aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/9p/vfs_dir.c93
-rw-r--r--fs/9p/vfs_inode.c5
-rw-r--r--fs/Kconfig4
-rw-r--r--fs/bio.c28
-rw-r--r--fs/block_dev.c2
-rw-r--r--fs/btrfs/extent-tree.c113
-rw-r--r--fs/btrfs/extent_map.c2
-rw-r--r--fs/btrfs/free-space-cache.c2
-rw-r--r--fs/btrfs/inode.c95
-rw-r--r--fs/btrfs/root-tree.c2
-rw-r--r--fs/btrfs/transaction.c19
-rw-r--r--fs/cifs/cifsproto.h1
-rw-r--r--fs/cifs/connect.c11
-rw-r--r--fs/cifs/inode.c7
-rw-r--r--fs/cifs/misc.c14
-rw-r--r--fs/cifs/readdir.c7
-rw-r--r--fs/compat.c2
-rw-r--r--fs/compat_ioctl.c4
-rw-r--r--fs/exec.c8
-rw-r--r--fs/ext3/fsync.c36
-rw-r--r--fs/ext3/inode.c36
-rw-r--r--fs/ext3/super.c2
-rw-r--r--fs/ext4/ext4.h2
-rw-r--r--fs/ext4/extents.c36
-rw-r--r--fs/ext4/inode.c24
-rw-r--r--fs/ext4/namei.c16
-rw-r--r--fs/ext4/super.c20
-rw-r--r--fs/fcntl.c4
-rw-r--r--fs/fuse/dir.c4
-rw-r--r--fs/fuse/file.c5
-rw-r--r--fs/hfs/btree.c5
-rw-r--r--fs/hfsplus/wrapper.c4
-rw-r--r--fs/ioctl.c2
-rw-r--r--fs/jbd/journal.c3
-rw-r--r--fs/jbd2/journal.c2
-rw-r--r--fs/nfs/dir.c2
-rw-r--r--fs/nfs/direct.c1
-rw-r--r--fs/nfs/nfs4proc.c17
-rw-r--r--fs/nfs/nfs4xdr.c1
-rw-r--r--fs/nfsd/nfs3xdr.c2
-rw-r--r--fs/nilfs2/btnode.c4
-rw-r--r--fs/nilfs2/cpfile.c2
-rw-r--r--fs/nilfs2/inode.c1
-rw-r--r--fs/nilfs2/ioctl.c39
-rw-r--r--fs/nilfs2/segment.c17
-rw-r--r--fs/proc/array.c2
-rw-r--r--fs/proc/base.c3
-rw-r--r--fs/proc/meminfo.c2
-rw-r--r--fs/sysfs/dir.c4
-rw-r--r--fs/xfs/linux-2.6/xfs_quotaops.c2
-rw-r--r--fs/xfs/quota/xfs_qm_syscalls.c1
-rw-r--r--fs/xfs/xfs_ialloc.c1
-rw-r--r--fs/xfs/xfs_log_recover.c4
-rw-r--r--fs/xfs/xfs_trans_ail.c23
54 files changed, 512 insertions, 236 deletions
diff --git a/fs/9p/vfs_dir.c b/fs/9p/vfs_dir.c
index 873cd31baa47..15cce53bf61e 100644
--- a/fs/9p/vfs_dir.c
+++ b/fs/9p/vfs_dir.c
@@ -40,6 +40,24 @@
40#include "fid.h" 40#include "fid.h"
41 41
42/** 42/**
43 * struct p9_rdir - readdir accounting
44 * @mutex: mutex protecting readdir
45 * @head: start offset of current dirread buffer
46 * @tail: end offset of current dirread buffer
47 * @buf: dirread buffer
48 *
49 * private structure for keeping track of readdir
50 * allocated on demand
51 */
52
53struct p9_rdir {
54 struct mutex mutex;
55 int head;
56 int tail;
57 uint8_t *buf;
58};
59
60/**
43 * dt_type - return file type 61 * dt_type - return file type
44 * @mistat: mistat structure 62 * @mistat: mistat structure
45 * 63 *
@@ -70,56 +88,79 @@ static int v9fs_dir_readdir(struct file *filp, void *dirent, filldir_t filldir)
70{ 88{
71 int over; 89 int over;
72 struct p9_wstat st; 90 struct p9_wstat st;
73 int err; 91 int err = 0;
74 struct p9_fid *fid; 92 struct p9_fid *fid;
75 int buflen; 93 int buflen;
76 char *statbuf; 94 int reclen = 0;
77 int n, i = 0; 95 struct p9_rdir *rdir;
78 96
79 P9_DPRINTK(P9_DEBUG_VFS, "name %s\n", filp->f_path.dentry->d_name.name); 97 P9_DPRINTK(P9_DEBUG_VFS, "name %s\n", filp->f_path.dentry->d_name.name);
80 fid = filp->private_data; 98 fid = filp->private_data;
81 99
82 buflen = fid->clnt->msize - P9_IOHDRSZ; 100 buflen = fid->clnt->msize - P9_IOHDRSZ;
83 statbuf = kmalloc(buflen, GFP_KERNEL); 101
84 if (!statbuf) 102 /* allocate rdir on demand */
85 return -ENOMEM; 103 if (!fid->rdir) {
86 104 rdir = kmalloc(sizeof(struct p9_rdir) + buflen, GFP_KERNEL);
87 while (1) { 105
88 err = v9fs_file_readn(filp, statbuf, NULL, buflen, 106 if (rdir == NULL) {
89 fid->rdir_fpos); 107 err = -ENOMEM;
90 if (err <= 0) 108 goto exit;
91 break; 109 }
92 110 spin_lock(&filp->f_dentry->d_lock);
93 n = err; 111 if (!fid->rdir) {
94 while (i < n) { 112 rdir->buf = (uint8_t *)rdir + sizeof(struct p9_rdir);
95 err = p9stat_read(statbuf + i, buflen-i, &st, 113 mutex_init(&rdir->mutex);
96 fid->clnt->dotu); 114 rdir->head = rdir->tail = 0;
115 fid->rdir = (void *) rdir;
116 rdir = NULL;
117 }
118 spin_unlock(&filp->f_dentry->d_lock);
119 kfree(rdir);
120 }
121 rdir = (struct p9_rdir *) fid->rdir;
122
123 err = mutex_lock_interruptible(&rdir->mutex);
124 while (err == 0) {
125 if (rdir->tail == rdir->head) {
126 err = v9fs_file_readn(filp, rdir->buf, NULL,
127 buflen, filp->f_pos);
128 if (err <= 0)
129 goto unlock_and_exit;
130
131 rdir->head = 0;
132 rdir->tail = err;
133 }
134
135 while (rdir->head < rdir->tail) {
136 err = p9stat_read(rdir->buf + rdir->head,
137 buflen - rdir->head, &st,
138 fid->clnt->dotu);
97 if (err) { 139 if (err) {
98 P9_DPRINTK(P9_DEBUG_VFS, "returned %d\n", err); 140 P9_DPRINTK(P9_DEBUG_VFS, "returned %d\n", err);
99 err = -EIO; 141 err = -EIO;
100 p9stat_free(&st); 142 p9stat_free(&st);
101 goto free_and_exit; 143 goto unlock_and_exit;
102 } 144 }
103 145 reclen = st.size+2;
104 i += st.size+2;
105 fid->rdir_fpos += st.size+2;
106 146
107 over = filldir(dirent, st.name, strlen(st.name), 147 over = filldir(dirent, st.name, strlen(st.name),
108 filp->f_pos, v9fs_qid2ino(&st.qid), dt_type(&st)); 148 filp->f_pos, v9fs_qid2ino(&st.qid), dt_type(&st));
109 149
110 filp->f_pos += st.size+2;
111
112 p9stat_free(&st); 150 p9stat_free(&st);
113 151
114 if (over) { 152 if (over) {
115 err = 0; 153 err = 0;
116 goto free_and_exit; 154 goto unlock_and_exit;
117 } 155 }
156 rdir->head += reclen;
157 filp->f_pos += reclen;
118 } 158 }
119 } 159 }
120 160
121free_and_exit: 161unlock_and_exit:
122 kfree(statbuf); 162 mutex_unlock(&rdir->mutex);
163exit:
123 return err; 164 return err;
124} 165}
125 166
diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c
index 5947628aefef..18f74ec4dce9 100644
--- a/fs/9p/vfs_inode.c
+++ b/fs/9p/vfs_inode.c
@@ -994,8 +994,7 @@ static int v9fs_readlink(struct dentry *dentry, char *buffer, int buflen)
994 P9_DPRINTK(P9_DEBUG_VFS, 994 P9_DPRINTK(P9_DEBUG_VFS,
995 "%s -> %s (%s)\n", dentry->d_name.name, st->extension, buffer); 995 "%s -> %s (%s)\n", dentry->d_name.name, st->extension, buffer);
996 996
997 retval = buflen; 997 retval = strnlen(buffer, buflen);
998
999done: 998done:
1000 kfree(st); 999 kfree(st);
1001 return retval; 1000 return retval;
@@ -1062,7 +1061,7 @@ static void *v9fs_vfs_follow_link(struct dentry *dentry, struct nameidata *nd)
1062 __putname(link); 1061 __putname(link);
1063 link = ERR_PTR(len); 1062 link = ERR_PTR(len);
1064 } else 1063 } else
1065 link[len] = 0; 1064 link[min(len, PATH_MAX-1)] = 0;
1066 } 1065 }
1067 nd_set_link(nd, link); 1066 nd_set_link(nd, link);
1068 1067
diff --git a/fs/Kconfig b/fs/Kconfig
index d4bf8caad8d0..64d44efad7a5 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -135,8 +135,8 @@ config TMPFS_POSIX_ACL
135 135
136config HUGETLBFS 136config HUGETLBFS
137 bool "HugeTLB file system support" 137 bool "HugeTLB file system support"
138 depends on X86 || IA64 || PPC64 || SPARC64 || (SUPERH && MMU) || \ 138 depends on X86 || IA64 || SPARC64 || (S390 && 64BIT) || \
139 (S390 && 64BIT) || SYS_SUPPORTS_HUGETLBFS || BROKEN 139 SYS_SUPPORTS_HUGETLBFS || BROKEN
140 help 140 help
141 hugetlbfs is a filesystem backing for HugeTLB pages, based on 141 hugetlbfs is a filesystem backing for HugeTLB pages, based on
142 ramfs. For architectures that support it, say Y here and read 142 ramfs. For architectures that support it, say Y here and read
diff --git a/fs/bio.c b/fs/bio.c
index 402cb84a92a1..12da5db8682c 100644
--- a/fs/bio.c
+++ b/fs/bio.c
@@ -325,8 +325,16 @@ static void bio_fs_destructor(struct bio *bio)
325 * @gfp_mask: allocation mask to use 325 * @gfp_mask: allocation mask to use
326 * @nr_iovecs: number of iovecs 326 * @nr_iovecs: number of iovecs
327 * 327 *
328 * Allocate a new bio with @nr_iovecs bvecs. If @gfp_mask 328 * bio_alloc will allocate a bio and associated bio_vec array that can hold
329 * contains __GFP_WAIT, the allocation is guaranteed to succeed. 329 * at least @nr_iovecs entries. Allocations will be done from the
330 * fs_bio_set. Also see @bio_alloc_bioset and @bio_kmalloc.
331 *
332 * If %__GFP_WAIT is set, then bio_alloc will always be able to allocate
333 * a bio. This is due to the mempool guarantees. To make this work, callers
334 * must never allocate more than 1 bio at a time from this pool. Callers
335 * that need to allocate more than 1 bio must always submit the previously
336 * allocated bio for IO before attempting to allocate a new one. Failure to
337 * do so can cause livelocks under memory pressure.
330 * 338 *
331 * RETURNS: 339 * RETURNS:
332 * Pointer to new bio on success, NULL on failure. 340 * Pointer to new bio on success, NULL on failure.
@@ -350,21 +358,13 @@ static void bio_kmalloc_destructor(struct bio *bio)
350} 358}
351 359
352/** 360/**
353 * bio_alloc - allocate a bio for I/O 361 * bio_kmalloc - allocate a bio for I/O using kmalloc()
354 * @gfp_mask: the GFP_ mask given to the slab allocator 362 * @gfp_mask: the GFP_ mask given to the slab allocator
355 * @nr_iovecs: number of iovecs to pre-allocate 363 * @nr_iovecs: number of iovecs to pre-allocate
356 * 364 *
357 * Description: 365 * Description:
358 * bio_alloc will allocate a bio and associated bio_vec array that can hold 366 * Allocate a new bio with @nr_iovecs bvecs. If @gfp_mask contains
359 * at least @nr_iovecs entries. Allocations will be done from the 367 * %__GFP_WAIT, the allocation is guaranteed to succeed.
360 * fs_bio_set. Also see @bio_alloc_bioset.
361 *
362 * If %__GFP_WAIT is set, then bio_alloc will always be able to allocate
363 * a bio. This is due to the mempool guarantees. To make this work, callers
364 * must never allocate more than 1 bio at a time from this pool. Callers
365 * that need to allocate more than 1 bio must always submit the previously
366 * allocated bio for IO before attempting to allocate a new one. Failure to
367 * do so can cause livelocks under memory pressure.
368 * 368 *
369 **/ 369 **/
370struct bio *bio_kmalloc(gfp_t gfp_mask, int nr_iovecs) 370struct bio *bio_kmalloc(gfp_t gfp_mask, int nr_iovecs)
@@ -407,7 +407,7 @@ EXPORT_SYMBOL(zero_fill_bio);
407 * 407 *
408 * Description: 408 * Description:
409 * Put a reference to a &struct bio, either one you have gotten with 409 * Put a reference to a &struct bio, either one you have gotten with
410 * bio_alloc or bio_get. The last put of a bio will free it. 410 * bio_alloc, bio_get or bio_clone. The last put of a bio will free it.
411 **/ 411 **/
412void bio_put(struct bio *bio) 412void bio_put(struct bio *bio)
413{ 413{
diff --git a/fs/block_dev.c b/fs/block_dev.c
index 9cf4b926f8e4..8bed0557d88c 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1248,8 +1248,8 @@ static int __blkdev_get(struct block_device *bdev, fmode_t mode, int for_part)
1248 bd_set_size(bdev, (loff_t)bdev->bd_part->nr_sects << 9); 1248 bd_set_size(bdev, (loff_t)bdev->bd_part->nr_sects << 9);
1249 } 1249 }
1250 } else { 1250 } else {
1251 put_disk(disk);
1252 module_put(disk->fops->owner); 1251 module_put(disk->fops->owner);
1252 put_disk(disk);
1253 disk = NULL; 1253 disk = NULL;
1254 if (bdev->bd_contains == bdev) { 1254 if (bdev->bd_contains == bdev) {
1255 if (bdev->bd_disk->fops->open) { 1255 if (bdev->bd_disk->fops->open) {
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index e238a0cdac67..94627c4cc193 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -2977,10 +2977,10 @@ static int maybe_allocate_chunk(struct btrfs_root *root,
2977 2977
2978 free_space = btrfs_super_total_bytes(disk_super); 2978 free_space = btrfs_super_total_bytes(disk_super);
2979 /* 2979 /*
2980 * we allow the metadata to grow to a max of either 5gb or 5% of the 2980 * we allow the metadata to grow to a max of either 10gb or 5% of the
2981 * space in the volume. 2981 * space in the volume.
