[BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()

From: Tachino Nobuhiro (tachino@open.nm.fujitsu.co.jp)
Date: Tue Oct 02 2001 - 01:14:21 EST

Next message: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Previous message: Andrew Morton: "Re: ext3 0.9.10 for Alan's tree"
Next in thread: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Reply: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I found a a deadlock bug in v2.4.10 due to invert locking order between
inode->i_truncate_sem and inode->i_sem.
Sequence is following.

do_truncate()
down(&inode->i_sem);
down_write(&inode->i_truncate_sem);

do_no_page()
down_read(&inode->i_truncate_sem);

        shmem_nopage();
                shmem_getpage();
                        down(&inode->i_sem);

Following patch works for me.

diff -r -u -N linux.org/fs/open.c linux/fs/open.c
--- linux.org/fs/open.c Tue Oct 2 11:35:47 2001
+++ linux/fs/open.c Tue Oct 2 11:45:33 2001
@@ -81,13 +81,13 @@
         if (length < 0)
                 return -EINVAL;

- down(&inode->i_sem);
         down_write(&inode->i_truncate_sem);
+ down(&inode->i_sem);
         newattrs.ia_size = length;
         newattrs.ia_valid = ATTR_SIZE | ATTR_CTIME;
         error = notify_change(dentry, &newattrs);
- up_write(&inode->i_truncate_sem);
         up(&inode->i_sem);
+ up_write(&inode->i_truncate_sem);
         return error;
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Previous message: Andrew Morton: "Re: ext3 0.9.10 for Alan's tree"
Next in thread: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Reply: Andrew Morton: "Re: [BUG-2.4.10] deadlock in do_truncate() and shmem_getpage()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Oct 07 2001 - 21:00:18 EST