Questions? Comments? -- SUSE Labs, Novell Inc.
Fix a race where __block_prepare_write can leak out an in-flight read against a bh if get_block returns an error. This can lead to the page becoming unlocked while the buffer is locked and the read still in flight. __mpage_writepage BUGs on this condition.
BUG sighted on a 2-way Itanium2 system with 16K PAGE_SIZE running fsstress -v -d $DIR/tmp -n 1000 -p 1000 -l 2 where $DIR is a new ext2 filesystem with 4K blocks that is quite small (causing get_block to fail often with -ENOSPC). Signed-off-by: Nick Piggin <[EMAIL PROTECTED]> Index: linux-2.6/fs/buffer.c =================================================================== --- linux-2.6.orig/fs/buffer.c 2005-04-21 11:55:17.549614278 +1000 +++ linux-2.6/fs/buffer.c 2005-04-21 15:55:41.483826075 +1000 @@ -1988,6 +1988,7 @@ *wait_bh++=bh; } } +out: /* * If we issued read requests - let them complete. */ @@ -1996,8 +1997,9 @@ if (!buffer_uptodate(*wait_bh)) return -EIO; } - return 0; -out: + if (!err) + return err; + /* * Zero out any newly allocated blocks to avoid exposing stale * data. If BH_New is set, we know that the block was newly