2982 */ 2982 */
2983 min_metadata = min((u64)5 * 1024 * 1024 * 1024, 2983 min_metadata = min((u64)10 * 1024 * 1024 * 1024,
2984 div64_u64(free_space * 5, 100)); 2984 div64_u64(free_space * 5, 100));
2985 if (info->total_bytes >= min_metadata) { 2985 if (info->total_bytes >= min_metadata) {
2986 spin_unlock(&info->lock); 2986 spin_unlock(&info->lock);
@@ -4102,7 +4102,7 @@ wait_block_group_cache_done(struct btrfs_block_group_cache *cache)
4102} 4102}
4103 4103
4104enum btrfs_loop_type { 4104enum btrfs_loop_type {
4105 LOOP_CACHED_ONLY = 0, 4105 LOOP_FIND_IDEAL = 0,
4106 LOOP_CACHING_NOWAIT = 1, 4106 LOOP_CACHING_NOWAIT = 1,
4107 LOOP_CACHING_WAIT = 2, 4107 LOOP_CACHING_WAIT = 2,
4108 LOOP_ALLOC_CHUNK = 3, 4108 LOOP_ALLOC_CHUNK = 3,
@@ -4131,12 +4131,15 @@ static noinline int find_free_extent(struct btrfs_trans_handle *trans,
4131 struct btrfs_block_group_cache *block_group = NULL; 4131 struct btrfs_block_group_cache *block_group = NULL;
4132 int empty_cluster = 2 * 1024 * 1024; 4132 int empty_cluster = 2 * 1024 * 1024;
4133 int allowed_chunk_alloc = 0; 4133 int allowed_chunk_alloc = 0;
4134 int done_chunk_alloc = 0;
4134 struct btrfs_space_info *space_info; 4135 struct btrfs_space_info *space_info;
4135 int last_ptr_loop = 0; 4136 int last_ptr_loop = 0;
4136 int loop = 0; 4137 int loop = 0;
4137 bool found_uncached_bg = false; 4138 bool found_uncached_bg = false;
4138 bool failed_cluster_refill = false; 4139 bool failed_cluster_refill = false;
4139 bool failed_alloc = false; 4140 bool failed_alloc = false;
4141 u64 ideal_cache_percent = 0;
4142 u64 ideal_cache_offset = 0;
4140 4143
4141 WARN_ON(num_bytes < root->sectorsize); 4144 WARN_ON(num_bytes < root->sectorsize);
4142 btrfs_set_key_type(ins, BTRFS_EXTENT_ITEM_KEY); 4145 btrfs_set_key_type(ins, BTRFS_EXTENT_ITEM_KEY);
@@ -4172,14 +4175,19 @@ static noinline int find_free_extent(struct btrfs_trans_handle *trans,
4172 empty_cluster = 0; 4175 empty_cluster = 0;
4173 4176
4174 if (search_start == hint_byte) { 4177 if (search_start == hint_byte) {
4178ideal_cache:
4175 block_group = btrfs_lookup_block_group(root->fs_info, 4179 block_group = btrfs_lookup_block_group(root->fs_info,
4176 search_start); 4180 search_start);
4177 /* 4181 /*
4178 * we don't want to use the block group if it doesn't match our 4182 * we don't want to use the block group if it doesn't match our
4179 * allocation bits, or if its not cached. 4183 * allocation bits, or if its not cached.
4184 *
4185 * However if we are re-searching with an ideal block group
4186 * picked out then we don't care that the block group is cached.
4180 */ 4187 */
4181 if (block_group && block_group_bits(block_group, data) && 4188 if (block_group && block_group_bits(block_group, data) &&
4182 block_group_cache_done(block_group)) { 4189 (block_group->cached != BTRFS_CACHE_NO ||
4190 search_start == ideal_cache_offset)) {
4183 down_read(&space_info->groups_sem); 4191 down_read(&space_info->groups_sem);
4184 if (list_empty(&block_group->list) || 4192 if (list_empty(&block_group->list) ||
4185 block_group->ro) { 4193 block_group->ro) {
@@ -4191,13 +4199,13 @@ static noinline int find_free_extent(struct btrfs_trans_handle *trans,
4191 */ 4199 */
4192 btrfs_put_block_group(block_group); 4200 btrfs_put_block_group(block_group);
4193 up_read(&space_info->groups_sem); 4201 up_read(&space_info->groups_sem);
4194 } else 4202 } else {
4195 goto have_block_group; 4203 goto have_block_group;
4204 }
4196 } else if (block_group) { 4205 } else if (block_group) {
4197 btrfs_put_block_group(block_group); 4206 btrfs_put_block_group(block_group);
4198 } 4207 }
4199 } 4208 }
4200
4201search: 4209search:
4202 down_read(&space_info->groups_sem); 4210 down_read(&space_info->groups_sem);
4203 list_for_each_entry(block_group, &space_info->block_groups, list) { 4211 list_for_each_entry(block_group, &space_info->block_groups, list) {
@@ -4209,28 +4217,45 @@ search:
4209 4217
4210have_block_group: 4218have_block_group:
4211 if (unlikely(block_group->cached == BTRFS_CACHE_NO)) { 4219 if (unlikely(block_group->cached == BTRFS_CACHE_NO)) {
4220 u64 free_percent;
4221
4222 free_percent = btrfs_block_group_used(&block_group->item);
4223 free_percent *= 100;
4224 free_percent = div64_u64(free_percent,
4225 block_group->key.offset);
4226 free_percent = 100 - free_percent;
4227 if (free_percent > ideal_cache_percent &&
4228 likely(!block_group->ro)) {
4229 ideal_cache_offset = block_group->key.objectid;
4230 ideal_cache_percent = free_percent;
4231 }
4232
4212 /* 4233 /*
4213 * we want to start caching kthreads, but not too many 4234 * We only want to start kthread caching if we are at
4214 * right off the bat so we don't overwhelm the system, 4235 * the point where we will wait for caching to make
4215 * so only start them if there are less than 2 and we're 4236 * progress, or if our ideal search is over and we've
4216 * in the initial allocation phase. 4237 * found somebody to start caching.
4217 */ 4238 */
4218 if (loop > LOOP_CACHING_NOWAIT || 4239 if (loop > LOOP_CACHING_NOWAIT ||
4219 atomic_read(&space_info->caching_threads) < 2) { 4240 (loop > LOOP_FIND_IDEAL &&
4241 atomic_read(&space_info->caching_threads) < 2)) {
4220 ret = cache_block_group(block_group); 4242 ret = cache_block_group(block_group);
4221 BUG_ON(ret); 4243 BUG_ON(ret);
4222 } 4244 }
4223 }
4224
4225 cached = block_group_cache_done(block_group);
4226 if (unlikely(!cached)) {
4227 found_uncached_bg = true; 4245 found_uncached_bg = true;
4228 4246
4229 /* if we only want cached bgs, loop */ 4247 /*
4230 if (loop == LOOP_CACHED_ONLY) 4248 * If loop is set for cached only, try the next block
4249 * group.
4250 */
4251 if (loop == LOOP_FIND_IDEAL)
4231 goto loop; 4252 goto loop;
4232 } 4253 }
4233 4254
4255 cached = block_group_cache_done(block_group);
4256 if (unlikely(!cached))
4257 found_uncached_bg = true;
4258
4234 if (unlikely(block_group->ro)) 4259 if (unlikely(block_group->ro))
4235 goto loop; 4260 goto loop;
4236 4261
@@ -4410,9 +4435,11 @@ loop:
4410 } 4435 }
4411 up_read(&space_info->groups_sem); 4436 up_read(&space_info->groups_sem);
4412 4437
4413 /* LOOP_CACHED_ONLY, only search fully cached block groups 4438 /* LOOP_FIND_IDEAL, only search caching/cached bg's, and don't wait for
4414 * LOOP_CACHING_NOWAIT, search partially cached block groups, but 4439 * for them to make caching progress. Also
4415 * dont wait foR them to finish caching 4440 * determine the best possible bg to cache
4441 * LOOP_CACHING_NOWAIT, search partially cached block groups, kicking
4442 * caching kthreads as we move along
4416 * LOOP_CACHING_WAIT, search everything, and wait if our bg is caching 4443 * LOOP_CACHING_WAIT, search everything, and wait if our bg is caching
4417 * LOOP_ALLOC_CHUNK, force a chunk allocation and try again 4444 * LOOP_ALLOC_CHUNK, force a chunk allocation and try again
4418 * LOOP_NO_EMPTY_SIZE, set empty_size and empty_cluster to 0 and try 4445 * LOOP_NO_EMPTY_SIZE, set empty_size and empty_cluster to 0 and try
@@ -4421,12 +4448,47 @@ loop:
4421 if (!ins->objectid && loop < LOOP_NO_EMPTY_SIZE && 4448 if (!ins->objectid && loop < LOOP_NO_EMPTY_SIZE &&
4422 (found_uncached_bg || empty_size || empty_cluster || 4449 (found_uncached_bg || empty_size || empty_cluster ||
4423 allowed_chunk_alloc)) { 4450 allowed_chunk_alloc)) {
4424 if (found_uncached_bg) { 4451 if (loop == LOOP_FIND_IDEAL && found_uncached_bg) {
4425 found_uncached_bg = false; 4452 found_uncached_bg = false;
4426 if (loop < LOOP_CACHING_WAIT) { 4453 loop++;
4427 loop++; 4454 if (!ideal_cache_percent &&
4455 atomic_read(&space_info->caching_threads))
4428 goto search; 4456 goto search;
4429 } 4457
4458 /*
4459 * 1 of the following 2 things have happened so far
4460 *
4461 * 1) We found an ideal block group for caching that
4462 * is mostly full and will cache quickly, so we might
4463 * as well wait for it.
4464 *
4465 * 2) We searched for cached only and we didn't find
4466 * anything, and we didn't start any caching kthreads
4467 * either, so chances are we will loop through and
4468 * start a couple caching kthreads, and then come back
4469 * around and just wait for them. This will be slower
4470 * because we will have 2 caching kthreads reading at
4471 * the same time when we could have just started one
4472 * and waited for it to get far enough to give us an
4473 * allocation, so go ahead and go to the wait caching
4474 * loop.
4475 */
4476 loop = LOOP_CACHING_WAIT;
4477 search_start = ideal_cache_offset;
4478 ideal_cache_percent = 0;
4479 goto ideal_cache;
4480 } else if (loop == LOOP_FIND_IDEAL) {
4481 /*
4482 * Didn't find a uncached bg, wait on anything we find
4483 * next.
4484 */
4485 loop = LOOP_CACHING_WAIT;
4486 goto search;
4487 }
4488
4489 if (loop < LOOP_CACHING_WAIT) {
4490 loop++;
4491 goto search;
4430 } 4492 }
4431 4493
4432 if (loop == LOOP_ALLOC_CHUNK) { 4494 if (loop == LOOP_ALLOC_CHUNK) {
@@ -4438,7 +4500,8 @@ loop:
4438 ret = do_chunk_alloc(trans, root, num_bytes + 4500 ret = do_chunk_alloc(trans, root, num_bytes +
4439 2 * 1024 * 1024, data, 1); 4501 2 * 1024 * 1024, data, 1);
4440 allowed_chunk_alloc = 0; 4502 allowed_chunk_alloc = 0;
4441 } else { 4503 done_chunk_alloc = 1;
4504 } else if (!done_chunk_alloc) {
4442 space_info->force_alloc = 1; 4505 space_info->force_alloc = 1;
4443 } 4506 }
4444 4507
diff --git a/fs/btrfs/extent_map.c b/fs/btrfs/extent_map.c
index 2c726b7b9faa..ccbdcb54ec5d 100644
--- a/fs/btrfs/extent_map.c
+++ b/fs/btrfs/extent_map.c
@@ -208,7 +208,7 @@ int unpin_extent_cache(struct extent_map_tree *tree, u64 start, u64 len)
208 write_lock(&tree->lock); 208 write_lock(&tree->lock);
209 em = lookup_extent_mapping(tree, start, len); 209 em = lookup_extent_mapping(tree, start, len);
210 210
211 WARN_ON(em->start != start || !em); 211 WARN_ON(!em || em->start != start);
212 212
213 if (!em) 213 if (!em)
214 goto out; 214 goto out;
diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
index 5c2caad76212..cb2849f03251 100644
--- a/fs/btrfs/free-space-cache.c
+++ b/fs/btrfs/free-space-cache.c
@@ -1296,7 +1296,7 @@ again:
1296 window_start = entry->offset; 1296 window_start = entry->offset;
1297 window_free = entry->bytes; 1297 window_free = entry->bytes;
1298 last = entry; 1298 last = entry;
1299 max_extent = 0; 1299 max_extent = entry->bytes;
1300 } else { 1300 } else {
1301 last = next; 1301 last = next;
1302 window_free += next->bytes; 1302 window_free += next->bytes;
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index dae12dc7e159..b3ad168a0bfc 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -538,7 +538,7 @@ static noinline int submit_compressed_extents(struct inode *inode,
538 struct btrfs_root *root = BTRFS_I(inode)->root; 538 struct btrfs_root *root = BTRFS_I(inode)->root;
539 struct extent_map_tree *em_tree = &BTRFS_I(inode)->extent_tree; 539 struct extent_map_tree *em_tree = &BTRFS_I(inode)->extent_tree;
540 struct extent_io_tree *io_tree; 540 struct extent_io_tree *io_tree;
541 int ret; 541 int ret = 0;
542 542
543 if (list_empty(&async_cow->extents)) 543 if (list_empty(&async_cow->extents))
544 return 0; 544 return 0;
@@ -552,6 +552,7 @@ static noinline int submit_compressed_extents(struct inode *inode,
552 552
553 io_tree = &BTRFS_I(inode)->io_tree; 553 io_tree = &BTRFS_I(inode)->io_tree;
554 554
555retry:
555 /* did the compression code fall back to uncompressed IO? */ 556 /* did the compression code fall back to uncompressed IO? */
556 if (!async_extent->pages) { 557 if (!async_extent->pages) {
557 int page_started = 0; 558 int page_started = 0;
@@ -562,11 +563,11 @@ static noinline int submit_compressed_extents(struct inode *inode,
562 async_extent->ram_size - 1, GFP_NOFS); 563 async_extent->ram_size - 1, GFP_NOFS);
563 564
564 /* allocate blocks */ 565 /* allocate blocks */
565 cow_file_range(inode, async_cow->locked_page, 566 ret = cow_file_range(inode, async_cow->locked_page,
566 async_extent->start, 567 async_extent->start,
567 async_extent->start + 568 async_extent->start +
568 async_extent->ram_size - 1, 569 async_extent->ram_size - 1,
569 &page_started, &nr_written, 0); 570 &page_started, &nr_written, 0);
570 571
571 /* 572 /*
572 * if page_started, cow_file_range inserted an 573 * if page_started, cow_file_range inserted an
@@ -574,7 +575,7 @@ static noinline int submit_compressed_extents(struct inode *inode,
574 * and IO for us. Otherwise, we need to submit 575 * and IO for us. Otherwise, we need to submit
575 * all those pages down to the drive. 576 * all those pages down to the drive.
