From: Nick Piggin <npiggin@suse.de>

Don't move journal_stop from under page lock.

Fixes: ext3-convert-to-new-aops.patch

Signed-off-by: Nick Piggin <npiggin@suse.de>
Cc: Badari Pulavarty <pbadari@gmail.com>
Cc: Dmitriy Monakhov <dmonakhov@sw.ru>
Cc: Mark Fasheh <mark.fasheh@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 fs/ext3/inode.c |   44 +++++++++++++++++++++++++++++++++++++-------
 1 files changed, 37 insertions(+), 7 deletions(-)

diff -puN fs/ext3/inode.c~ext3-convert-to-new-aops-fix fs/ext3/inode.c
--- a/fs/ext3/inode.c~ext3-convert-to-new-aops-fix
+++ a/fs/ext3/inode.c
@@ -36,6 +36,7 @@
 #include <linux/mpage.h>
 #include <linux/uio.h>
 #include <linux/bio.h>
+#include <linux/swap.h> /* mark_page_accessed */
 #include "xattr.h"
 #include "acl.h"
 
@@ -1217,6 +1218,31 @@ static int write_end_fn(handle_t *handle
 }
 
 /*
+ * Generic write_end handler for ordered and writeback ext3 journal modes.
+ * We can't use generic_write_end, because that unlocks the page and we need to
+ * unlock the page after ext3_journal_stop, but ext3_journal_stop must run
+ * after block_write_end.
+ */
+static int ext3_generic_write_end(struct file *file,
+				struct address_space *mapping,
+				loff_t pos, unsigned len, unsigned copied,
+				struct page *page, void *fsdata)
+{
+	struct inode *inode = file->f_mapping->host;
+
+	copied = block_write_end(file, mapping, pos, len, copied, page, fsdata);
+
+	mark_page_accessed(page);
+
+	if (pos+copied > inode->i_size) {
+		i_size_write(inode, pos+copied);
+		mark_inode_dirty(inode);
+	}
+
+	return copied;
+}
+
+/*
  * We need to pick up the new inode size which generic_commit_write gave us
  * `file' can be NULL - eg, when called from page_symlink().
  *
@@ -1250,17 +1276,17 @@ static int ext3_ordered_write_end(struct
 		new_i_size = pos + copied;
 		if (new_i_size > EXT3_I(inode)->i_disksize)
 			EXT3_I(inode)->i_disksize = new_i_size;
-		copied = generic_write_end(file, mapping, pos, len, copied,
+		copied = ext3_generic_write_end(file, mapping, pos, len, copied,
 							page, fsdata);
 		if (copied < 0)
 			ret = copied;
-	} else {
-		unlock_page(page);
-		page_cache_release(page);
 	}
 	ret2 = ext3_journal_stop(handle);
 	if (!ret)
 		ret = ret2;
+	unlock_page(page);
+	page_cache_release(page);
+
 	return ret ? ret : copied;
 }
 
@@ -1278,7 +1304,7 @@ static int ext3_writeback_write_end(stru
 	if (new_i_size > EXT3_I(inode)->i_disksize)
 		EXT3_I(inode)->i_disksize = new_i_size;
 
-	copied = generic_write_end(file, mapping, pos, len, copied,
+	copied = ext3_generic_write_end(file, mapping, pos, len, copied,
 							page, fsdata);
 	if (copied < 0)
 		ret = copied;
@@ -1286,6 +1312,9 @@ static int ext3_writeback_write_end(stru
 	ret2 = ext3_journal_stop(handle);
 	if (!ret)
 		ret = ret2;
+	unlock_page(page);
+	page_cache_release(page);
+
 	return ret ? ret : copied;
 }
 
@@ -1313,8 +1342,6 @@ static int ext3_journalled_write_end(str
 				to, &partial, write_end_fn);
 	if (!partial)
 		SetPageUptodate(page);
-	unlock_page(page);
-	page_cache_release(page);
 	if (pos+copied > inode->i_size)
 		i_size_write(inode, pos+copied);
 	EXT3_I(inode)->i_state |= EXT3_STATE_JDATA;
@@ -1328,6 +1355,9 @@ static int ext3_journalled_write_end(str
 	ret2 = ext3_journal_stop(handle);
 	if (!ret)
 		ret = ret2;
+	unlock_page(page);
+	page_cache_release(page);
+
 	return ret ? ret : copied;
 }
 
_