2011-10-13 07:14:11

by Kazuya Mio

Subject: [PATCH] ext4: fix the deadlock in mpage_da_map_and_submit()

If ext4_jbd2_file_inode() in mpage_da_map_and_submit() fails due to journal
abort, this function returns to caller without unlocking the page.
It leads to the deadlock, and the patch fixes this issue by calling
mpage_da_submit_io().

Signed-off-by: Kazuya Mio <[email protected]>
---
fs/ext4/inode.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 986e238..cd3ccc0 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1475,9 +1475,11 @@ static void mpage_da_map_and_submit(struct mpage_da_data *mpd)

if (ext4_should_order_data(mpd->inode)) {
err = ext4_jbd2_file_inode(handle, mpd->inode);
- if (err)
+ if (err) {
/* This only happens if the journal is aborted */
- return;
+ mpd->retval = err;
+ goto submit_io;
+ }
}

/*
@@ -2174,11 +2176,12 @@ retry:
ret = 0;
} else if (ret == MPAGE_DA_EXTENT_TAIL) {
/*
- * got one extent now try with
- * rest of the pages
+ * Got one extent now try with rest of the pages.
+ * If mpd.retval is set -EIO, journal is aborted.
+ * So we don't need to write any more.
*/
pages_written += mpd.pages_written;
- ret = 0;
+ ret = mpd.retval;
io_done = 1;
} else if (wbc->nr_to_write)
/*

2011-10-21 01:12:45

by Theodore Ts'o

Subject: Re: [PATCH] ext4: fix the deadlock in mpage_da_map_and_submit()

On Thu, Oct 13, 2011 at 04:13:18PM +0900, Kazuya Mio wrote:
> If ext4_jbd2_file_inode() in mpage_da_map_and_submit() fails due to journal
> abort, this function returns to caller without unlocking the page.
> It leads to the deadlock, and the patch fixes this issue by calling
> mpage_da_submit_io().
>
> Signed-off-by: Kazuya Mio <[email protected]>

Applied, thanks.

This is an area where we should really clean things up next merge
window, though. I'm a little uneasy that we will potentially write
back some blocks even though the journal has been aborted (we do this
in other error paths, so this isn't a criticism of this patch, just of
the current state of affairs).

The problem mpage_da_submit_io() is the only way we have to unlock the
pages. In the future we should probably have a separate path to
unlock the pages in case of an error. We might also want to merge
mpage_da_submit_io() and mpage_da_map_and_submit(), and to also clean
up a number of comments which are out of date. (For example,
mpage_da_submit_io() no longer uses ext4_writepage().)

- Ted