576 */ 577 */
577 if (!page_started) 578 if (!page_started && !ret)
578 extent_write_locked_range(io_tree, 579 extent_write_locked_range(io_tree,
579 inode, async_extent->start, 580 inode, async_extent->start,
580 async_extent->start + 581 async_extent->start +
@@ -602,7 +603,21 @@ static noinline int submit_compressed_extents(struct inode *inode,
602 async_extent->compressed_size, 603 async_extent->compressed_size,
603 0, alloc_hint, 604 0, alloc_hint,
604 (u64)-1, &ins, 1); 605 (u64)-1, &ins, 1);
605 BUG_ON(ret); 606 if (ret) {
607 int i;
608 for (i = 0; i < async_extent->nr_pages; i++) {
609 WARN_ON(async_extent->pages[i]->mapping);
610 page_cache_release(async_extent->pages[i]);
611 }
612 kfree(async_extent->pages);
613 async_extent->nr_pages = 0;
614 async_extent->pages = NULL;
615 unlock_extent(io_tree, async_extent->start,
616 async_extent->start +
617 async_extent->ram_size - 1, GFP_NOFS);
618 goto retry;
619 }
620
606 em = alloc_extent_map(GFP_NOFS); 621 em = alloc_extent_map(GFP_NOFS);
607 em->start = async_extent->start; 622 em->start = async_extent->start;
608 em->len = async_extent->ram_size; 623 em->len = async_extent->ram_size;
@@ -743,8 +758,22 @@ static noinline int cow_file_range(struct inode *inode,
743 em = search_extent_mapping(&BTRFS_I(inode)->extent_tree, 758 em = search_extent_mapping(&BTRFS_I(inode)->extent_tree,
744 start, num_bytes); 759 start, num_bytes);
745 if (em) { 760 if (em) {
746 alloc_hint = em->block_start; 761 /*
747 free_extent_map(em); 762 * if block start isn't an actual block number then find the
763 * first block in this inode and use that as a hint. If that
764 * block is also bogus then just don't worry about it.
765 */
766 if (em->block_start >= EXTENT_MAP_LAST_BYTE) {
767 free_extent_map(em);
768 em = search_extent_mapping(em_tree, 0, 0);
769 if (em && em->block_start < EXTENT_MAP_LAST_BYTE)
770 alloc_hint = em->block_start;
771 if (em)
772 free_extent_map(em);
773 } else {
774 alloc_hint = em->block_start;
775 free_extent_map(em);
776 }
748 } 777 }
749 read_unlock(&BTRFS_I(inode)->extent_tree.lock); 778 read_unlock(&BTRFS_I(inode)->extent_tree.lock);
750 btrfs_drop_extent_cache(inode, start, start + num_bytes - 1, 0); 779 btrfs_drop_extent_cache(inode, start, start + num_bytes - 1, 0);
@@ -2474,7 +2503,19 @@ static int btrfs_unlink(struct inode *dir, struct dentry *dentry)
2474 2503
2475 root = BTRFS_I(dir)->root; 2504 root = BTRFS_I(dir)->root;
2476 2505
2506 /*
2507 * 5 items for unlink inode
2508 * 1 for orphan
2509 */
2510 ret = btrfs_reserve_metadata_space(root, 6);
2511 if (ret)
2512 return ret;
2513
2477 trans = btrfs_start_transaction(root, 1); 2514 trans = btrfs_start_transaction(root, 1);
2515 if (IS_ERR(trans)) {
2516 btrfs_unreserve_metadata_space(root, 6);
2517 return PTR_ERR(trans);
2518 }
2478 2519
2479 btrfs_set_trans_block_group(trans, dir); 2520 btrfs_set_trans_block_group(trans, dir);
2480 2521
@@ -2489,6 +2530,7 @@ static int btrfs_unlink(struct inode *dir, struct dentry *dentry)
2489 nr = trans->blocks_used; 2530 nr = trans->blocks_used;
2490 2531
2491 btrfs_end_transaction_throttle(trans, root); 2532 btrfs_end_transaction_throttle(trans, root);
2533 btrfs_unreserve_metadata_space(root, 6);
2492 btrfs_btree_balance_dirty(root, nr); 2534 btrfs_btree_balance_dirty(root, nr);
2493 return ret; 2535 return ret;
2494} 2536}
@@ -2569,7 +2611,16 @@ static int btrfs_rmdir(struct inode *dir, struct dentry *dentry)
2569 inode->i_ino == BTRFS_FIRST_FREE_OBJECTID) 2611 inode->i_ino == BTRFS_FIRST_FREE_OBJECTID)
2570 return -ENOTEMPTY; 2612 return -ENOTEMPTY;
2571 2613
2614 ret = btrfs_reserve_metadata_space(root, 5);
2615 if (ret)
2616 return ret;
2617
2572 trans = btrfs_start_transaction(root, 1); 2618 trans = btrfs_start_transaction(root, 1);
2619 if (IS_ERR(trans)) {
2620 btrfs_unreserve_metadata_space(root, 5);
2621 return PTR_ERR(trans);
2622 }
2623
2573 btrfs_set_trans_block_group(trans, dir); 2624 btrfs_set_trans_block_group(trans, dir);
2574 2625
2575 if (unlikely(inode->i_ino == BTRFS_EMPTY_SUBVOL_DIR_OBJECTID)) { 2626 if (unlikely(inode->i_ino == BTRFS_EMPTY_SUBVOL_DIR_OBJECTID)) {
@@ -2592,6 +2643,7 @@ static int btrfs_rmdir(struct inode *dir, struct dentry *dentry)
2592out: 2643out:
2593 nr = trans->blocks_used; 2644 nr = trans->blocks_used;
2594 ret = btrfs_end_transaction_throttle(trans, root); 2645 ret = btrfs_end_transaction_throttle(trans, root);
2646 btrfs_unreserve_metadata_space(root, 5);
2595 btrfs_btree_balance_dirty(root, nr); 2647 btrfs_btree_balance_dirty(root, nr);
2596 2648
2597 if (ret && !err) 2649 if (ret && !err)
@@ -5128,6 +5180,7 @@ struct inode *btrfs_alloc_inode(struct super_block *sb)
5128 ei->logged_trans = 0; 5180 ei->logged_trans = 0;
5129 ei->outstanding_extents = 0; 5181 ei->outstanding_extents = 0;
5130 ei->reserved_extents = 0; 5182 ei->reserved_extents = 0;
5183 ei->root = NULL;
5131 spin_lock_init(&ei->accounting_lock); 5184 spin_lock_init(&ei->accounting_lock);
5132 btrfs_ordered_inode_tree_init(&ei->ordered_tree); 5185 btrfs_ordered_inode_tree_init(&ei->ordered_tree);
5133 INIT_LIST_HEAD(&ei->i_orphan); 5186 INIT_LIST_HEAD(&ei->i_orphan);
@@ -5144,6 +5197,14 @@ void btrfs_destroy_inode(struct inode *inode)
5144 WARN_ON(inode->i_data.nrpages); 5197 WARN_ON(inode->i_data.nrpages);
5145 5198
5146 /* 5199 /*
5200 * This can happen where we create an inode, but somebody else also
5201 * created the same inode and we need to destroy the one we already
5202 * created.
5203 */
5204 if (!root)
5205 goto free;
5206
5207 /*
5147 * Make sure we're properly removed from the ordered operation 5208 * Make sure we're properly removed from the ordered operation
5148 * lists. 5209 * lists.
5149 */ 5210 */
@@ -5178,6 +5239,7 @@ void btrfs_destroy_inode(struct inode *inode)
5178 } 5239 }
5179 inode_tree_del(inode); 5240 inode_tree_del(inode);
5180 btrfs_drop_extent_cache(inode, 0, (u64)-1, 0); 5241 btrfs_drop_extent_cache(inode, 0, (u64)-1, 0);
5242free:
5181 kmem_cache_free(btrfs_inode_cachep, BTRFS_I(inode)); 5243 kmem_cache_free(btrfs_inode_cachep, BTRFS_I(inode));
5182} 5244}
5183 5245
@@ -5283,11 +5345,14 @@ static int btrfs_rename(struct inode *old_dir, struct dentry *old_dentry,
5283 return -ENOTEMPTY; 5345 return -ENOTEMPTY;
5284 5346
5285 /* 5347 /*
5286 * 2 items for dir items 5348 * We want to reserve the absolute worst case amount of items. So if
5287 * 1 item for orphan entry 5349 * both inodes are subvols and we need to unlink them then that would
5288 * 1 item for ref 5350 * require 4 item modifications, but if they are both normal inodes it
5351 * would require 5 item modifications, so we'll assume their normal
5352 * inodes. So 5 * 2 is 10, plus 1 for the new link, so 11 total items
5353 * should cover the worst case number of items we'll modify.
5289 */ 5354 */
5290 ret = btrfs_reserve_metadata_space(root, 4); 5355 ret = btrfs_reserve_metadata_space(root, 11);
5291 if (ret) 5356 if (ret)
5292 return ret; 5357 return ret;
5293 5358
@@ -5403,7 +5468,7 @@ out_fail:
5403 if (old_inode->i_ino == BTRFS_FIRST_FREE_OBJECTID) 5468 if (old_inode->i_ino == BTRFS_FIRST_FREE_OBJECTID)
5404 up_read(&root->fs_info->subvol_sem); 5469 up_read(&root->fs_info->subvol_sem);
5405 5470
5406 btrfs_unreserve_metadata_space(root, 4); 5471 btrfs_unreserve_metadata_space(root, 11);
5407 return ret; 5472 return ret;
5408} 5473}
5409 5474
diff --git a/fs/btrfs/root-tree.c b/fs/btrfs/root-tree.c
index 9351428f30e2..67fa2d29d663 100644
--- a/fs/btrfs/root-tree.c
+++ b/fs/btrfs/root-tree.c
@@ -159,7 +159,6 @@ int btrfs_update_root(struct btrfs_trans_handle *trans, struct btrfs_root
159 write_extent_buffer(l, item, ptr, sizeof(*item)); 159 write_extent_buffer(l, item, ptr, sizeof(*item));
160 btrfs_mark_buffer_dirty(path->nodes[0]); 160 btrfs_mark_buffer_dirty(path->nodes[0]);
161out: 161out:
162 btrfs_release_path(root, path);
163 btrfs_free_path(path); 162 btrfs_free_path(path);
164 return ret; 163 return ret;
165} 164}
@@ -332,7 +331,6 @@ int btrfs_del_root(struct btrfs_trans_handle *trans, struct btrfs_root *root,
332 BUG_ON(refs != 0); 331 BUG_ON(refs != 0);
333 ret = btrfs_del_item(trans, root, path); 332 ret = btrfs_del_item(trans, root, path);
334out: 333out:
335 btrfs_release_path(root, path);
336 btrfs_free_path(path); 334 btrfs_free_path(path);
337 return ret; 335 return ret;
338} 336}
diff --git a/fs/btrfs/transaction.c b/fs/btrfs/transaction.c
index bca82a4ca8e6..c207e8c32c9b 100644
--- a/fs/btrfs/transaction.c
+++ b/fs/btrfs/transaction.c
@@ -163,8 +163,14 @@ static void wait_current_trans(struct btrfs_root *root)
163 } 163 }
164} 164}
165 165
166enum btrfs_trans_type {
167 TRANS_START,
168 TRANS_JOIN,
169 TRANS_USERSPACE,
170};
171
166static struct btrfs_trans_handle *start_transaction(struct btrfs_root *root, 172static struct btrfs_trans_handle *start_transaction(struct btrfs_root *root,
167 int num_blocks, int wait) 173 int num_blocks, int type)
168{ 174{
169 struct btrfs_trans_handle *h = 175 struct btrfs_trans_handle *h =
170 kmem_cache_alloc(btrfs_trans_handle_cachep, GFP_NOFS); 176 kmem_cache_alloc(btrfs_trans_handle_cachep, GFP_NOFS);
@@ -172,7 +178,8 @@ static struct btrfs_trans_handle *start_transaction(struct btrfs_root *root,
172 178
173 mutex_lock(&root->fs_info->trans_mutex); 179 mutex_lock(&root->fs_info->trans_mutex);
174 if (!root->fs_info->log_root_recovering && 180 if (!root->fs_info->log_root_recovering &&
175 ((wait == 1 && !root->fs_info->open_ioctl_trans) || wait == 2)) 181 ((type == TRANS_START && !root->fs_info->open_ioctl_trans) ||
182 type == TRANS_USERSPACE))
176 wait_current_trans(root); 183 wait_current_trans(root);
177 ret = join_transaction(root); 184 ret = join_transaction(root);
178 BUG_ON(ret); 185 BUG_ON(ret);
@@ -186,7 +193,7 @@ static struct btrfs_trans_handle *start_transaction(struct btrfs_root *root,
186 h->alloc_exclude_start = 0; 193 h->alloc_exclude_start = 0;
187 h->delayed_ref_updates = 0; 194 h->delayed_ref_updates = 0;
188 195
189 if (!current->journal_info) 196 if (!current->journal_info && type != TRANS_USERSPACE)
190 current->journal_info = h; 197 current->journal_info = h;
191 198
192 root->fs_info->running_transaction->use_count++; 199 root->fs_info->running_transaction->use_count++;
@@ -198,18 +205,18 @@ static struct btrfs_trans_handle *start_transaction(struct btrfs_root *root,
198struct btrfs_trans_handle *btrfs_start_transaction(struct btrfs_root *root, 205struct btrfs_trans_handle *btrfs_start_transaction(struct btrfs_root *root,
199 int num_blocks) 206 int num_blocks)
200{ 207{
201 return start_transaction(root, num_blocks, 1); 208 return start_transaction(root, num_blocks, TRANS_START);
202} 209}
203struct btrfs_trans_handle *btrfs_join_transaction(struct btrfs_root *root, 210struct btrfs_trans_handle *btrfs_join_transaction(struct btrfs_root *root,
204 int num_blocks) 211 int num_blocks)
205{ 212{
206 return start_transaction(root, num_blocks, 0); 213 return start_transaction(root, num_blocks, TRANS_JOIN);
207} 214}
208 215
209struct btrfs_trans_handle *btrfs_start_ioctl_transaction(struct btrfs_root *r, 216struct btrfs_trans_handle *btrfs_start_ioctl_transaction(struct btrfs_root *r,
210 int num_blocks) 217 int num_blocks)
211{ 218{
212 return start_transaction(r, num_blocks, 2); 219 return start_transaction(r, num_blocks, TRANS_USERSPACE);
213} 220}
214 221
215/* wait for a transaction commit to be fully complete */ 222/* wait for a transaction commit to be fully complete */
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
index 6928c24d1d42..5646727e33f5 100644
--- a/fs/cifs/cifsproto.h
+++ b/fs/cifs/cifsproto.h
@@ -388,4 +388,5 @@ extern int CIFSSMBSetPosixACL(const int xid, struct cifsTconInfo *tcon,
388 const struct nls_table *nls_codepage, int remap_special_chars); 388 const struct nls_table *nls_codepage, int remap_special_chars);
389extern int CIFSGetExtAttr(const int xid, struct cifsTconInfo *tcon, 389extern int CIFSGetExtAttr(const int xid, struct cifsTconInfo *tcon,
390 const int netfid, __u64 *pExtAttrBits, __u64 *pMask); 390 const int netfid, __u64 *pExtAttrBits, __u64 *pMask);
391extern void cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb);
391#endif /* _CIFSPROTO_H */ 392#endif /* _CIFSPROTO_H */
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 43003e0bef18..63ea83ff687f 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1577,7 +1577,8 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
