LU-613 clio: Client dead-lock during binary exec

[fs/lustre-release.git] / lustre / llite / vvp_io.c
diff --git a/lustre/llite/vvp_io.c b/lustre/llite/vvp_io.c

index aa2dcf0..4b031ac 100644 (file)
--- a/lustre/llite/vvp_io.c
+++ b/lustre/llite/vvp_io.c
@@ -26,8 +26,11 @@
   * GPL HEADER END
   */
  /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
   * Use is subject to license terms.
+ *
+ * Copyright (c) 2011 Whamcloud, Inc.
+ *
   */
  /*
   * This file is part of Lustre, http://www.lustre.org/
@@ -52,6 +55,18 @@
  static struct vvp_io *cl2vvp_io(const struct lu_env *env,
                                  const struct cl_io_slice *slice);
  
+/**
+ * True, if \a io is a normal io, False for sendfile() / splice_{read|write}
+ */
+int cl_is_normalio(const struct lu_env *env, const struct cl_io *io)
+{
+        struct vvp_io *vio = vvp_env_io(env);
+
+        LASSERT(io->ci_type == CIT_READ || io->ci_type == CIT_WRITE);
+
+        return vio->cui_io_subtype == IO_NORMAL;
+}
+
  /*****************************************************************************
   *
   * io operations.
@@ -76,9 +91,7 @@ static void vvp_io_fini(const struct lu_env *env, const struct cl_io_slice *ios)
          struct cl_object *obj = io->ci_obj;
  
          CLOBINVRNT(env, obj, ccc_object_invariant(obj));
-        if (io->ci_type == CIT_WRITE)
-                up(&ll_i2info(ccc_object_inode(obj))->lli_write_sem);
-        else {
+        if (io->ci_type == CIT_READ) {
                  struct vvp_io     *vio  = cl2vvp_io(env, ios);
                  struct ccc_io     *cio  = cl2ccc_io(env, ios);
  
@@ -123,7 +136,6 @@ static int vvp_mmap_locks(const struct lu_env *env,
          struct vm_area_struct  *vma;
          struct cl_lock_descr   *descr = &cti->cti_descr;
          ldlm_policy_data_t      policy;
-        struct inode           *inode;
          unsigned long           addr;
          unsigned long           seg;
          ssize_t                 count;
@@ -132,7 +144,7 @@ static int vvp_mmap_locks(const struct lu_env *env,
  
          LASSERT(io->ci_type == CIT_READ || io->ci_type == CIT_WRITE);
  
-        if (cl_io_is_sendfile(io))
+        if (!cl_is_normalio(env, io))
                  RETURN(0);
  
          for (seg = 0; seg < vio->cui_nrsegs; seg++) {
@@ -146,9 +158,17 @@ static int vvp_mmap_locks(const struct lu_env *env,
                  count += addr & (~CFS_PAGE_MASK);
                  addr &= CFS_PAGE_MASK;
                  while((vma = our_vma(addr, count)) != NULL) {
-                        LASSERT(vma->vm_file);
+                        struct inode *inode = vma->vm_file->f_dentry->d_inode;
+                        int flags = CEF_MUST;
+
+                        if (ll_file_nolock(vma->vm_file)) {
+                                /* 
+                                 * For no lock case, a lockless lock will be
+                                 * generated.
+                                 */
+                                flags = CEF_NEVER;
+                        }
  
-                        inode = vma->vm_file->f_dentry->d_inode;
                          /*
                           * XXX: Required lock mode can be weakened: CIT_WRITE
                           * io only ever reads user level buffer, and CIT_READ
@@ -161,11 +181,19 @@ static int vvp_mmap_locks(const struct lu_env *env,
                                                      policy.l_extent.start);
                          descr->cld_end = cl_index(descr->cld_obj,
                                                    policy.l_extent.end);
+                        descr->cld_enq_flags = flags;
                          result = cl_io_lock_alloc_add(env, io, descr);
+
+                        CDEBUG(D_VFSTRACE, "lock: %d: [%lu, %lu]\n",
+                               descr->cld_mode, descr->cld_start,
+                               descr->cld_end);
+
                          if (result < 0)
                                  RETURN(result);
+
                          if (vma->vm_end - addr >= count)
                                  break;
+
                          count -= vma->vm_end - addr;
                          addr = vma->vm_end;
                  }
@@ -173,36 +201,6 @@ static int vvp_mmap_locks(const struct lu_env *env,
          RETURN(0);
  }
  
