ext4: remove mb_groups before tearing down the buddy_cache
authorSalman Qazi <sqazi@google.com>
Fri, 1 Jun 2012 03:52:14 +0000 (23:52 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 9 Jun 2012 15:33:04 +0000 (00:33 +0900)
commit32e090b1f4bdfe9756e1b8f0b5280acb036d1c61
tree08ae90466ca26a7e722623fad696f43feb5b2a6c
parent97434cf53353728708c133af183a11a158c8c26a
ext4: remove mb_groups before tearing down the buddy_cache

commit 95599968d19db175829fb580baa6b68939b320fb upstream.

We can't have references held on pages in the s_buddy_cache while we are
trying to truncate its pages and put the inode.  All the pages must be
gone before we reach clear_inode.  This can only be gauranteed if we
can prevent new users from grabbing references to s_buddy_cache's pages.

The original bug can be reproduced and the bug fix can be verified by:

while true; do mount -t ext4 /dev/ram0 /export/hda3/ram0; \
umount /export/hda3/ram0; done &

while true; do cat /proc/fs/ext4/ram0/mb_groups; done

Signed-off-by: Salman Qazi <sqazi@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/ext4/mballoc.c