1577 1577
1578out_err: 1578out_err:
1579 if (tcp_ses) { 1579 if (tcp_ses) {
1580 kfree(tcp_ses->hostname); 1580 if (!IS_ERR(tcp_ses->hostname))
1581 kfree(tcp_ses->hostname);
1581 if (tcp_ses->ssocket) 1582 if (tcp_ses->ssocket)
1582 sock_release(tcp_ses->ssocket); 1583 sock_release(tcp_ses->ssocket);
1583 kfree(tcp_ses); 1584 kfree(tcp_ses);
@@ -2219,16 +2220,8 @@ is_path_accessible(int xid, struct cifsTconInfo *tcon,
2219 struct cifs_sb_info *cifs_sb, const char *full_path) 2220 struct cifs_sb_info *cifs_sb, const char *full_path)
2220{ 2221{
2221 int rc; 2222 int rc;
2222 __u64 inode_num;
2223 FILE_ALL_INFO *pfile_info; 2223 FILE_ALL_INFO *pfile_info;
2224 2224
2225 rc = CIFSGetSrvInodeNumber(xid, tcon, full_path, &inode_num,
2226 cifs_sb->local_nls,
2227 cifs_sb->mnt_cifs_flags &
2228 CIFS_MOUNT_MAP_SPECIAL_CHR);
2229 if (rc != -EOPNOTSUPP)
2230 return rc;
2231
2232 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL); 2225 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2233 if (pfile_info == NULL) 2226 if (pfile_info == NULL)
2234 return -ENOMEM; 2227 return -ENOMEM;
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index 5e2492535daa..cababd8a52df 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -512,13 +512,10 @@ int cifs_get_inode_info(struct inode **pinode,
512 cifs_sb->local_nls, 512 cifs_sb->local_nls,
513 cifs_sb->mnt_cifs_flags & 513 cifs_sb->mnt_cifs_flags &
514 CIFS_MOUNT_MAP_SPECIAL_CHR); 514 CIFS_MOUNT_MAP_SPECIAL_CHR);
515 if (rc1) { 515 if (rc1 || !fattr.cf_uniqueid) {
516 cFYI(1, ("GetSrvInodeNum rc %d", rc1)); 516 cFYI(1, ("GetSrvInodeNum rc %d", rc1));
517 fattr.cf_uniqueid = iunique(sb, ROOT_I); 517 fattr.cf_uniqueid = iunique(sb, ROOT_I);
518 /* disable serverino if call not supported */ 518 cifs_autodisable_serverino(cifs_sb);
519 if (rc1 == -EINVAL)
520 cifs_sb->mnt_cifs_flags &=
521 ~CIFS_MOUNT_SERVER_INUM;
522 } 519 }
523 } else { 520 } else {
524 fattr.cf_uniqueid = iunique(sb, ROOT_I); 521 fattr.cf_uniqueid = iunique(sb, ROOT_I);
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 0241b25ac33f..d27d4ec6579b 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -715,3 +715,17 @@ cifsConvertToUCS(__le16 *target, const char *source, int maxlen,
715ctoUCS_out: 715ctoUCS_out:
716 return i; 716 return i;
717} 717}
718
719void
720cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb)
721{
722 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM) {
723 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
724 cERROR(1, ("Autodisabling the use of server inode numbers on "
725 "%s. This server doesn't seem to support them "
726 "properly. Hardlinks will not be recognized on this "
727 "mount. Consider mounting with the \"noserverino\" "
728 "option to silence this message.",
729 cifs_sb->tcon->treeName));
730 }
731}
diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
index 1f098ca71636..f84062f9a985 100644
--- a/fs/cifs/readdir.c
+++ b/fs/cifs/readdir.c
@@ -727,11 +727,12 @@ static int cifs_filldir(char *pfindEntry, struct file *file, filldir_t filldir,
727 cifs_dir_info_to_fattr(&fattr, (FILE_DIRECTORY_INFO *) 727 cifs_dir_info_to_fattr(&fattr, (FILE_DIRECTORY_INFO *)
728 pfindEntry, cifs_sb); 728 pfindEntry, cifs_sb);
729 729
730 /* FIXME: make _to_fattr functions fill this out */ 730 if (inum && (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM)) {
731 if (pCifsF->srch_inf.info_level == SMB_FIND_FILE_ID_FULL_DIR_INFO)
732 fattr.cf_uniqueid = inum; 731 fattr.cf_uniqueid = inum;
733 else 732 } else {
734 fattr.cf_uniqueid = iunique(sb, ROOT_I); 733 fattr.cf_uniqueid = iunique(sb, ROOT_I);
734 cifs_autodisable_serverino(cifs_sb);
735 }
735 736
736 ino = cifs_uniqueid_to_ino_t(fattr.cf_uniqueid); 737 ino = cifs_uniqueid_to_ino_t(fattr.cf_uniqueid);
737 tmp_dentry = cifs_readdir_lookup(file->f_dentry, &qstring, &fattr); 738 tmp_dentry = cifs_readdir_lookup(file->f_dentry, &qstring, &fattr);
diff --git a/fs/compat.c b/fs/compat.c
index d576b552e8e2..6c19040ffeef 100644
--- a/fs/compat.c
+++ b/fs/compat.c
@@ -1532,6 +1532,8 @@ int compat_do_execve(char * filename,
1532 if (retval < 0) 1532 if (retval < 0)
1533 goto out; 1533 goto out;
1534 1534
1535 current->stack_start = current->mm->start_stack;
1536
1535 /* execve succeeded */ 1537 /* execve succeeded */
1536 current->fs->in_exec = 0; 1538 current->fs->in_exec = 0;
1537 current->in_execve = 0; 1539 current->in_execve = 0;
diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c
index f91fd51b32e3..d84e7058c298 100644
--- a/fs/compat_ioctl.c
+++ b/fs/compat_ioctl.c
@@ -1800,7 +1800,7 @@ struct space_resv_32 {
1800/* just account for different alignment */ 1800/* just account for different alignment */
1801static int compat_ioctl_preallocate(struct file *file, unsigned long arg) 1801static int compat_ioctl_preallocate(struct file *file, unsigned long arg)
1802{ 1802{
1803 struct space_resv_32 __user *p32 = (void __user *)arg; 1803 struct space_resv_32 __user *p32 = compat_ptr(arg);
1804 struct space_resv __user *p = compat_alloc_user_space(sizeof(*p)); 1804 struct space_resv __user *p = compat_alloc_user_space(sizeof(*p));
1805 1805
1806 if (copy_in_user(&p->l_type, &p32->l_type, sizeof(s16)) || 1806 if (copy_in_user(&p->l_type, &p32->l_type, sizeof(s16)) ||
@@ -2802,7 +2802,7 @@ asmlinkage long compat_sys_ioctl(unsigned int fd, unsigned int cmd,
2802#else 2802#else
2803 case FS_IOC_RESVSP: 2803 case FS_IOC_RESVSP:
2804 case FS_IOC_RESVSP64: 2804 case FS_IOC_RESVSP64:
2805 error = ioctl_preallocate(filp, (void __user *)arg); 2805 error = ioctl_preallocate(filp, compat_ptr(arg));
2806 goto out_fput; 2806 goto out_fput;
2807#endif 2807#endif
2808 2808
diff --git a/fs/exec.c b/fs/exec.c
index d49be6bc1793..ba112bd4a339 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -624,10 +624,8 @@ int setup_arg_pages(struct linux_binprm *bprm,
624 /* Move stack pages down in memory. */ 624 /* Move stack pages down in memory. */
625 if (stack_shift) { 625 if (stack_shift) {
626 ret = shift_arg_pages(vma, stack_shift); 626 ret = shift_arg_pages(vma, stack_shift);
627 if (ret) { 627 if (ret)
628 up_write(&mm->mmap_sem); 628 goto out_unlock;
629 return ret;
630 }
631 } 629 }
632 630
633#ifdef CONFIG_STACK_GROWSUP 631#ifdef CONFIG_STACK_GROWSUP
@@ -641,7 +639,7 @@ int setup_arg_pages(struct linux_binprm *bprm,
641 639
642out_unlock: 640out_unlock:
643 up_write(&mm->mmap_sem); 641 up_write(&mm->mmap_sem);
644 return 0; 642 return ret;
645} 643}
646EXPORT_SYMBOL(setup_arg_pages); 644EXPORT_SYMBOL(setup_arg_pages);
647 645
diff --git a/fs/ext3/fsync.c b/fs/ext3/fsync.c
index 451d166bbe93..8209f266e9ad 100644
--- a/fs/ext3/fsync.c
+++ b/fs/ext3/fsync.c
@@ -46,19 +46,21 @@
46int ext3_sync_file(struct file * file, struct dentry *dentry, int datasync) 46int ext3_sync_file(struct file * file, struct dentry *dentry, int datasync)
47{ 47{
48 struct inode *inode = dentry->d_inode; 48 struct inode *inode = dentry->d_inode;
49 struct ext3_inode_info *ei = EXT3_I(inode);
50 journal_t *journal = EXT3_SB(inode->i_sb)->s_journal;
49 int ret = 0; 51 int ret = 0;
52 tid_t commit_tid;
53
54 if (inode->i_sb->s_flags & MS_RDONLY)
55 return 0;
50 56
51 J_ASSERT(ext3_journal_current_handle() == NULL); 57 J_ASSERT(ext3_journal_current_handle() == NULL);
52 58
53 /* 59 /*
54 * data=writeback: 60 * data=writeback,ordered:
55 * The caller's filemap_fdatawrite()/wait will sync the data. 61 * The caller's filemap_fdatawrite()/wait will sync the data.
56 * sync_inode() will sync the metadata 62 * Metadata is in the journal, we wait for a proper transaction
57 * 63 * to commit here.
58 * data=ordered:
59 * The caller's filemap_fdatawrite() will write the data and
60 * sync_inode() will write the inode if it is dirty. Then the caller's
61 * filemap_fdatawait() will wait on the pages.
62 * 64 *
63 * data=journal: 65 * data=journal:
64 * filemap_fdatawrite won't do anything (the buffers are clean). 66 * filemap_fdatawrite won't do anything (the buffers are clean).
@@ -73,22 +75,16 @@ int ext3_sync_file(struct file * file, struct dentry *dentry, int datasync)
73 goto out; 75 goto out;
74 } 76 }
75 77
76 if (datasync && !(inode->i_state & I_DIRTY_DATASYNC)) 78 if (datasync)
77 goto flush; 79 commit_tid = atomic_read(&ei->i_datasync_tid);
80 else
81 commit_tid = atomic_read(&ei->i_sync_tid);
78 82
79 /* 83 if (log_start_commit(journal, commit_tid)) {
80 * The VFS has written the file data. If the inode is unaltered 84 log_wait_commit(journal, commit_tid);
81 * then we need not start a commit.
82 */
83 if (inode->i_state & (I_DIRTY_SYNC|I_DIRTY_DATASYNC)) {
84 struct writeback_control wbc = {
85 .sync_mode = WB_SYNC_ALL,
86 .nr_to_write = 0, /* sys_fsync did this */
87 };
88 ret = sync_inode(inode, &wbc);
89 goto out; 85 goto out;
90 } 86 }
91flush: 87
92 /* 88 /*
93 * In case we didn't commit a transaction, we have to flush 89 * In case we didn't commit a transaction, we have to flush
94 * disk caches manually so that data really is on persistent 90 * disk caches manually so that data really is on persistent
diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c
index acf1b1423327..354ed3b47b30 100644
--- a/fs/ext3/inode.c
+++ b/fs/ext3/inode.c
@@ -699,8 +699,9 @@ static int ext3_splice_branch(handle_t *handle, struct inode *inode,
699 int err = 0; 699 int err = 0;
700 struct ext3_block_alloc_info *block_i; 700 struct ext3_block_alloc_info *block_i;
701 ext3_fsblk_t current_block; 701 ext3_fsblk_t current_block;
702 struct ext3_inode_info *ei = EXT3_I(inode);
702 703
703 block_i = EXT3_I(inode)->i_block_alloc_info; 704 block_i = ei->i_block_alloc_info;
704 /* 705 /*
705 * If we're splicing into a [td]indirect block (as opposed to the 706 * If we're splicing into a [td]indirect block (as opposed to the
706 * inode) then we need to get write access to the [td]indirect block 707 * inode) then we need to get write access to the [td]indirect block
@@ -741,6 +742,8 @@ static int ext3_splice_branch(handle_t *handle, struct inode *inode,
741 742
742 inode->i_ctime = CURRENT_TIME_SEC; 743 inode->i_ctime = CURRENT_TIME_SEC;
743 ext3_mark_inode_dirty(handle, inode); 744 ext3_mark_inode_dirty(handle, inode);
745 /* ext3_mark_inode_dirty already updated i_sync_tid */
746 atomic_set(&ei->i_datasync_tid, handle->h_transaction->t_tid);
744 747
745 /* had we spliced it onto indirect block? */ 748 /* had we spliced it onto indirect block? */
746 if (where->bh) { 749 if (where->bh) {
@@ -1735,6 +1738,7 @@ static ssize_t ext3_direct_IO(int rw, struct kiocb *iocb,
1735 ssize_t ret; 1738 ssize_t ret;
1736 int orphan = 0; 1739 int orphan = 0;
1737 size_t count = iov_length(iov, nr_segs); 1740 size_t count = iov_length(iov, nr_segs);
1741 int retries = 0;
1738 1742
1739 if (rw == WRITE) { 1743 if (rw == WRITE) {
1740 loff_t final_size = offset + count; 1744 loff_t final_size = offset + count;
@@ -1757,9 +1761,12 @@ static ssize_t ext3_direct_IO(int rw, struct kiocb *iocb,
1757 } 1761 }
1758 } 1762 }
1759 1763
1764retry:
1760 ret = blockdev_direct_IO(rw, iocb, inode, inode->i_sb->s_bdev, iov, 1765 ret = blockdev_direct_IO(rw, iocb, inode, inode->i_sb->s_bdev, iov,
1761 offset, nr_segs, 1766 offset, nr_segs,
1762 ext3_get_block, NULL); 1767 ext3_get_block, NULL);
1768 if (ret == -ENOSPC && ext3_should_retry_alloc(inode->i_sb, &retries))
1769 goto retry;
1763 1770
1764 if (orphan) { 1771 if (orphan) {
1765 int err; 1772 int err;
@@ -2750,6 +2757,8 @@ struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
2750 struct ext3_inode_info *ei; 2757 struct ext3_inode_info *ei;
2751 struct buffer_head *bh; 2758 struct buffer_head *bh;
2752 struct inode *inode; 2759 struct inode *inode;
2760 journal_t *journal = EXT3_SB(sb)->s_journal;
2761 transaction_t *transaction;
2753 long ret; 2762 long ret;
2754 int block; 2763 int block;
2755 2764
@@ -2827,6 +2836,30 @@ struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
2827 ei->i_data[block] = raw_inode->i_block[block]; 2836 ei->i_data[block] = raw_inode->i_block[block];
2828 INIT_LIST_HEAD(&ei->i_orphan); 2837 INIT_LIST_HEAD(&ei->i_orphan);
2829 2838
2839 /*
2840 * Set transaction id's of transactions that have to be committed
2841 * to finish f[data]sync. We set them to currently running transaction
2842 * as we cannot be sure that the inode or some of its metadata isn't
2843 * part of the transaction - the inode could have been reclaimed and
2844 * now it is reread from disk.
