[PATCH] UBI: Fix possible deadlock in erase_worker()

Wed Sep 17 02:35:26 PDT 2014

On Tue, 2014-09-16 at 09:48 +0200, Richard Weinberger wrote:
> If sync_erase() failes with EINTR, ENOMEM, EAGAIN or
> EBUSY erase_worker() re-schedules the failed work.
> This will lead to a deadlock because erase_worker() is called
> with work_sem held in read mode. And schedule_erase() will take
> this lock again.

There is this code snippet:

        ubi_err("failed to erase PEB %d, error %d", pnum, err);
        kfree(wl_wrk);

        if (err == -EINTR || err == -ENOMEM || err == -EAGAIN ||
            err == -EBUSY) {
                int err1;

                /* Re-schedule the LEB for erasure */
                err1 = schedule_erase(ubi, e, vol_id, lnum, 0);
                if (err1) {
                        err = err1;
                        goto out_ro;
                }
                return err;
        }

How about move 'kfree(wl_wrk)' down, and execute

        __schedule_ubi_work(ubi, wl_wrk)

inside the 'if' clause instead? The fix would seem to be more elegant
then.

Hmm?

-- 
Best Regards,
Artem Bityutskiy