On Thu, Jan 08, 2015 at 09:25:43AM +1100, Dave Chinner wrote: > From: Dave Chinner <dchinner@xxxxxxxxxx> > > Extent swap operations are another extent manipulation operation > that we need to ensure does not race against mmap page faults. The > current code returns if the file is mapped prior to the swap being > done, but it could potentially race against new page faults while > the swap is in progress. Hence we should use the XFS_MMAPLOCK_EXCL > for this operation, too. > > Signed-off-by: Dave Chinner <dchinner@xxxxxxxxxx> > --- > fs/xfs/xfs_bmap_util.c | 18 ++++++------------ > 1 file changed, 6 insertions(+), 12 deletions(-) > > diff --git a/fs/xfs/xfs_bmap_util.c b/fs/xfs/xfs_bmap_util.c > index 22a5dcb..1420caf 100644 > --- a/fs/xfs/xfs_bmap_util.c > +++ b/fs/xfs/xfs_bmap_util.c > @@ -1599,13 +1599,6 @@ xfs_swap_extent_flush( > /* Verify O_DIRECT for ftmp */ > if (VFS_I(ip)->i_mapping->nrpages) > return -EINVAL; > - > - /* > - * Don't try to swap extents on mmap()d files because we can't lock > - * out races against page faults safely. > - */ > - if (mapping_mapped(VFS_I(ip)->i_mapping)) > - return -EBUSY; > return 0; > } > > @@ -1633,13 +1626,14 @@ xfs_swap_extents( > } > > /* > - * Lock up the inodes against other IO and truncate to begin with. > - * Then we can ensure the inodes are flushed and have no page cache > - * safely. Once we have done this we can take the ilocks and do the rest > - * of the checks. > + * Lock the inodes against other IO, page faults and truncate to > + * begin with. Then we can ensure the inodes are flushed and have no > + * page cache safely. Once we have done this we can take the ilocks and > + * do the rest of the checks. > */ > - lock_flags = XFS_IOLOCK_EXCL; > + lock_flags = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL; > xfs_lock_two_inodes(ip, tip, XFS_IOLOCK_EXCL); > + xfs_lock_two_inodes(ip, tip, XFS_MMAPLOCK_EXCL); > > /* Verify that both files have the same format */ > if ((ip->i_d.di_mode & S_IFMT) != (tip->i_d.di_mode & S_IFMT)) { Not introduced by this patch, but it looks like we have a couple out_trans_cancel->out_unlock error paths after the inodes are joined to the transaction (with lock transfer) that can result in double unlocks. We might as well fix that up here one way or another as well... Brian > -- > 2.0.0 > > _______________________________________________ > xfs mailing list > xfs@xxxxxxxxxxx > http://oss.sgi.com/mailman/listinfo/xfs _______________________________________________ xfs mailing list xfs@xxxxxxxxxxx http://oss.sgi.com/mailman/listinfo/xfs