btrfs: fix unlocked access of delalloc_inodes
authorDavid Sterba <dsterba@suse.cz>
Thu, 9 Jun 2011 10:02:51 +0000 (10:02 +0000)
committerChris Mason <chris.mason@oracle.com>
Fri, 10 Jun 2011 22:57:11 +0000 (18:57 -0400)
list_splice_init will make delalloc_inodes empty, but without a spinlock
around, this may produce corrupted list head, accessed in many placess,
The race window is very tight and nobody seems to have hit it so far.

Signed-off-by: David Sterba <dsterba@suse.cz>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
fs/btrfs/disk-io.c

index a203d363184de575e4dcd9506c0feffb4807ab7c..33b744a5ac031c89df358b4ca5f16f62fa650c03 100644 (file)
@@ -2911,9 +2911,8 @@ static int btrfs_destroy_delalloc_inodes(struct btrfs_root *root)
 
        INIT_LIST_HEAD(&splice);
 
-       list_splice_init(&root->fs_info->delalloc_inodes, &splice);
-
        spin_lock(&root->fs_info->delalloc_lock);
+       list_splice_init(&root->fs_info->delalloc_inodes, &splice);
 
        while (!list_empty(&splice)) {
                btrfs_inode = list_entry(splice.next, struct btrfs_inode,