2845 */
2846 if (journal) {
2847 tid_t tid;
2848
2849 spin_lock(&journal->j_state_lock);
2850 if (journal->j_running_transaction)
2851 transaction = journal->j_running_transaction;
2852 else
2853 transaction = journal->j_committing_transaction;
2854 if (transaction)
2855 tid = transaction->t_tid;
2856 else
2857 tid = journal->j_commit_sequence;
2858 spin_unlock(&journal->j_state_lock);
2859 atomic_set(&ei->i_sync_tid, tid);
2860 atomic_set(&ei->i_datasync_tid, tid);
2861 }
2862
2830 if (inode->i_ino >= EXT3_FIRST_INO(inode->i_sb) + 1 && 2863 if (inode->i_ino >= EXT3_FIRST_INO(inode->i_sb) + 1 &&
2831 EXT3_INODE_SIZE(inode->i_sb) > EXT3_GOOD_OLD_INODE_SIZE) { 2864 EXT3_INODE_SIZE(inode->i_sb) > EXT3_GOOD_OLD_INODE_SIZE) {
2832 /* 2865 /*
@@ -3011,6 +3044,7 @@ again:
3011 err = rc; 3044 err = rc;
3012 ei->i_state &= ~EXT3_STATE_NEW; 3045 ei->i_state &= ~EXT3_STATE_NEW;
3013 3046
3047 atomic_set(&ei->i_sync_tid, handle->h_transaction->t_tid);
3014out_brelse: 3048out_brelse:
3015 brelse (bh); 3049 brelse (bh);
3016 ext3_std_error(inode->i_sb, err); 3050 ext3_std_error(inode->i_sb, err);
diff --git a/fs/ext3/super.c b/fs/ext3/super.c
index 7a520a862f49..427496c4767c 100644
--- a/fs/ext3/super.c
+++ b/fs/ext3/super.c
@@ -466,6 +466,8 @@ static struct inode *ext3_alloc_inode(struct super_block *sb)
466 return NULL; 466 return NULL;
467 ei->i_block_alloc_info = NULL; 467 ei->i_block_alloc_info = NULL;
468 ei->vfs_inode.i_version = 1; 468 ei->vfs_inode.i_version = 1;
469 atomic_set(&ei->i_datasync_tid, 0);
470 atomic_set(&ei->i_sync_tid, 0);
469 return &ei->vfs_inode; 471 return &ei->vfs_inode;
470} 472}
471 473
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index 984ca0cb38c3..8825515eeddd 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -322,6 +322,7 @@ static inline __u32 ext4_mask_flags(umode_t mode, __u32 flags)
322#define EXT4_STATE_NO_EXPAND 0x00000008 /* No space for expansion */ 322#define EXT4_STATE_NO_EXPAND 0x00000008 /* No space for expansion */
323#define EXT4_STATE_DA_ALLOC_CLOSE 0x00000010 /* Alloc DA blks on close */ 323#define EXT4_STATE_DA_ALLOC_CLOSE 0x00000010 /* Alloc DA blks on close */
324#define EXT4_STATE_EXT_MIGRATE 0x00000020 /* Inode is migrating */ 324#define EXT4_STATE_EXT_MIGRATE 0x00000020 /* Inode is migrating */
325#define EXT4_STATE_DIO_UNWRITTEN 0x00000040 /* need convert on dio done*/
325 326
326/* Used to pass group descriptor data when online resize is done */ 327/* Used to pass group descriptor data when online resize is done */
327struct ext4_new_group_input { 328struct ext4_new_group_input {
@@ -743,6 +744,7 @@ struct ext4_inode_info {
743#define EXT4_MOUNT_QUOTA 0x80000 /* Some quota option set */ 744#define EXT4_MOUNT_QUOTA 0x80000 /* Some quota option set */
744#define EXT4_MOUNT_USRQUOTA 0x100000 /* "old" user quota */ 745#define EXT4_MOUNT_USRQUOTA 0x100000 /* "old" user quota */
745#define EXT4_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */ 746#define EXT4_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
747#define EXT4_MOUNT_JOURNAL_CHECKSUM 0x800000 /* Journal checksums */
746#define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */ 748#define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */
747#define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */ 749#define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */
748#define EXT4_MOUNT_DELALLOC 0x8000000 /* Delalloc support */ 750#define EXT4_MOUNT_DELALLOC 0x8000000 /* Delalloc support */
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 10539e364283..715264b4bae4 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -2807,6 +2807,8 @@ fix_extent_len:
2807 * into three uninitialized extent(at most). After IO complete, the part 2807 * into three uninitialized extent(at most). After IO complete, the part
2808 * being filled will be convert to initialized by the end_io callback function 2808 * being filled will be convert to initialized by the end_io callback function
2809 * via ext4_convert_unwritten_extents(). 2809 * via ext4_convert_unwritten_extents().
2810 *
2811 * Returns the size of uninitialized extent to be written on success.
2810 */ 2812 */
2811static int ext4_split_unwritten_extents(handle_t *handle, 2813static int ext4_split_unwritten_extents(handle_t *handle,
2812 struct inode *inode, 2814 struct inode *inode,
@@ -2824,7 +2826,6 @@ static int ext4_split_unwritten_extents(handle_t *handle,
2824 unsigned int allocated, ee_len, depth; 2826 unsigned int allocated, ee_len, depth;
2825 ext4_fsblk_t newblock; 2827 ext4_fsblk_t newblock;
2826 int err = 0; 2828 int err = 0;
2827 int ret = 0;
2828 2829
2829 ext_debug("ext4_split_unwritten_extents: inode %lu," 2830 ext_debug("ext4_split_unwritten_extents: inode %lu,"
2830 "iblock %llu, max_blocks %u\n", inode->i_ino, 2831 "iblock %llu, max_blocks %u\n", inode->i_ino,
@@ -2842,12 +2843,12 @@ static int ext4_split_unwritten_extents(handle_t *handle,
2842 ext4_ext_store_pblock(&orig_ex, ext_pblock(ex)); 2843 ext4_ext_store_pblock(&orig_ex, ext_pblock(ex));
2843 2844
2844 /* 2845 /*
2845 * if the entire unintialized extent length less than 2846 * If the uninitialized extent begins at the same logical
2846 * the size of extent to write, there is no need to split 2847 * block where the write begins, and the write completely
2847 * uninitialized extent 2848 * covers the extent, then we don't need to split it.
2848 */ 2849 */
2849 if (allocated <= max_blocks) 2850 if ((iblock == ee_block) && (allocated <= max_blocks))
2850 return ret; 2851 return allocated;
2851 2852
2852 err = ext4_ext_get_access(handle, inode, path + depth); 2853 err = ext4_ext_get_access(handle, inode, path + depth);
2853 if (err) 2854 if (err)
@@ -3048,12 +3049,18 @@ ext4_ext_handle_uninitialized_extents(handle_t *handle, struct inode *inode,
3048 ret = ext4_split_unwritten_extents(handle, 3049 ret = ext4_split_unwritten_extents(handle,
3049 inode, path, iblock, 3050 inode, path, iblock,
3050 max_blocks, flags); 3051 max_blocks, flags);
3051 /* flag the io_end struct that we need convert when IO done */ 3052 /*
3053 * Flag the inode(non aio case) or end_io struct (aio case)
3054 * that this IO needs to convertion to written when IO is
3055 * completed
3056 */
3052 if (io) 3057 if (io)
3053 io->flag = DIO_AIO_UNWRITTEN; 3058 io->flag = DIO_AIO_UNWRITTEN;
3059 else
3060 EXT4_I(inode)->i_state |= EXT4_STATE_DIO_UNWRITTEN;
3054 goto out; 3061 goto out;
3055 } 3062 }
3056 /* DIO end_io complete, convert the filled extent to written */ 3063 /* async DIO end_io complete, convert the filled extent to written */
3057 if (flags == EXT4_GET_BLOCKS_DIO_CONVERT_EXT) { 3064 if (flags == EXT4_GET_BLOCKS_DIO_CONVERT_EXT) {
3058 ret = ext4_convert_unwritten_extents_dio(handle, inode, 3065 ret = ext4_convert_unwritten_extents_dio(handle, inode,
3059 path); 3066 path);
@@ -3295,10 +3302,16 @@ int ext4_ext_get_blocks(handle_t *handle, struct inode *inode,
3295 * To avoid unecessary convertion for every aio dio rewrite 3302 * To avoid unecessary convertion for every aio dio rewrite
3296 * to the mid of file, here we flag the IO that is really 3303 * to the mid of file, here we flag the IO that is really
3297 * need the convertion. 3304 * need the convertion.
3298 * 3305 * For non asycn direct IO case, flag the inode state
3306 * that we need to perform convertion when IO is done.
3299 */ 3307 */
3300 if (io && flags == EXT4_GET_BLOCKS_DIO_CREATE_EXT) 3308 if (flags == EXT4_GET_BLOCKS_DIO_CREATE_EXT) {
3301 io->flag = DIO_AIO_UNWRITTEN; 3309 if (io)
3310 io->flag = DIO_AIO_UNWRITTEN;
3311 else
3312 EXT4_I(inode)->i_state |=
3313 EXT4_STATE_DIO_UNWRITTEN;;
3314 }
3302 } 3315 }
3303 err = ext4_ext_insert_extent(handle, inode, path, &newex, flags); 3316 err = ext4_ext_insert_extent(handle, inode, path, &newex, flags);
3304 if (err) { 3317 if (err) {
@@ -3519,6 +3532,7 @@ retry:
3519 * 3532 *
3520 * This function is called from the direct IO end io call back 3533 * This function is called from the direct IO end io call back
3521 * function, to convert the fallocated extents after IO is completed. 3534 * function, to convert the fallocated extents after IO is completed.
3535 * Returns 0 on success.
3522 */ 3536 */
3523int ext4_convert_unwritten_extents(struct inode *inode, loff_t offset, 3537int ext4_convert_unwritten_extents(struct inode *inode, loff_t offset,
3524 loff_t len) 3538 loff_t len)
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 5c5bc5dafff8..2c8caa51addb 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -193,7 +193,7 @@ static int try_to_extend_transaction(handle_t *handle, struct inode *inode)
193 * so before we call here everything must be consistently dirtied against 193 * so before we call here everything must be consistently dirtied against
194 * this transaction. 194 * this transaction.