-static void vvp_io_update_iov(const struct lu_env *env,
-                              struct ccc_io *vio, struct cl_io *io)
-{
-        int i;
-        size_t size = io->u.ci_rw.crw_count;
-
-        vio->cui_iov_olen = 0;
-        if (cl_io_is_sendfile(io) || size == vio->cui_tot_count)
-                return;
-
-        if (vio->cui_tot_nrsegs == 0)
-                vio->cui_tot_nrsegs =  vio->cui_nrsegs;
-
-        for (i = 0; i < vio->cui_tot_nrsegs; i++) {
-                struct iovec *iv = &vio->cui_iov[i];
-
-                if (iv->iov_len < size)
-                        size -= iv->iov_len;
-                else {
-                        if (iv->iov_len > size) {
-                                vio->cui_iov_olen = iv->iov_len;
-                                iv->iov_len = size;
-                        }
-                        break;
-                }
-        }
-
-        vio->cui_nrsegs = i + 1;
-}
-
  static int vvp_io_rw_lock(const struct lu_env *env, struct cl_io *io,
                            enum cl_lock_mode mode, loff_t start, loff_t end)
  {
@@ -211,10 +209,9 @@ static int vvp_io_rw_lock(const struct lu_env *env, struct cl_io *io,
          int ast_flags = 0;
  
          LASSERT(io->ci_type == CIT_READ || io->ci_type == CIT_WRITE);
-        LASSERT(vvp_env_io(env)->cui_oneshot == 0);
          ENTRY;
  
-        vvp_io_update_iov(env, cio, io);
+        ccc_io_update_iov(env, cio, io);
  
          if (io->u.ci_rw.crw_nonblock)
                  ast_flags |= CEF_NONBLOCK;
@@ -262,26 +259,21 @@ static int vvp_io_write_lock(const struct lu_env *env,
          struct cl_io *io = ios->cis_io;
          loff_t start;
          loff_t end;
-        int    result;
  
-        if (cl2vvp_io(env, ios)->cui_oneshot == 0) {
-                if (io->u.ci_wr.wr_append) {
-                        start = 0;
-                        end   = OBD_OBJECT_EOF;
-                } else {
-                        start = io->u.ci_wr.wr.crw_pos;
-                        end   = start + io->u.ci_wr.wr.crw_count - 1;
-                }
-                result = vvp_io_rw_lock(env, io, CLM_WRITE, start, end);
-        } else
-                result = 0;
-        return result;
+        if (io->u.ci_wr.wr_append) {
+                start = 0;
+                end   = OBD_OBJECT_EOF;
+        } else {
+                start = io->u.ci_wr.wr.crw_pos;
+                end   = start + io->u.ci_wr.wr.crw_count - 1;
+        }
+        return vvp_io_rw_lock(env, io, CLM_WRITE, start, end);
  }
  
-static int vvp_io_trunc_iter_init(const struct lu_env *env,
-                                  const struct cl_io_slice *ios)
+static int vvp_io_setattr_iter_init(const struct lu_env *env,
+                                    const struct cl_io_slice *ios)
  {
-        struct ccc_io *vio   = cl2ccc_io(env, ios);
+        struct ccc_io *cio   = ccc_env_io(env);
          struct inode  *inode = ccc_object_inode(ios->cis_obj);
  
          /*
@@ -292,61 +284,71 @@ static int vvp_io_trunc_iter_init(const struct lu_env *env,
           * This last one is especially bad for racing o_append users on other
           * nodes.
           */
-
          UNLOCK_INODE_MUTEX(inode);
-        UP_WRITE_I_ALLOC_SEM(inode);
-        vio->u.trunc.cui_locks_released = 1;
+        if (cl_io_is_trunc(ios->cis_io))
+                UP_WRITE_I_ALLOC_SEM(inode);
+        cio->u.setattr.cui_locks_released = 1;
          return 0;
  }
  
