diff options
author | Dmitry Monakhov <dmonakhov@openvz.org> | 2012-09-29 06:58:26 +0200 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2012-09-29 06:58:26 +0200 |
commit | 1f555cfa29e8f787d675e8390f88ce517a37271a (patch) | |
tree | df32d4fd9114f4cbe78fb490a12b21c6b538cf81 | |
parent | ext4: endless truncate due to nonlocked dio readers (diff) | |
download | linux-1f555cfa29e8f787d675e8390f88ce517a37271a.tar.xz linux-1f555cfa29e8f787d675e8390f88ce517a37271a.zip |
ext4: serialize truncate with owerwrite DIO workers
Jan Kara have spotted interesting issue:
There are potential data corruption issue with direct IO overwrites
racing with truncate:
Like:
dio write truncate_task
->ext4_ext_direct_IO
->overwrite == 1
->down_read(&EXT4_I(inode)->i_data_sem);
->mutex_unlock(&inode->i_mutex);
->ext4_setattr()
->inode_dio_wait()
->truncate_setsize()
->ext4_truncate()
->down_write(&EXT4_I(inode)->i_data_sem);
->__blockdev_direct_IO
->ext4_get_block
->submit_io()
->up_read(&EXT4_I(inode)->i_data_sem);
# truncate data blocks, allocate them to
# other inode - bad stuff happens because
# dio is still in flight.
In order to serialize with truncate dio worker should grab extra i_dio_count
reference before drop i_mutex.
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
-rw-r--r-- | fs/ext4/inode.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 05ab70dd5c64..09308ad0f314 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -3010,6 +3010,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb, overwrite = *((int *)iocb->private); if (overwrite) { + atomic_inc(&inode->i_dio_count); down_read(&EXT4_I(inode)->i_data_sem); mutex_unlock(&inode->i_mutex); } @@ -3107,6 +3108,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb, retake_lock: /* take i_mutex locking again if we do a ovewrite dio */ if (overwrite) { + inode_dio_done(inode); up_read(&EXT4_I(inode)->i_data_sem); mutex_lock(&inode->i_mutex); } |