195 */ 195 */
196 int ext4_truncate_restart_trans(handle_t *handle, struct inode *inode, 196int ext4_truncate_restart_trans(handle_t *handle, struct inode *inode,
197 int nblocks) 197 int nblocks)
198{ 198{
199 int ret; 199 int ret;
@@ -209,6 +209,7 @@ static int try_to_extend_transaction(handle_t *handle, struct inode *inode)
209 up_write(&EXT4_I(inode)->i_data_sem); 209 up_write(&EXT4_I(inode)->i_data_sem);
210 ret = ext4_journal_restart(handle, blocks_for_truncate(inode)); 210 ret = ext4_journal_restart(handle, blocks_for_truncate(inode));
211 down_write(&EXT4_I(inode)->i_data_sem); 211 down_write(&EXT4_I(inode)->i_data_sem);
212 ext4_discard_preallocations(inode);
212 213
213 return ret; 214 return ret;
214} 215}
@@ -3445,8 +3446,6 @@ out:
3445 return ret; 3446 return ret;
3446} 3447}
3447 3448
3448/* Maximum number of blocks we map for direct IO at once. */
3449
3450static int ext4_get_block_dio_write(struct inode *inode, sector_t iblock, 3449static int ext4_get_block_dio_write(struct inode *inode, sector_t iblock,
3451 struct buffer_head *bh_result, int create) 3450 struct buffer_head *bh_result, int create)
3452{ 3451{
@@ -3654,13 +3653,14 @@ static void ext4_end_io_dio(struct kiocb *iocb, loff_t offset,
3654 ext4_io_end_t *io_end = iocb->private; 3653 ext4_io_end_t *io_end = iocb->private;
3655 struct workqueue_struct *wq; 3654 struct workqueue_struct *wq;
3656 3655
3656 /* if not async direct IO or dio with 0 bytes write, just return */
3657 if (!io_end || !size)
3658 return;
3659
3657 ext_debug("ext4_end_io_dio(): io_end 0x%p" 3660 ext_debug("ext4_end_io_dio(): io_end 0x%p"
3658 "for inode %lu, iocb 0x%p, offset %llu, size %llu\n", 3661 "for inode %lu, iocb 0x%p, offset %llu, size %llu\n",
3659 iocb->private, io_end->inode->i_ino, iocb, offset, 3662 iocb->private, io_end->inode->i_ino, iocb, offset,
3660 size); 3663 size);
3661 /* if not async direct IO or dio with 0 bytes write, just return */
3662 if (!io_end || !size)
3663 return;
3664 3664
3665 /* if not aio dio with unwritten extents, just free io and return */ 3665 /* if not aio dio with unwritten extents, just free io and return */
3666 if (io_end->flag != DIO_AIO_UNWRITTEN){ 3666 if (io_end->flag != DIO_AIO_UNWRITTEN){
@@ -3771,13 +3771,19 @@ static ssize_t ext4_ext_direct_IO(int rw, struct kiocb *iocb,
3771 if (ret != -EIOCBQUEUED && ret <= 0 && iocb->private) { 3771 if (ret != -EIOCBQUEUED && ret <= 0 && iocb->private) {
3772 ext4_free_io_end(iocb->private); 3772 ext4_free_io_end(iocb->private);
3773 iocb->private = NULL; 3773 iocb->private = NULL;
3774 } else if (ret > 0) 3774 } else if (ret > 0 && (EXT4_I(inode)->i_state &
3775 EXT4_STATE_DIO_UNWRITTEN)) {
3776 int err;
3775 /* 3777 /*
3776 * for non AIO case, since the IO is already 3778 * for non AIO case, since the IO is already
3777 * completed, we could do the convertion right here 3779 * completed, we could do the convertion right here
3778 */ 3780 */
3779 ret = ext4_convert_unwritten_extents(inode, 3781 err = ext4_convert_unwritten_extents(inode,
3780 offset, ret); 3782 offset, ret);
3783 if (err < 0)
3784 ret = err;
3785 EXT4_I(inode)->i_state &= ~EXT4_STATE_DIO_UNWRITTEN;
3786 }
3781 return ret; 3787 return ret;
3782 } 3788 }
3783 3789
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 7c8fe80bacdd..6d2c1b897fc7 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1518,12 +1518,8 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry,
1518 return retval; 1518 return retval;
1519 1519
1520 if (blocks == 1 && !dx_fallback && 1520 if (blocks == 1 && !dx_fallback &&
1521 EXT4_HAS_COMPAT_FEATURE(sb, EXT4_FEATURE_COMPAT_DIR_INDEX)) { 1521 EXT4_HAS_COMPAT_FEATURE(sb, EXT4_FEATURE_COMPAT_DIR_INDEX))
1522 retval = make_indexed_dir(handle, dentry, inode, bh); 1522 return make_indexed_dir(handle, dentry, inode, bh);
1523 if (retval == -ENOSPC)
1524 brelse(bh);
1525 return retval;
1526 }
1527 brelse(bh); 1523 brelse(bh);
1528 } 1524 }
1529 bh = ext4_append(handle, dir, &block, &retval); 1525 bh = ext4_append(handle, dir, &block, &retval);
@@ -1532,10 +1528,7 @@ static int ext4_add_entry(handle_t *handle, struct dentry *dentry,
1532 de = (struct ext4_dir_entry_2 *) bh->b_data; 1528 de = (struct ext4_dir_entry_2 *) bh->b_data;
1533 de->inode = 0; 1529 de->inode = 0;
1534 de->rec_len = ext4_rec_len_to_disk(blocksize, blocksize); 1530 de->rec_len = ext4_rec_len_to_disk(blocksize, blocksize);
1535 retval = add_dirent_to_buf(handle, dentry, inode, de, bh); 1531 return add_dirent_to_buf(handle, dentry, inode, de, bh);
1536 if (retval == -ENOSPC)
1537 brelse(bh);
1538 return retval;
1539} 1532}
1540 1533
1541/* 1534/*
@@ -1664,8 +1657,7 @@ static int ext4_dx_add_entry(handle_t *handle, struct dentry *dentry,
1664 if (!de) 1657 if (!de)
1665 goto cleanup; 1658 goto cleanup;
1666 err = add_dirent_to_buf(handle, dentry, inode, de, bh); 1659 err = add_dirent_to_buf(handle, dentry, inode, de, bh);
1667 if (err != -ENOSPC) 1660 bh = NULL;
1668 bh = NULL;
1669 goto cleanup; 1661 goto cleanup;
1670 1662
1671journal_error: 1663journal_error:
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 312211ee05af..d4ca92aab514 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1300,9 +1300,11 @@ static int parse_options(char *options, struct super_block *sb,
1300 *journal_devnum = option; 1300 *journal_devnum = option;
1301 break; 1301 break;
1302 case Opt_journal_checksum: 1302 case Opt_journal_checksum:
1303 break; /* Kept for backwards compatibility */ 1303 set_opt(sbi->s_mount_opt, JOURNAL_CHECKSUM);
1304 break;
1304 case Opt_journal_async_commit: 1305 case Opt_journal_async_commit:
1305 set_opt(sbi->s_mount_opt, JOURNAL_ASYNC_COMMIT); 1306 set_opt(sbi->s_mount_opt, JOURNAL_ASYNC_COMMIT);
1307 set_opt(sbi->s_mount_opt, JOURNAL_CHECKSUM);
1306 break; 1308 break;
1307 case Opt_noload: 1309 case Opt_noload:
1308 set_opt(sbi->s_mount_opt, NOLOAD); 1310 set_opt(sbi->s_mount_opt, NOLOAD);
@@ -2759,14 +2761,20 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
2759 goto failed_mount4; 2761 goto failed_mount4;
2760 } 2762 }
2761 2763
2762 jbd2_journal_set_features(sbi->s_journal, 2764 if (test_opt(sb, JOURNAL_ASYNC_COMMIT)) {
2763 JBD2_FEATURE_COMPAT_CHECKSUM, 0, 0); 2765 jbd2_journal_set_features(sbi->s_journal,
2764 if (test_opt(sb, JOURNAL_ASYNC_COMMIT)) 2766 JBD2_FEATURE_COMPAT_CHECKSUM, 0,
2765 jbd2_journal_set_features(sbi->s_journal, 0, 0,
2766 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT); 2767 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT);
2767 else 2768 } else if (test_opt(sb, JOURNAL_CHECKSUM)) {
2769 jbd2_journal_set_features(sbi->s_journal,
2770 JBD2_FEATURE_COMPAT_CHECKSUM, 0, 0);
2768 jbd2_journal_clear_features(sbi->s_journal, 0, 0, 2771 jbd2_journal_clear_features(sbi->s_journal, 0, 0,
2769 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT); 2772 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT);
2773 } else {
2774 jbd2_journal_clear_features(sbi->s_journal,
2775 JBD2_FEATURE_COMPAT_CHECKSUM, 0,
2776 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT);
2777 }
2770 2778
2771 /* We have now updated the journal if required, so we can 2779 /* We have now updated the journal if required, so we can
2772 * validate the data journaling mode. */ 2780 * validate the data journaling mode. */
diff --git a/fs/fcntl.c b/fs/fcntl.c
index fc089f2f7f56..2cf93ec40a67 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -284,7 +284,7 @@ static int f_setown_ex(struct file *filp, unsigned long arg)
284 type = PIDTYPE_PID; 284 type = PIDTYPE_PID;
285 break; 285 break;
286 286
287 case F_OWNER_GID: 287 case F_OWNER_PGRP:
288 type = PIDTYPE_PGID; 288 type = PIDTYPE_PGID;
289 break; 289 break;
290 290
@@ -321,7 +321,7 @@ static int f_getown_ex(struct file *filp, unsigned long arg)
321 break; 321 break;
322 322
323 case PIDTYPE_PGID: 323 case PIDTYPE_PGID:
324 owner.type = F_OWNER_GID; 324 owner.type = F_OWNER_PGRP;
325 break; 325 break;
326 326
327 default: 327 default:
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 992f6c9410bb..8ada78aade58 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -712,8 +712,10 @@ static int fuse_rename(struct inode *olddir, struct dentry *oldent,
712 fuse_invalidate_attr(newdir); 712 fuse_invalidate_attr(newdir);
713 713
714 /* newent will end up negative */ 714 /* newent will end up negative */
715 if (newent->d_inode) 715 if (newent->d_inode) {
716 fuse_invalidate_attr(newent->d_inode);
716 fuse_invalidate_entry_cache(newent); 717 fuse_invalidate_entry_cache(newent);
718 }
717 } else if (err == -EINTR) { 719 } else if (err == -EINTR) {
718 /* If request was interrupted, DEITY only knows if the 720 /* If request was interrupted, DEITY only knows if the
719 rename actually took place. If the invalidation 721 rename actually took place. If the invalidation
diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index a3492f7d207c..c18913a777ae 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -1063,7 +1063,8 @@ ssize_t fuse_direct_io(struct file *file, const char __user *buf,
1063 break; 1063 break;
1064 } 1064 }
1065 } 1065 }
1066 fuse_put_request(fc, req); 1066 if (!IS_ERR(req))
1067 fuse_put_request(fc, req);
1067 if (res > 0) 1068 if (res > 0)
1068 *ppos = pos; 1069 *ppos = pos;
1069 1070
@@ -1599,7 +1600,7 @@ static int fuse_ioctl_copy_user(struct page **pages, struct iovec *iov,
1599 kaddr += copy; 1600 kaddr += copy;
1600 } 1601 }
1601 1602
1602 kunmap(map); 1603 kunmap(page);
1603 } 1604 }
1604 1605
1605 return 0; 1606 return 0;
diff --git a/fs/hfs/btree.c b/fs/hfs/btree.c
index 9b9d6395bad3..052f214ea6f0 100644
--- a/fs/hfs/btree.c
+++ b/fs/hfs/btree.c
@@ -58,6 +58,11 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke
58 } 58 }
59 unlock_new_inode(tree->inode); 59 unlock_new_inode(tree->inode);
60 60
61 if (!HFS_I(tree->inode)->first_blocks) {
62 printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n");
63 goto free_inode;
64 }
65
61 mapping = tree->inode->i_mapping; 66 mapping = tree->inode->i_mapping;
62 page = read_mapping_page(mapping, 0, NULL); 67 page = read_mapping_page(mapping, 0, NULL);
63 if (IS_ERR(page)) 68 if (IS_ERR(page))
diff --git a/fs/hfsplus/wrapper.c b/fs/hfsplus/wrapper.c
index 175d08eacc86..bed78ac8f6d1 100644
--- a/fs/hfsplus/wrapper.c
+++ b/fs/hfsplus/wrapper.c
@@ -99,6 +99,10 @@ int hfsplus_read_wrapper(struct super_block *sb)
99 99
100 if (hfsplus_get_last_session(sb, &part_start, &part_size)) 100 if (hfsplus_get_last_session(sb, &part_start, &part_size))
101 return -EINVAL; 101 return -EINVAL;
102 if ((u64)part_start + part_size > 0x100000000ULL) {
103 pr_err("hfs: volumes larger than 2TB are not supported yet\n");
104 return -EINVAL;
105 }
102 while (1) { 106 while (1) {
103 bh = sb_bread512(sb, part_start + HFSPLUS_VOLHEAD_SECTOR, vhdr); 107 bh = sb_bread512(sb, part_start + HFSPLUS_VOLHEAD_SECTOR, vhdr);
104 if (!bh) 108 if (!bh)
diff --git a/fs/ioctl.c b/fs/ioctl.c
index 7b17a14396ff..6c751106c2e5 100644
--- a/fs/ioctl.c
+++ b/fs/ioctl.c
@@ -254,7 +254,7 @@ int __generic_block_fiemap(struct inode *inode,
254 u64 len, get_block_t *get_block) 254 u64 len, get_block_t *get_block)
255{ 255{
256 struct buffer_head tmp; 256 struct buffer_head tmp;
257 unsigned int start_blk; 257 unsigned long long start_blk;
258 long long length = 0, map_len = 0; 258 long long length = 0, map_len = 0;
259 u64 logical = 0, phys = 0, size = 0; 259 u64 logical = 0, phys = 0, size = 0;
260 u32 flags = FIEMAP_EXTENT_MERGED; 260 u32 flags = FIEMAP_EXTENT_MERGED;
diff --git a/fs/jbd/journal.c b/fs/jbd/journal.c
index bd3c073b485d..4160afad6d00 100644
--- a/fs/jbd/journal.c
+++ b/fs/jbd/journal.c
@@ -73,6 +73,7 @@ EXPORT_SYMBOL(journal_errno);
73EXPORT_SYMBOL(journal_ack_err); 73EXPORT_SYMBOL(journal_ack_err);
74EXPORT_SYMBOL(journal_clear_err); 74EXPORT_SYMBOL(journal_clear_err);
75EXPORT_SYMBOL(log_wait_commit); 75EXPORT_SYMBOL(log_wait_commit);
76EXPORT_SYMBOL(log_start_commit);
76EXPORT_SYMBOL(journal_start_commit); 77EXPORT_SYMBOL(journal_start_commit);
77EXPORT_SYMBOL(journal_force_commit_nested); 78EXPORT_SYMBOL(journal_force_commit_nested);
78EXPORT_SYMBOL(journal_wipe); 79EXPORT_SYMBOL(journal_wipe);
@@ -756,6 +757,7 @@ journal_t * journal_init_dev(struct block_device *bdev,
756 757
757 return journal; 758 return journal;
758out_err: 759out_err:
760 kfree(journal->j_wbuf);
759 kfree(journal); 761 kfree(journal);
760 return NULL; 762 return NULL;
761} 763}
@@ -820,6 +822,7 @@ journal_t * journal_init_inode (struct inode *inode)
820 822
821 return journal; 823 return journal;
822out_err: 824out_err:
825 kfree(journal->j_wbuf);
823 kfree(journal); 826 kfree(journal);
824 return NULL; 827 return NULL;
825} 828}
diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c
index b0ab5219becb..fed85388ee86 100644
--- a/fs/jbd2/journal.c
+++ b/fs/jbd2/journal.c
@@ -913,6 +913,7 @@ journal_t * jbd2_journal_init_dev(struct block_device *bdev,
913 913
914 return journal; 914 return journal;
915out_err: 915out_err:
916 kfree(journal->j_wbuf);
916 jbd2_stats_proc_exit(journal); 917 jbd2_stats_proc_exit(journal);
917 kfree(journal); 918 kfree(journal);
918 return NULL; 919 return NULL;
@@ -986,6 +987,7 @@ journal_t * jbd2_journal_init_inode (struct inode *inode)
986 987
987 return journal; 988 return journal;
988out_err: 989out_err:
990 kfree(journal->j_wbuf);
989 jbd2_stats_proc_exit(journal); 991 jbd2_stats_proc_exit(journal);
990 kfree(journal); 992 kfree(journal);
991 return NULL; 993 return NULL;
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index 32062c33c859..7cb298525eef 100644
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -1536,6 +1536,8 @@ nfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry)
1536 old_dentry->d_parent->d_name.name, old_dentry->d_name.name, 1536 old_dentry->d_parent->d_name.name, old_dentry->d_name.name,
1537 dentry->d_parent->d_name.name, dentry->d_name.name); 1537 dentry->d_parent->d_name.name, dentry->d_name.name);
1538 1538
1539 nfs_inode_return_delegation(inode);
1540
1539 d_drop(dentry); 1541 d_drop(dentry);
1540 error = NFS_PROTO(dir)->link(inode, dir, &dentry->d_name); 1542 error = NFS_PROTO(dir)->link(inode, dir, &dentry->d_name);
1541 if (error == 0) { 1543 if (error == 0) {
diff --git a/fs/nfs/direct.c b/fs/nfs/direct.c
index 6c3210099d51..e1d415e97849 100644
--- a/fs/nfs/direct.c
+++ b/fs/nfs/direct.c
@@ -457,6 +457,7 @@ static void nfs_direct_write_reschedule(struct nfs_direct_req *dreq)
