt))
kfree(congested);
__wb_congested_free(congested);} static inline struct bdi_writeback *wb_find_current(struct backing_dev_info *bdi) --- a/mm/backing-dev.c +++ b/mm/backing-dev.c @@ -509,7 +509,7 @@ void wb_congested_put(struct bdi_writeba } spin_unlock_irqrestore(&cgwb_lock, flags);
- kfree(congested);
- __wb_congested_free(congested);
} static void cgwb_release_workfn(struct work_struct *work)