From mboxrd@z Thu Jan  1 00:00:00 1970
From: wcheng@sourceware.org <wcheng@sourceware.org>
Date: 5 Jun 2007 05:43:14 -0000
Subject: [Cluster-devel] cluster/gfs-kernel/src/gfs ops_export.c ops_in ...
Message-ID: <20070605054314.20117.qmail@sourceware.org>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

CVSROOT:	/cvs/cluster
Module name:	cluster
Branch: 	RHEL5
Changes by:	wcheng at sourceware.org	2007-06-05 05:43:14

Modified files:
	gfs-kernel/src/gfs: ops_export.c ops_inode.c 

Log message:
	Bugzilla 236565:
	
	Fix a GFS panic found in NFS SPECsfs benchmark runs. The crash is caused
	by a race between GFS lookup code and VM cache reclaim logic kicked off
	under memory pressure. At the end of the lookup, gfs releases inode glock
	pre-maturely. This creates a window inside the bottom portion of logic
	that could make gfs_iget to update the associated GFS inode structure that
	has been freed. Depending on who gets the new memory, unspecified corruptions
	occur. In this case, it corrupts TCP buffer head that ends up over-running
	NFSD kernel stack after 2-3 hours of benchmark runs.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/ops_export.c.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.8.2.2&r2=1.8.2.3
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/ops_inode.c.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.15&r2=1.15.2.1

--- cluster/gfs-kernel/src/gfs/ops_export.c	2007/05/08 18:07:17	1.8.2.2
+++ cluster/gfs-kernel/src/gfs/ops_export.c	2007/06/05 05:43:14	1.8.2.3
@@ -368,11 +368,11 @@
 	atomic_inc(&sdp->sd_fh2dentry_misses);
 
  out:
-	gfs_glock_dq_uninit(&i_gh);
-
 	inode = gfs_iget(ip, CREATE);
 	gfs_inode_put(ip);
 
+	gfs_glock_dq_uninit(&i_gh);
+
 	if (!inode)
 		return ERR_PTR(-ENOMEM);
 
--- cluster/gfs-kernel/src/gfs/ops_inode.c	2006/10/23 20:47:23	1.15
+++ cluster/gfs-kernel/src/gfs/ops_inode.c	2007/06/05 05:43:14	1.15.2.1
@@ -334,12 +334,12 @@
 	if (i_gh.gh_gl) {
 		ip = get_gl2ip(i_gh.gh_gl);
 
-		gfs_glock_dq_uninit(&d_gh);
-		gfs_glock_dq_uninit(&i_gh);
-
 		inode = gfs_iget(ip, CREATE);
 		gfs_inode_put(ip);
 
+		gfs_glock_dq_uninit(&d_gh);
+		gfs_glock_dq_uninit(&i_gh);
+
 		if (!inode)
 			return ERR_PTR(-ENOMEM);
 	} else