457 }; 457 };
458 struct rpc_task_setup task_setup_data = { 458 struct rpc_task_setup task_setup_data = {
459 .rpc_client = NFS_CLIENT(inode), 459 .rpc_client = NFS_CLIENT(inode),
460 .rpc_message = &msg,
460 .callback_ops = &nfs_write_direct_ops, 461 .callback_ops = &nfs_write_direct_ops,
461 .workqueue = nfsiod_workqueue, 462 .workqueue = nfsiod_workqueue,
462 .flags = RPC_TASK_ASYNC, 463 .flags = RPC_TASK_ASYNC,
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index ed7c269e2514..741a562177fc 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -72,12 +72,17 @@ static int _nfs4_proc_getattr(struct nfs_server *server, struct nfs_fh *fhandle,
72/* Prevent leaks of NFSv4 errors into userland */ 72/* Prevent leaks of NFSv4 errors into userland */
73static int nfs4_map_errors(int err) 73static int nfs4_map_errors(int err)
74{ 74{
75 if (err < -1000) { 75 if (err >= -1000)
76 return err;
77 switch (err) {
78 case -NFS4ERR_RESOURCE:
79 return -EREMOTEIO;
80 default:
76 dprintk("%s could not handle NFSv4 error %d\n", 81 dprintk("%s could not handle NFSv4 error %d\n",
77 __func__, -err); 82 __func__, -err);
78 return -EIO; 83 break;
79 } 84 }
80 return err; 85 return -EIO;
81} 86}
82 87
83/* 88/*
@@ -2762,7 +2767,7 @@ static int _nfs4_proc_readdir(struct dentry *dentry, struct rpc_cred *cred,
2762 .pages = &page, 2767 .pages = &page,
2763 .pgbase = 0, 2768 .pgbase = 0,
2764 .count = count, 2769 .count = count,
2765 .bitmask = NFS_SERVER(dentry->d_inode)->cache_consistency_bitmask, 2770 .bitmask = NFS_SERVER(dentry->d_inode)->attr_bitmask,
2766 }; 2771 };
2767 struct nfs4_readdir_res res; 2772 struct nfs4_readdir_res res;
2768 struct rpc_message msg = { 2773 struct rpc_message msg = {
@@ -3060,9 +3065,6 @@ static void nfs4_renew_done(struct rpc_task *task, void *data)
3060 if (time_before(clp->cl_last_renewal,timestamp)) 3065 if (time_before(clp->cl_last_renewal,timestamp))
3061 clp->cl_last_renewal = timestamp; 3066 clp->cl_last_renewal = timestamp;
3062 spin_unlock(&clp->cl_lock); 3067 spin_unlock(&clp->cl_lock);
3063 dprintk("%s calling put_rpccred on rpc_cred %p\n", __func__,
3064 task->tk_msg.rpc_cred);
3065 put_rpccred(task->tk_msg.rpc_cred);
3066} 3068}
3067 3069
3068static const struct rpc_call_ops nfs4_renew_ops = { 3070static const struct rpc_call_ops nfs4_renew_ops = {
@@ -4877,7 +4879,6 @@ void nfs41_sequence_call_done(struct rpc_task *task, void *data)
4877 nfs41_sequence_free_slot(clp, task->tk_msg.rpc_resp); 4879 nfs41_sequence_free_slot(clp, task->tk_msg.rpc_resp);
4878 dprintk("%s rpc_cred %p\n", __func__, task->tk_msg.rpc_cred); 4880 dprintk("%s rpc_cred %p\n", __func__, task->tk_msg.rpc_cred);
4879 4881
4880 put_rpccred(task->tk_msg.rpc_cred);
4881 kfree(task->tk_msg.rpc_argp); 4882 kfree(task->tk_msg.rpc_argp);
4882 kfree(task->tk_msg.rpc_resp); 4883 kfree(task->tk_msg.rpc_resp);
4883 4884
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index 83ad47cbdd8a..20b4e30e6c82 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -5681,7 +5681,6 @@ static struct {
5681 { NFS4ERR_SERVERFAULT, -ESERVERFAULT }, 5681 { NFS4ERR_SERVERFAULT, -ESERVERFAULT },
5682 { NFS4ERR_BADTYPE, -EBADTYPE }, 5682 { NFS4ERR_BADTYPE, -EBADTYPE },
5683 { NFS4ERR_LOCKED, -EAGAIN }, 5683 { NFS4ERR_LOCKED, -EAGAIN },
5684 { NFS4ERR_RESOURCE, -EREMOTEIO },
5685 { NFS4ERR_SYMLINK, -ELOOP }, 5684 { NFS4ERR_SYMLINK, -ELOOP },
5686 { NFS4ERR_OP_ILLEGAL, -EOPNOTSUPP }, 5685 { NFS4ERR_OP_ILLEGAL, -EOPNOTSUPP },
5687 { NFS4ERR_DEADLOCK, -EDEADLK }, 5686 { NFS4ERR_DEADLOCK, -EDEADLK },
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index edf926e1062f..d0a2ce1b4324 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -958,7 +958,7 @@ encode_entry(struct readdir_cd *ccd, const char *name, int namlen,
958 p1 = encode_entry_baggage(cd, p1, name, namlen, ino); 958 p1 = encode_entry_baggage(cd, p1, name, namlen, ino);
959 959
960 if (plus) 960 if (plus)
961 p = encode_entryplus_baggage(cd, p1, name, namlen); 961 p1 = encode_entryplus_baggage(cd, p1, name, namlen);
962 962
963 /* determine entry word length and lengths to go in pages */ 963 /* determine entry word length and lengths to go in pages */
964 num_entry_words = p1 - tmp; 964 num_entry_words = p1 - tmp;
diff --git a/fs/nilfs2/btnode.c b/fs/nilfs2/btnode.c
index 5941958f1e47..84c25382f8e3 100644
--- a/fs/nilfs2/btnode.c
+++ b/fs/nilfs2/btnode.c
@@ -87,6 +87,7 @@ int nilfs_btnode_submit_block(struct address_space *btnc, __u64 blocknr,
87 brelse(bh); 87 brelse(bh);
88 BUG(); 88 BUG();
89 } 89 }
90 memset(bh->b_data, 0, 1 << inode->i_blkbits);
90 bh->b_bdev = NILFS_I_NILFS(inode)->ns_bdev; 91 bh->b_bdev = NILFS_I_NILFS(inode)->ns_bdev;
91 bh->b_blocknr = blocknr; 92 bh->b_blocknr = blocknr;
92 set_buffer_mapped(bh); 93 set_buffer_mapped(bh);
@@ -276,8 +277,7 @@ void nilfs_btnode_commit_change_key(struct address_space *btnc,
276 "invalid oldkey %lld (newkey=%lld)", 277 "invalid oldkey %lld (newkey=%lld)",
277 (unsigned long long)oldkey, 278 (unsigned long long)oldkey,
278 (unsigned long long)newkey); 279 (unsigned long long)newkey);
279 if (!test_set_buffer_dirty(obh) && TestSetPageDirty(opage)) 280 nilfs_btnode_mark_dirty(obh);
280 BUG();
281 281
282 spin_lock_irq(&btnc->tree_lock); 282 spin_lock_irq(&btnc->tree_lock);
283 radix_tree_delete(&btnc->page_tree, oldkey); 283 radix_tree_delete(&btnc->page_tree, oldkey);
diff --git a/fs/nilfs2/cpfile.c b/fs/nilfs2/cpfile.c
index 1c6cfb59128d..3f5d5d06f53c 100644
--- a/fs/nilfs2/cpfile.c
+++ b/fs/nilfs2/cpfile.c
@@ -871,7 +871,6 @@ int nilfs_cpfile_change_cpmode(struct inode *cpfile, __u64 cno, int mode)
871 * exclusive with a new mount job. Though it doesn't cover 871 * exclusive with a new mount job. Though it doesn't cover
872 * umount, it's enough for the purpose. 872 * umount, it's enough for the purpose.
873 */ 873 */
874 mutex_lock(&nilfs->ns_mount_mutex);
875 if (nilfs_checkpoint_is_mounted(nilfs, cno, 1)) { 874 if (nilfs_checkpoint_is_mounted(nilfs, cno, 1)) {
876 /* Current implementation does not have to protect 875 /* Current implementation does not have to protect
877 plain read-only mounts since they are exclusive 876 plain read-only mounts since they are exclusive
@@ -880,7 +879,6 @@ int nilfs_cpfile_change_cpmode(struct inode *cpfile, __u64 cno, int mode)
880 ret = -EBUSY; 879 ret = -EBUSY;
881 } else 880 } else
882 ret = nilfs_cpfile_clear_snapshot(cpfile, cno); 881 ret = nilfs_cpfile_clear_snapshot(cpfile, cno);
883 mutex_unlock(&nilfs->ns_mount_mutex);
884 return ret; 882 return ret;
885 case NILFS_SNAPSHOT: 883 case NILFS_SNAPSHOT:
886 return nilfs_cpfile_set_snapshot(cpfile, cno); 884 return nilfs_cpfile_set_snapshot(cpfile, cno);
diff --git a/fs/nilfs2/inode.c b/fs/nilfs2/inode.c
index 5040220c3732..2a0a5a3ac134 100644
--- a/fs/nilfs2/inode.c
+++ b/fs/nilfs2/inode.c
@@ -664,7 +664,6 @@ int nilfs_load_inode_block(struct nilfs_sb_info *sbi, struct inode *inode,
664 int err; 664 int err;
665 665
666 spin_lock(&sbi->s_inode_lock); 666 spin_lock(&sbi->s_inode_lock);
667 /* Caller of this function MUST lock s_inode_lock */
668 if (ii->i_bh == NULL) { 667 if (ii->i_bh == NULL) {
669 spin_unlock(&sbi->s_inode_lock); 668 spin_unlock(&sbi->s_inode_lock);
670 err = nilfs_ifile_get_inode_block(sbi->s_ifile, inode->i_ino, 669 err = nilfs_ifile_get_inode_block(sbi->s_ifile, inode->i_ino,
diff --git a/fs/nilfs2/ioctl.c b/fs/nilfs2/ioctl.c
index 6572ea4bc4df..f6af76042d80 100644
--- a/fs/nilfs2/ioctl.c
+++ b/fs/nilfs2/ioctl.c
@@ -99,7 +99,8 @@ static int nilfs_ioctl_wrap_copy(struct the_nilfs *nilfs,
99static int nilfs_ioctl_change_cpmode(struct inode *inode, struct file *filp, 99static int nilfs_ioctl_change_cpmode(struct inode *inode, struct file *filp,
100 unsigned int cmd, void __user *argp) 100 unsigned int cmd, void __user *argp)
101{ 101{
102 struct inode *cpfile = NILFS_SB(inode->i_sb)->s_nilfs->ns_cpfile; 102 struct the_nilfs *nilfs = NILFS_SB(inode->i_sb)->s_nilfs;
103 struct inode *cpfile = nilfs->ns_cpfile;
103 struct nilfs_transaction_info ti; 104 struct nilfs_transaction_info ti;
104 struct nilfs_cpmode cpmode; 105 struct nilfs_cpmode cpmode;
105 int ret; 106 int ret;
@@ -109,14 +110,17 @@ static int nilfs_ioctl_change_cpmode(struct inode *inode, struct file *filp,
109 if (copy_from_user(&cpmode, argp, sizeof(cpmode))) 110 if (copy_from_user(&cpmode, argp, sizeof(cpmode)))
110 return -EFAULT; 111 return -EFAULT;
111 112
113 mutex_lock(&nilfs->ns_mount_mutex);
112 nilfs_transaction_begin(inode->i_sb, &ti, 0); 114 nilfs_transaction_begin(inode->i_sb, &ti, 0);
113 ret = nilfs_cpfile_change_cpmode( 115 ret = nilfs_cpfile_change_cpmode(
114 cpfile, cpmode.cm_cno, cpmode.cm_mode); 116 cpfile, cpmode.cm_cno, cpmode.cm_mode);
115 if (unlikely(ret < 0)) { 117 if (unlikely(ret < 0)) {
116 nilfs_transaction_abort(inode->i_sb); 118 nilfs_transaction_abort(inode->i_sb);
119 mutex_unlock(&nilfs->ns_mount_mutex);
117 return ret; 120 return ret;
118 } 121 }
119 nilfs_transaction_commit(inode->i_sb); /* never fails */ 122 nilfs_transaction_commit(inode->i_sb); /* never fails */
123 mutex_unlock(&nilfs->ns_mount_mutex);
120 return ret; 124 return ret;
121} 125}
122 126
@@ -297,7 +301,18 @@ static int nilfs_ioctl_move_inode_block(struct inode *inode,
297 (unsigned long long)vdesc->vd_vblocknr); 301 (unsigned long long)vdesc->vd_vblocknr);
298 return ret; 302 return ret;
299 } 303 }
300 bh->b_private = vdesc; 304 if (unlikely(!list_empty(&bh->b_assoc_buffers))) {
305 printk(KERN_CRIT "%s: conflicting %s buffer: ino=%llu, "
306 "cno=%llu, offset=%llu, blocknr=%llu, vblocknr=%llu\n",
307 __func__, vdesc->vd_flags ? "node" : "data",
308 (unsigned long long)vdesc->vd_ino,
309 (unsigned long long)vdesc->vd_cno,
310 (unsigned long long)vdesc->vd_offset,
311 (unsigned long long)vdesc->vd_blocknr,
312 (unsigned long long)vdesc->vd_vblocknr);
313 brelse(bh);
314 return -EEXIST;
315 }
301 list_add_tail(&bh->b_assoc_buffers, buffers); 316 list_add_tail(&bh->b_assoc_buffers, buffers);
302 return 0; 317 return 0;
303} 318}
@@ -335,24 +350,10 @@ static int nilfs_ioctl_move_blocks(struct the_nilfs *nilfs,
335 list_for_each_entry_safe(bh, n, &buffers, b_assoc_buffers) { 350 list_for_each_entry_safe(bh, n, &buffers, b_assoc_buffers) {
336 ret = nilfs_gccache_wait_and_mark_dirty(bh); 351 ret = nilfs_gccache_wait_and_mark_dirty(bh);
337 if (unlikely(ret < 0)) { 352 if (unlikely(ret < 0)) {
338 if (ret == -EEXIST) { 353 WARN_ON(ret == -EEXIST);
339 vdesc = bh->b_private;
340 printk(KERN_CRIT
341 "%s: conflicting %s buffer: "
342 "ino=%llu, cno=%llu, offset=%llu, "
343 "blocknr=%llu, vblocknr=%llu\n",
344 __func__,
345 vdesc->vd_flags ? "node" : "data",
346 (unsigned long long)vdesc->vd_ino,
347 (unsigned long long)vdesc->vd_cno,
348 (unsigned long long)vdesc->vd_offset,
349 (unsigned long long)vdesc->vd_blocknr,
350 (unsigned long long)vdesc->vd_vblocknr);
351 }
352 goto failed; 354 goto failed;
353 } 355 }
354 list_del_init(&bh->b_assoc_buffers); 356 list_del_init(&bh->b_assoc_buffers);
355 bh->b_private = NULL;
356 brelse(bh); 357 brelse(bh);
357 } 358 }
358 return nmembs; 359 return nmembs;
@@ -360,7 +361,6 @@ static int nilfs_ioctl_move_blocks(struct the_nilfs *nilfs,
360 failed: 361 failed:
361 list_for_each_entry_safe(bh, n, &buffers, b_assoc_buffers) { 362 list_for_each_entry_safe(bh, n, &buffers, b_assoc_buffers) {
362 list_del_init(&bh->b_assoc_buffers); 363 list_del_init(&bh->b_assoc_buffers);
363 bh->b_private = NULL;
364 brelse(bh); 364 brelse(bh);
365 } 365 }
366 return ret; 366 return ret;
@@ -471,7 +471,6 @@ int nilfs_ioctl_prepare_clean_segments(struct the_nilfs *nilfs,
471 return 0; 471 return 0;
472 472
473 failed: 473 failed:
474 nilfs_remove_all_gcinode(nilfs);
475 printk(KERN_ERR "NILFS: GC failed during preparation: %s: err=%d\n", 474 printk(KERN_ERR "NILFS: GC failed during preparation: %s: err=%d\n",
476 msg, ret); 475 msg, ret);
477 return ret; 476 return ret;
@@ -560,6 +559,8 @@ static int nilfs_ioctl_clean_segments(struct inode *inode, struct file *filp,
560 else 559 else
561 ret = nilfs_clean_segments(inode->i_sb, argv, kbufs); 560 ret = nilfs_clean_segments(inode->i_sb, argv, kbufs);
562 561
562 if (ret < 0)
563 nilfs_remove_all_gcinode(nilfs);
563 clear_nilfs_gc_running(nilfs); 564 clear_nilfs_gc_running(nilfs);
564 565
565 out_free: 566 out_free:
diff --git a/fs/nilfs2/segment.c b/fs/nilfs2/segment.c
index 683df89dbae5..6eff66a070d5 100644
--- a/fs/nilfs2/segment.c
+++ b/fs/nilfs2/segment.c
@@ -2468,17 +2468,22 @@ static void nilfs_segctor_notify(struct nilfs_sc_info *sci,
2468 /* Clear requests (even when the construction failed) */ 2468 /* Clear requests (even when the construction failed) */
2469 spin_lock(&sci->sc_state_lock); 2469 spin_lock(&sci->sc_state_lock);
2470 2470
2471 sci->sc_state &= ~NILFS_SEGCTOR_COMMIT;
2472
2473 if (req->mode == SC_LSEG_SR) { 2471 if (req->mode == SC_LSEG_SR) {
2472 sci->sc_state &= ~NILFS_SEGCTOR_COMMIT;
2474 sci->sc_seq_done = req->seq_accepted; 2473 sci->sc_seq_done = req->seq_accepted;
2475 nilfs_segctor_wakeup(sci, req->sc_err ? : req->sb_err); 2474 nilfs_segctor_wakeup(sci, req->sc_err ? : req->sb_err);
2476 sci->sc_flush_request = 0; 2475 sci->sc_flush_request = 0;
2477 } else if (req->mode == SC_FLUSH_FILE) 2476 } else {
2478 sci->sc_flush_request &= ~FLUSH_FILE_BIT; 2477 if (req->mode == SC_FLUSH_FILE)
2479 else if (req->mode == SC_FLUSH_DAT) 2478 sci->sc_flush_request &= ~FLUSH_FILE_BIT;
2480 sci->sc_flush_request &= ~FLUSH_DAT_BIT; 2479 else if (req->mode == SC_FLUSH_DAT)
2480 sci->sc_flush_request &= ~FLUSH_DAT_BIT;
2481 2481
2482 /* re-enable timer if checkpoint creation was not done */
2483 if (sci->sc_timer && (sci->sc_state & NILFS_SEGCTOR_COMMIT) &&
2484 time_before(jiffies, sci->sc_timer->expires))
2485 add_timer(sci->sc_timer);
2486 }
2482 spin_unlock(&sci->sc_state_lock); 2487 spin_unlock(&sci->sc_state_lock);
2483} 2488}
2484 2489
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 07f77a7945c3..822c2d506518 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -571,7 +571,7 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns,
571 rsslim, 571 rsslim,
572 mm ? mm->start_code : 0, 572 mm ? mm->start_code : 0,
573 mm ? mm->end_code : 0, 573 mm ? mm->end_code : 0,
574 (permitted) ? task->stack_start : 0, 574 (permitted && mm) ? task->stack_start : 0,
575 esp, 575 esp,
576 eip, 576 eip,
577 /* The signal information here is obsolete. 577 /* The signal information here is obsolete.
