Btrfs: fix the race between bio and btrfs_stop_workers
authorMiao Xie <miaox@cn.fujitsu.com>
Thu, 7 Feb 2013 06:01:35 +0000 (06:01 +0000)
committerJosef Bacik <jbacik@fusionio.com>
Wed, 20 Feb 2013 17:59:40 +0000 (12:59 -0500)
open_ctree() need read the metadata to initialize the global information
of btrfs. But it may fail after it submit some bio, and then it will jump
to the error path. Unfortunately, it doesn't check if there are some bios
in flight, and just stop all the worker threads. As a result, when the
submitted bios end, they can not find any worker thread which can deal with
subsequent work, then oops happen.

kernel BUG at fs/btrfs/async-thread.c:605!

Fix this problem by invoking invalidate_inode_pages2() before we stop the
worker threads. This function will wait until the bio end because it need
lock the pages which are going to be invalidated, and if a page is under
disk read IO, it must be locked. invalidate_inode_pages2() need wait until
end bio handler to unlocked it.

Reported-and-Tested-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
fs/btrfs/disk-io.c

index 259d7891d10c3f18902918230f6f99d1f71a1f23..9fcce54ecde451aa3ace778d1834e085b93b1945 100644 (file)
@@ -2711,13 +2711,13 @@ fail_cleaner:
         * kthreads
         */
        filemap_write_and_wait(fs_info->btree_inode->i_mapping);
-       invalidate_inode_pages2(fs_info->btree_inode->i_mapping);
 
 fail_block_groups:
        btrfs_free_block_groups(fs_info);
 
 fail_tree_roots:
        free_root_pointers(fs_info, 1);
+       invalidate_inode_pages2(fs_info->btree_inode->i_mapping);
 
 fail_sb_buffer:
        btrfs_stop_workers(&fs_info->generic_worker);
@@ -2738,7 +2738,6 @@ fail_alloc:
 fail_iput:
        btrfs_mapping_tree_free(&fs_info->mapping_tree);
 
-       invalidate_inode_pages2(fs_info->btree_inode->i_mapping);
        iput(fs_info->btree_inode);
 fail_delalloc_bytes:
        percpu_counter_destroy(&fs_info->delalloc_bytes);