ext4: serialize truncate with owerwrite DIO workers
authorDmitry Monakhov <dmonakhov@openvz.org>
Sat, 29 Sep 2012 04:58:26 +0000 (00:58 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Sat, 29 Sep 2012 04:58:26 +0000 (00:58 -0400)
Jan Kara have spotted interesting issue:
There are  potential data corruption issue with  direct IO overwrites
racing with truncate:
 Like:
  dio write                      truncate_task
  ->ext4_ext_direct_IO
   ->overwrite == 1
    ->down_read(&EXT4_I(inode)->i_data_sem);
    ->mutex_unlock(&inode->i_mutex);
                               ->ext4_setattr()
                                ->inode_dio_wait()
                                ->truncate_setsize()
                                ->ext4_truncate()
                                 ->down_write(&EXT4_I(inode)->i_data_sem);
    ->__blockdev_direct_IO
     ->ext4_get_block
     ->submit_io()
    ->up_read(&EXT4_I(inode)->i_data_sem);
                                 # truncate data blocks, allocate them to
                                 # other inode - bad stuff happens because
                                 # dio is still in flight.

In order to serialize with truncate dio worker should grab extra i_dio_count
reference before drop i_mutex.

Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
fs/ext4/inode.c

index 05ab70dd5c64e847c0f90af752b61c981e9c409b..09308ad0f314a02f8e1d7f308422db6758fcedca 100644 (file)
@@ -3010,6 +3010,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
                overwrite = *((int *)iocb->private);
 
                if (overwrite) {
+                       atomic_inc(&inode->i_dio_count);
                        down_read(&EXT4_I(inode)->i_data_sem);
                        mutex_unlock(&inode->i_mutex);
                }
@@ -3107,6 +3108,7 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
        retake_lock:
                /* take i_mutex locking again if we do a ovewrite dio */
                if (overwrite) {
+                       inode_dio_done(inode);
                        up_read(&EXT4_I(inode)->i_data_sem);
                        mutex_lock(&inode->i_mutex);
                }