  /**
- * Implementation of cl_io_operations::vio_lock() method for CIT_TRUNC io.
+ * Implementation of cl_io_operations::cio_lock() method for CIT_SETATTR io.
   *
   * Handles "lockless io" mode when extent locking is done by server.
   */
-static int vvp_io_trunc_lock(const struct lu_env *env,
-                             const struct cl_io_slice *ios)
+static int vvp_io_setattr_lock(const struct lu_env *env,
+                               const struct cl_io_slice *ios)
  {
-        struct ccc_io     *vio   = cl2ccc_io(env, ios);
-        struct cl_io      *io    = ios->cis_io;
-        size_t new_size          = io->u.ci_truncate.tr_size;
-        __u32 enqflags = new_size == 0 ? CEF_DISCARD_DATA : 0;
-        int result;
+        struct ccc_io      *cio       = ccc_env_io(env);
+        struct cl_io       *io        = ios->cis_io;
+        size_t              new_size;
+        __u32               enqflags = 0;
+
+        if (cl_io_is_trunc(io)) {
+                new_size = io->u.ci_setattr.sa_attr.lvb_size;
+                if (new_size == 0)
+                        enqflags = CEF_DISCARD_DATA;
+        } else {
+                if ((io->u.ci_setattr.sa_attr.lvb_mtime >=
+                     io->u.ci_setattr.sa_attr.lvb_ctime) ||
+                    (io->u.ci_setattr.sa_attr.lvb_atime >=
+                     io->u.ci_setattr.sa_attr.lvb_ctime))
+                        return 0;
+                new_size = 0;
+        }
+        cio->u.setattr.cui_local_lock = SETATTR_EXTENT_LOCK;
+        return ccc_io_one_lock(env, io, enqflags, CLM_WRITE,
+                               new_size, OBD_OBJECT_EOF);
+}
+
+static int vvp_do_vmtruncate(struct inode *inode, size_t size)
+{
+        int     result;
+        /*
+         * Only ll_inode_size_lock is taken at this level. lov_stripe_lock()
+         * is grabbed by ll_truncate() only over call to obd_adjust_kms().
+         */
+        ll_inode_size_lock(inode, 0);
+        result = vmtruncate(inode, size);
+        ll_inode_size_unlock(inode, 0);
  
-        vio->u.trunc.cui_local_lock = TRUNC_EXTENT;
-        result = ccc_io_one_lock(env, io, enqflags, CLM_WRITE,
-                                 new_size, OBD_OBJECT_EOF);
          return result;
  }
  
-static int vvp_io_trunc_start(const struct lu_env *env,
-                              const struct cl_io_slice *ios)
+static int vvp_io_setattr_trunc(const struct lu_env *env,
+                                const struct cl_io_slice *ios,
+                                struct inode *inode, loff_t size)
  {
-        struct ccc_io        *cio   = cl2ccc_io(env, ios);
          struct vvp_io        *vio   = cl2vvp_io(env, ios);
          struct cl_io         *io    = ios->cis_io;
-        struct inode         *inode = ccc_object_inode(io->ci_obj);
          struct cl_object     *obj   = ios->cis_obj;
-        size_t                size  = io->u.ci_truncate.tr_size;
          pgoff_t               start = cl_index(obj, size);
          int                   result;
  
-        LASSERT(cio->u.trunc.cui_locks_released);
-        LASSERT(vio->cui_oneshot == 0);
-
-        LOCK_INODE_MUTEX(inode);
          DOWN_WRITE_I_ALLOC_SEM(inode);
-        cio->u.trunc.cui_locks_released = 0;
  
-        /*
-         * Only ll_inode_size_lock is taken at this level. lov_stripe_lock()
-         * is grabbed by ll_truncate() only over call to obd_adjust_kms().  If
-         * vmtruncate returns 0, then ll_truncate dropped ll_inode_size_lock()
-         */
-        ll_inode_size_lock(inode, 0);
-        result = vmtruncate(inode, size);
-        if (result != 0)
-                ll_inode_size_unlock(inode, 0);
+        result = vvp_do_vmtruncate(inode, size);
+
          /*
           * If a page is partially truncated, keep it owned across truncate to
           * prevent... races.
@@ -358,16 +360,16 @@ static int vvp_io_trunc_start(const struct lu_env *env,
                  struct cl_object_header *hdr;
  
                  hdr = cl_object_header(obj);
-                spin_lock(&hdr->coh_page_guard);
+                cfs_spin_lock(&hdr->coh_page_guard);
                  vio->cui_partpage = cl_page_lookup(hdr, start);
-                spin_unlock(&hdr->coh_page_guard);
+                cfs_spin_unlock(&hdr->coh_page_guard);
  
                  if (vio->cui_partpage != NULL)
                          /*
                           * Wait for the transfer completion for a partially
                           * truncated page to avoid dead-locking an OST with
                           * the concurrent page-wise overlapping WRITE and
-                         * PUNCH requests.
+                         * PUNCH requests. BUG:17397.
                           *
                           * Partial page is disowned in vvp_io_trunc_end().
                           */
@@ -377,28 +379,84 @@ static int vvp_io_trunc_start(const struct lu_env *env,
          return result;
  }
  