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 837469a96598..af643b5aefe8 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2597,8 +2597,7 @@ static void proc_flush_task_mnt(struct vfsmount *mnt, pid_t pid, pid_t tgid)
2597 name.len = snprintf(buf, sizeof(buf), "%d", pid); 2597 name.len = snprintf(buf, sizeof(buf), "%d", pid);
2598 dentry = d_hash_and_lookup(mnt->mnt_root, &name); 2598 dentry = d_hash_and_lookup(mnt->mnt_root, &name);
2599 if (dentry) { 2599 if (dentry) {
2600 if (!(current->flags & PF_EXITING)) 2600 shrink_dcache_parent(dentry);
2601 shrink_dcache_parent(dentry);
2602 d_drop(dentry); 2601 d_drop(dentry);
2603 dput(dentry); 2602 dput(dentry);
2604 } 2603 }
diff --git a/fs/proc/meminfo.c b/fs/proc/meminfo.c
index c7bff4f603ff..a65239cfd97e 100644
--- a/fs/proc/meminfo.c
+++ b/fs/proc/meminfo.c
@@ -99,7 +99,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
99 "VmallocUsed: %8lu kB\n" 99 "VmallocUsed: %8lu kB\n"
100 "VmallocChunk: %8lu kB\n" 100 "VmallocChunk: %8lu kB\n"
101#ifdef CONFIG_MEMORY_FAILURE 101#ifdef CONFIG_MEMORY_FAILURE
102 "HardwareCorrupted: %8lu kB\n" 102 "HardwareCorrupted: %5lu kB\n"
103#endif 103#endif
104 , 104 ,
105 K(i.totalram), 105 K(i.totalram),
diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
index 5fad489ce5bc..e0201837d244 100644
--- a/fs/sysfs/dir.c
+++ b/fs/sysfs/dir.c
@@ -21,6 +21,7 @@
21#include <linux/completion.h> 21#include <linux/completion.h>
22#include <linux/mutex.h> 22#include <linux/mutex.h>
23#include <linux/slab.h> 23#include <linux/slab.h>
24#include <linux/security.h>
24#include "sysfs.h" 25#include "sysfs.h"
25 26
26DEFINE_MUTEX(sysfs_mutex); 27DEFINE_MUTEX(sysfs_mutex);
@@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
285 sysfs_put(sd->s_symlink.target_sd); 286 sysfs_put(sd->s_symlink.target_sd);
286 if (sysfs_type(sd) & SYSFS_COPY_NAME) 287 if (sysfs_type(sd) & SYSFS_COPY_NAME)
287 kfree(sd->s_name); 288 kfree(sd->s_name);
289 if (sd->s_iattr && sd->s_iattr->ia_secdata)
290 security_release_secctx(sd->s_iattr->ia_secdata,
291 sd->s_iattr->ia_secdata_len);
288 kfree(sd->s_iattr); 292 kfree(sd->s_iattr);
289 sysfs_free_ino(sd->s_ino); 293 sysfs_free_ino(sd->s_ino);
290 kmem_cache_free(sysfs_dir_cachep, sd); 294 kmem_cache_free(sysfs_dir_cachep, sd);
diff --git a/fs/xfs/linux-2.6/xfs_quotaops.c b/fs/xfs/linux-2.6/xfs_quotaops.c
index 9e41f91aa269..3d4a0c84d634 100644
--- a/fs/xfs/linux-2.6/xfs_quotaops.c
+++ b/fs/xfs/linux-2.6/xfs_quotaops.c
@@ -80,7 +80,7 @@ xfs_fs_set_xstate(
80 80
81 if (sb->s_flags & MS_RDONLY) 81 if (sb->s_flags & MS_RDONLY)
82 return -EROFS; 82 return -EROFS;
83 if (!XFS_IS_QUOTA_RUNNING(mp)) 83 if (op != Q_XQUOTARM && !XFS_IS_QUOTA_RUNNING(mp))
84 return -ENOSYS; 84 return -ENOSYS;
85 if (!capable(CAP_SYS_ADMIN)) 85 if (!capable(CAP_SYS_ADMIN))
86 return -EPERM; 86 return -EPERM;
diff --git a/fs/xfs/quota/xfs_qm_syscalls.c b/fs/xfs/quota/xfs_qm_syscalls.c
index 4e4276b956e8..5d1a3b98a6e6 100644
--- a/fs/xfs/quota/xfs_qm_syscalls.c
+++ b/fs/xfs/quota/xfs_qm_syscalls.c
@@ -876,7 +876,6 @@ xfs_dqrele_inode(
876 ip->i_gdquot = NULL; 876 ip->i_gdquot = NULL;
877 } 877 }
878 xfs_iput(ip, XFS_ILOCK_EXCL); 878 xfs_iput(ip, XFS_ILOCK_EXCL);
879 IRELE(ip);
880 879
881 return 0; 880 return 0;
882} 881}
diff --git a/fs/xfs/xfs_ialloc.c b/fs/xfs/xfs_ialloc.c
index ab64f3efb43b..0785797db828 100644
--- a/fs/xfs/xfs_ialloc.c
+++ b/fs/xfs/xfs_ialloc.c
@@ -880,6 +880,7 @@ nextag:
880 * Not in range - save last search 880 * Not in range - save last search
881 * location and allocate a new inode 881 * location and allocate a new inode
882 */ 882 */
883 xfs_btree_del_cursor(tcur, XFS_BTREE_NOERROR);
883 pag->pagl_leftrec = trec.ir_startino; 884 pag->pagl_leftrec = trec.ir_startino;
884 pag->pagl_rightrec = rec.ir_startino; 885 pag->pagl_rightrec = rec.ir_startino;
885 pag->pagl_pagino = pagino; 886 pag->pagl_pagino = pagino;
diff --git a/fs/xfs/xfs_log_recover.c b/fs/xfs/xfs_log_recover.c
index 1099395d7d6c..fb17f8226b09 100644
--- a/fs/xfs/xfs_log_recover.c
+++ b/fs/xfs/xfs_log_recover.c
@@ -1980,7 +1980,7 @@ xlog_recover_do_reg_buffer(
1980 "XFS: NULL dquot in %s.", __func__); 1980 "XFS: NULL dquot in %s.", __func__);
1981 goto next; 1981 goto next;
1982 } 1982 }
1983 if (item->ri_buf[i].i_len < sizeof(xfs_dqblk_t)) { 1983 if (item->ri_buf[i].i_len < sizeof(xfs_disk_dquot_t)) {
1984 cmn_err(CE_ALERT, 1984 cmn_err(CE_ALERT,
1985 "XFS: dquot too small (%d) in %s.", 1985 "XFS: dquot too small (%d) in %s.",
1986 item->ri_buf[i].i_len, __func__); 1986 item->ri_buf[i].i_len, __func__);
@@ -2635,7 +2635,7 @@ xlog_recover_do_dquot_trans(
2635 "XFS: NULL dquot in %s.", __func__); 2635 "XFS: NULL dquot in %s.", __func__);
2636 return XFS_ERROR(EIO); 2636 return XFS_ERROR(EIO);
2637 } 2637 }
2638 if (item->ri_buf[1].i_len < sizeof(xfs_dqblk_t)) { 2638 if (item->ri_buf[1].i_len < sizeof(xfs_disk_dquot_t)) {
2639 cmn_err(CE_ALERT, 2639 cmn_err(CE_ALERT,
2640 "XFS: dquot too small (%d) in %s.", 2640 "XFS: dquot too small (%d) in %s.",
2641 item->ri_buf[1].i_len, __func__); 2641 item->ri_buf[1].i_len, __func__);
diff --git a/fs/xfs/xfs_trans_ail.c b/fs/xfs/xfs_trans_ail.c
index f31271c30de9..2ffc570679be 100644
--- a/fs/xfs/xfs_trans_ail.c
+++ b/fs/xfs/xfs_trans_ail.c
@@ -467,6 +467,7 @@ xfs_trans_ail_update(
467{ 467{
468 xfs_log_item_t *dlip = NULL; 468 xfs_log_item_t *dlip = NULL;
469 xfs_log_item_t *mlip; /* ptr to minimum lip */ 469 xfs_log_item_t *mlip; /* ptr to minimum lip */
470 xfs_lsn_t tail_lsn;
470 471
471 mlip = xfs_ail_min(ailp); 472 mlip = xfs_ail_min(ailp);
472 473
@@ -483,8 +484,16 @@ xfs_trans_ail_update(
483 484
484 if (mlip == dlip) { 485 if (mlip == dlip) {
485 mlip = xfs_ail_min(ailp); 486 mlip = xfs_ail_min(ailp);
487 /*
488 * It is not safe to access mlip after the AIL lock is
489 * dropped, so we must get a copy of li_lsn before we do
490 * so. This is especially important on 32-bit platforms
491 * where accessing and updating 64-bit values like li_lsn
492 * is not atomic.
493 */
494 tail_lsn = mlip->li_lsn;
486 spin_unlock(&ailp->xa_lock); 495 spin_unlock(&ailp->xa_lock);
487 xfs_log_move_tail(ailp->xa_mount, mlip->li_lsn); 496 xfs_log_move_tail(ailp->xa_mount, tail_lsn);
488 } else { 497 } else {
489 spin_unlock(&ailp->xa_lock); 498 spin_unlock(&ailp->xa_lock);
490 } 499 }
@@ -514,6 +523,7 @@ xfs_trans_ail_delete(
514{ 523{
515 xfs_log_item_t *dlip; 524 xfs_log_item_t *dlip;
516 xfs_log_item_t *mlip; 525 xfs_log_item_t *mlip;
526 xfs_lsn_t tail_lsn;
517 527
518 if (lip->li_flags & XFS_LI_IN_AIL) { 528 if (lip->li_flags & XFS_LI_IN_AIL) {
519 mlip = xfs_ail_min(ailp); 529 mlip = xfs_ail_min(ailp);
@@ -527,9 +537,16 @@ xfs_trans_ail_delete(
527 537
528 if (mlip == dlip) { 538 if (mlip == dlip) {
529 mlip = xfs_ail_min(ailp); 539 mlip = xfs_ail_min(ailp);
540 /*
541 * It is not safe to access mlip after the AIL lock
542 * is dropped, so we must get a copy of li_lsn
543 * before we do so. This is especially important
544 * on 32-bit platforms where accessing and updating
545 * 64-bit values like li_lsn is not atomic.
546 */
547 tail_lsn = mlip ? mlip->li_lsn : 0;
530 spin_unlock(&ailp->xa_lock); 548 spin_unlock(&ailp->xa_lock);
531 xfs_log_move_tail(ailp->xa_mount, 549 xfs_log_move_tail(ailp->xa_mount, tail_lsn);
532 (mlip ? mlip->li_lsn : 0));
533 } else { 550 } else {
534 spin_unlock(&ailp->xa_lock); 551 spin_unlock(&ailp->xa_lock);
535 } 552 }