ceph: fix pending vmtruncate race The locking order for pending vmtruncate is wrong, it can lead to following race: write wmtruncate work ------------------------ ---------------------- lock i_mutex check i_truncate_pending check i_truncate_pending truncate_inode_pages() lock i_mutex (blocked) copy data to page cache unlock i_mutex truncate_inode_pages() The fix is take i_mutex before calling __ceph_do_pending_vmtruncate() Fixes: http://tracker.ceph.com/issues/5453 Signed-off-by: Yan, Zheng <zheng.z.yan@intel.com> Reviewed-by: Sage Weil <sage@inktank.com>

commit: b415bf4f9fe25f39934f5c464125e4a2dffb6d08 [log] [tgz]
author: Yan, Zheng <zheng.z.yan@intel.com> Tue Jul 02 12:40:19 2013 +0800
committer: Sage Weil <sage@inktank.com> Wed Jul 03 15:32:56 2013 -0700
tree: f38df9c1746a1419e7942afb4534625175a5d353
parent: 5446429630257f4723829409337a26c076907d5d [diff] [blame]
diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
index 8ec27b1..16266f3 100644
--- a/fs/ceph/caps.c
+++ b/fs/ceph/caps.c

@@ -2057,7 +2057,11 @@
 	/* finish pending truncate */
 	while (ci->i_truncate_pending) {
 		spin_unlock(&ci->i_ceph_lock);
-		__ceph_do_pending_vmtruncate(inode, !(need & CEPH_CAP_FILE_WR));
+		if (!(need & CEPH_CAP_FILE_WR))
+			mutex_lock(&inode->i_mutex);
+		__ceph_do_pending_vmtruncate(inode);
+		if (!(need & CEPH_CAP_FILE_WR))
+			mutex_unlock(&inode->i_mutex);
 		spin_lock(&ci->i_ceph_lock);
 	}
commit	b415bf4f9fe25f39934f5c464125e4a2dffb6d08	[log] [tgz]
author	Yan, Zheng <zheng.z.yan@intel.com>	Tue Jul 02 12:40:19 2013 +0800
committer	Sage Weil <sage@inktank.com>	Wed Jul 03 15:32:56 2013 -0700
tree	f38df9c1746a1419e7942afb4534625175a5d353
parent	5446429630257f4723829409337a26c076907d5d [diff] [blame]