-static void vvp_io_trunc_end(const struct lu_env *env,
-                             const struct cl_io_slice *ios)
+static int vvp_io_setattr_time(const struct lu_env *env,
+                               const struct cl_io_slice *ios)
  {
-        struct vvp_io *vio = cl2vvp_io(env, ios);
+        struct cl_io       *io    = ios->cis_io;
+        struct cl_object   *obj   = io->ci_obj;
+        struct cl_attr     *attr  = ccc_env_thread_attr(env);
+        int result;
+        unsigned valid = CAT_CTIME;
+
+        cl_object_attr_lock(obj);
+        attr->cat_ctime = io->u.ci_setattr.sa_attr.lvb_ctime;
+        if (io->u.ci_setattr.sa_valid & ATTR_ATIME_SET) {
+                attr->cat_atime = io->u.ci_setattr.sa_attr.lvb_atime;
+                valid |= CAT_ATIME;
+        }
+        if (io->u.ci_setattr.sa_valid & ATTR_MTIME_SET) {
+                attr->cat_mtime = io->u.ci_setattr.sa_attr.lvb_mtime;
+                valid |= CAT_MTIME;
+        }
+        result = cl_object_attr_set(env, obj, attr, valid);
+        cl_object_attr_unlock(obj);
+
+        return result;
+}
+
+static int vvp_io_setattr_start(const struct lu_env *env,
+                                const struct cl_io_slice *ios)
+{
+        struct ccc_io        *cio   = cl2ccc_io(env, ios);
+        struct cl_io         *io    = ios->cis_io;
+        struct inode         *inode = ccc_object_inode(io->ci_obj);
+
+        LASSERT(cio->u.setattr.cui_locks_released);
  
+        LOCK_INODE_MUTEX(inode);
+        cio->u.setattr.cui_locks_released = 0;
+
+        if (cl_io_is_trunc(io))
+                return vvp_io_setattr_trunc(env, ios, inode,
+                                            io->u.ci_setattr.sa_attr.lvb_size);
+        else
+                return vvp_io_setattr_time(env, ios);
+}
+
+static void vvp_io_setattr_end(const struct lu_env *env,
+                               const struct cl_io_slice *ios)
+{
+        struct vvp_io        *vio   = cl2vvp_io(env, ios);
+        struct cl_io         *io    = ios->cis_io;
+        struct inode         *inode = ccc_object_inode(io->ci_obj);
+
+        if (!cl_io_is_trunc(io))
+                return;
          if (vio->cui_partpage != NULL) {
                  cl_page_disown(env, ios->cis_io, vio->cui_partpage);
                  cl_page_put(env, vio->cui_partpage);
                  vio->cui_partpage = NULL;
          }
+
+        /*
+         * Do vmtruncate again, to remove possible stale pages populated by
+         * competing read threads. bz20645.
+         */
+        vvp_do_vmtruncate(inode, io->u.ci_setattr.sa_attr.lvb_size);
  }
  
-static void vvp_io_trunc_fini(const struct lu_env *env,
-                              const struct cl_io_slice *ios)
+static void vvp_io_setattr_fini(const struct lu_env *env,
+                                const struct cl_io_slice *ios)
  {
          struct ccc_io *cio   = ccc_env_io(env);
+        struct cl_io  *io    = ios->cis_io;
          struct inode  *inode = ccc_object_inode(ios->cis_io->ci_obj);
  
-        if (cio->u.trunc.cui_locks_released) {
+        if (cio->u.setattr.cui_locks_released) {
                  LOCK_INODE_MUTEX(inode);
-                DOWN_WRITE_I_ALLOC_SEM(inode);
-                cio->u.trunc.cui_locks_released = 0;
+                if (cl_io_is_trunc(io))
+                        DOWN_WRITE_I_ALLOC_SEM(inode);
+                cio->u.setattr.cui_locks_released = 0;
          }
          vvp_io_fini(env, ios);
  }
@@ -444,20 +502,22 @@ static int vvp_io_read_start(const struct lu_env *env,
  
          int     result;
          loff_t  pos = io->u.ci_rd.rd.crw_pos;
-        size_t  cnt = io->u.ci_rd.rd.crw_count;
-        size_t  tot = cio->cui_tot_count;
+        long    cnt = io->u.ci_rd.rd.crw_count;
+        long    tot = cio->cui_tot_count;
+        int     exceed = 0;
  
