GFS2: Fix up jdata writepage/delete_inode

There is a bug in writepage and delete_inode which allows jdata files to invalidate pages from the address space without being in a transaction at the time. This causes problems in case the pages are in the journal. This patch fixes that case and prevents the resulting oops. Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>

GFS2: Fix up jdata writepage/delete_inode
There is a bug in writepage and delete_inode which allows jdata files to invalidate pages from the address space without being in a transaction at the time. This causes problems in case the pages are in the journal. This patch fixes that case and prevents the resulting oops. Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
1bb7322f · Steven Whitehouse · b2760583 · 1bb7322f · 1bb7322f
Commit 1bb7322f authored Oct 15, 2008 by Steven Whitehouse
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 12 deletions

fs/gfs2/ops_address.c fs/gfs2/ops_address.c +7 -9

fs/gfs2/ops_super.c fs/gfs2/ops_super.c +4 -3

No files found.
--- a/fs/gfs2/ops_address.c
+++ b/fs/gfs2/ops_address.c
@@ -210,25 +210,23 @@ static int gfs2_jdata_writepage(struct page *page, struct writeback_control *wbc
 {
 	struct inode *inode = page->mapping->host;
 	struct gfs2_sbd *sdp = GFS2_SB(inode);
-	int error;
+	int ret;
 	int done_trans = 0;
-	error = gfs2_writepage_common(page, wbc);
-	if (error <= 0)
-		return error;
 	if (PageChecked(page)) {
 		if (wbc->sync_mode != WB_SYNC_ALL)
 			goto out_ignore;
-		error = gfs2_trans_begin(sdp, RES_DINODE + 1, 0);
+		ret = gfs2_trans_begin(sdp, RES_DINODE + 1, 0);
-		if (error)
+		if (ret)
 			goto out_ignore;
 		done_trans = 1;
 	}
-	error = __gfs2_jdata_writepage(page, wbc);
+	ret = gfs2_writepage_common(page, wbc);
+	if (ret > 0)
+		ret = __gfs2_jdata_writepage(page, wbc);
 	if (done_trans)
 		gfs2_trans_end(sdp);
-	return error;
+	return ret;
 out_ignore:
 	redirty_page_for_writepage(wbc, page);

--- a/fs/gfs2/ops_super.c
+++ b/fs/gfs2/ops_super.c
@@ -493,7 +493,7 @@ static void gfs2_delete_inode(struct inode *inode)
 	gfs2_holder_reinit(LM_ST_EXCLUSIVE, LM_FLAG_TRY_1CB | GL_NOCACHE, &ip->i_iopen_gh);
 	error = gfs2_glock_nq(&ip->i_iopen_gh);
 	if (error)
-		goto out_uninit;
+		goto out_truncate;
 	if (S_ISDIR(inode->i_mode) &&
 	    (ip->i_di.di_flags & GFS2_DIF_EXHASH)) {
@@ -518,6 +518,7 @@ static void gfs2_delete_inode(struct inode *inode)
 	if (error)
 		goto out_unlock;
+out_truncate:
 	error = gfs2_trans_begin(sdp, 0, sdp->sd_jdesc->jd_blocks);
 	if (error)
 		goto out_unlock;
@@ -526,8 +527,8 @@ static void gfs2_delete_inode(struct inode *inode)
 	gfs2_trans_end(sdp);
 out_unlock:
-	gfs2_glock_dq(&ip->i_iopen_gh);
+	if (test_bit(HIF_HOLDER, &ip->i_iopen_gh.gh_iflags))
-out_uninit:
+		gfs2_glock_dq(&ip->i_iopen_gh);
 	gfs2_holder_uninit(&ip->i_iopen_gh);
 	gfs2_glock_dq_uninit(&gh);
 	if (error && error != GLR_TRYFAILED)