diff options
| author | Dmitry Monakhov <dmonakhov@openvz.org> | 2012-10-05 11:31:55 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2012-10-05 11:31:55 -0400 |
| commit | c278531d39f3158bfee93dc67da0b77e09776de2 (patch) | |
| tree | b83341e04d54b3f1cd8171f43ec77bbfba06e571 /fs/ext4/page-io.c | |
| parent | 041bbb6d369811e948ae01f3d00414264076be35 (diff) | |
ext4: fix ext4_flush_completed_IO wait semantics
BUG #1) All places where we call ext4_flush_completed_IO are broken
because buffered io and DIO/AIO goes through three stages
1) submitted io,
2) completed io (in i_completed_io_list) conversion pended
3) finished io (conversion done)
And by calling ext4_flush_completed_IO we will flush only
requests which were in (2) stage, which is wrong because:
1) punch_hole and truncate _must_ wait for all outstanding unwritten io
regardless to it's state.
2) fsync and nolock_dio_read should also wait because there is
a time window between end_page_writeback() and ext4_add_complete_io()
As result integrity fsync is broken in case of buffered write
to fallocated region:
fsync blkdev_completion
->filemap_write_and_wait_range
->ext4_end_bio
->end_page_writeback
<-- filemap_write_and_wait_range return
->ext4_flush_completed_IO
sees empty i_completed_io_list but pended
conversion still exist
->ext4_add_complete_io
BUG #2) Race window becomes wider due to the 'ext4: completed_io
locking cleanup V4' patch series
This patch make following changes:
1) ext4_flush_completed_io() now first try to flush completed io and when
wait for any outstanding unwritten io via ext4_unwritten_wait()
2) Rename function to more appropriate name.
3) Assert that all callers of ext4_flush_unwritten_io should hold i_mutex to
prevent endless wait
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Reviewed-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'fs/ext4/page-io.c')
| -rw-r--r-- | fs/ext4/page-io.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c index 5b24c407701b..68e896e12a67 100644 --- a/fs/ext4/page-io.c +++ b/fs/ext4/page-io.c | |||
| @@ -189,8 +189,6 @@ static int ext4_do_flush_completed_IO(struct inode *inode, | |||
| 189 | 189 | ||
| 190 | list_add_tail(&io->list, &complete); | 190 | list_add_tail(&io->list, &complete); |
| 191 | } | 191 | } |
| 192 | /* It is important to update all flags for all end_io in one shot w/o | ||
| 193 | * dropping the lock.*/ | ||
| 194 | spin_lock_irqsave(&ei->i_completed_io_lock, flags); | 192 | spin_lock_irqsave(&ei->i_completed_io_lock, flags); |
| 195 | while (!list_empty(&complete)) { | 193 | while (!list_empty(&complete)) { |
| 196 | io = list_entry(complete.next, ext4_io_end_t, list); | 194 | io = list_entry(complete.next, ext4_io_end_t, list); |
| @@ -228,9 +226,14 @@ static void ext4_end_io_work(struct work_struct *work) | |||
| 228 | ext4_do_flush_completed_IO(io->inode, io); | 226 | ext4_do_flush_completed_IO(io->inode, io); |
| 229 | } | 227 | } |
| 230 | 228 | ||
| 231 | int ext4_flush_completed_IO(struct inode *inode) | 229 | int ext4_flush_unwritten_io(struct inode *inode) |
| 232 | { | 230 | { |
| 233 | return ext4_do_flush_completed_IO(inode, NULL); | 231 | int ret; |
| 232 | WARN_ON_ONCE(!mutex_is_locked(&inode->i_mutex) && | ||
| 233 | !(inode->i_state & I_FREEING)); | ||
| 234 | ret = ext4_do_flush_completed_IO(inode, NULL); | ||
| 235 | ext4_unwritten_wait(inode); | ||
| 236 | return ret; | ||
| 234 | } | 237 | } |
| 235 | 238 | ||
| 236 | ext4_io_end_t *ext4_init_io_end(struct inode *inode, gfp_t flags) | 239 | ext4_io_end_t *ext4_init_io_end(struct inode *inode, gfp_t flags) |