          CLOBINVRNT(env, obj, ccc_object_invariant(obj));
-        LASSERT(vio->cui_oneshot == 0);
  
          CDEBUG(D_VFSTRACE, "read: -> [%lli, %lli)\n", pos, pos + cnt);
  
-        result = ccc_prep_size(env, obj, io, pos + tot - 1, 1);
+        result = ccc_prep_size(env, obj, io, pos, tot, &exceed);
          if (result != 0)
                  return result;
+        else if (exceed != 0)
+                goto out;
  
          LU_OBJECT_HEADER(D_INODE, env, &obj->co_lu,
-                        "Read ino %lu, "LPSZ" bytes, offset %lld, size %llu\n",
+                        "Read ino %lu, %lu bytes, offset %lld, size %llu\n",
                          inode->i_ino, cnt, pos, i_size_read(inode));
  
          /* turn off the kernel's read-ahead */
@@ -476,13 +536,30 @@ static int vvp_io_read_start(const struct lu_env *env,
  
          /* BUG: 5972 */
          file_accessed(file);
-        if (cl_io_is_sendfile(io)) {
+        switch (vio->cui_io_subtype) {
+        case IO_NORMAL:
+                 result = lustre_generic_file_read(file, cio, &pos);
+                 break;
+#ifdef HAVE_KERNEL_SENDFILE
+        case IO_SENDFILE:
                  result = generic_file_sendfile(file, &pos, cnt,
-                                vio->u.read.cui_actor, vio->u.read.cui_target);
-        } else {
-                result = lustre_generic_file_read(file, cio, &pos);
+                                vio->u.sendfile.cui_actor,
+                                vio->u.sendfile.cui_target);
+                break;
+#endif
+#ifdef HAVE_KERNEL_SPLICE_READ
+        case IO_SPLICE:
+                result = generic_file_splice_read(file, &pos,
+                                vio->u.splice.cui_pipe, cnt,
+                                vio->u.splice.cui_flags);
+                break;
+#endif
+        default:
+                CERROR("Wrong IO type %u\n", vio->cui_io_subtype);
+                LBUG();
          }
  
+out:
          if (result >= 0) {
                  if (result < cnt)
                          io->ci_continue = 0;
@@ -508,16 +585,20 @@ static int vvp_io_write_start(const struct lu_env *env,
  
          ENTRY;
  
-        if (cl_io_is_append(io))
+        if (cl_io_is_append(io)) {
                  /*
                   * PARALLEL IO This has to be changed for parallel IO doing
                   * out-of-order writes.
                   */
                  pos = io->u.ci_wr.wr.crw_pos = i_size_read(inode);
+#ifndef HAVE_FILE_WRITEV
+                cio->cui_iocb->ki_pos = pos;
+#endif
+        }
  
-        CDEBUG(D_VFSTRACE, "write: [%lli, %lli)\n", pos, pos + cnt);
+        CDEBUG(D_VFSTRACE, "write: [%lli, %lli)\n", pos, pos + (long long)cnt);
  
-        if (cl2vvp_io(env, ios)->cui_oneshot > 0)
+        if (cio->cui_iov == NULL) /* from a temp io in ll_cl_init(). */
                  result = 0;
          else
                  result = lustre_generic_file_write(file, cio, &pos);
@@ -533,6 +614,70 @@ static int vvp_io_write_start(const struct lu_env *env,
          RETURN(result);
  }
  
+#ifndef HAVE_VM_OP_FAULT
+static int vvp_io_kernel_fault(struct vvp_fault_io *cfio)
+{
+        cfs_page_t *vmpage;
+
+        vmpage = filemap_nopage(cfio->ft_vma, cfio->nopage.ft_address,
+                                cfio->nopage.ft_type);
+
+        if (vmpage == NOPAGE_SIGBUS) {
+                CDEBUG(D_PAGE, "got addr %lu type %lx - SIGBUS\n",
+                       cfio->nopage.ft_address,(long)cfio->nopage.ft_type);
+                return -EFAULT;
+        } else if (vmpage == NOPAGE_OOM) {
+                CDEBUG(D_PAGE, "got addr %lu type %lx - OOM\n",
+                       cfio->nopage.ft_address, (long)cfio->nopage.ft_type);
+                return -ENOMEM;
+        }
+
+        LL_CDEBUG_PAGE(D_PAGE, vmpage, "got addr %lu type %lx\n",
+                       cfio->nopage.ft_address, (long)cfio->nopage.ft_type);
+
+        cfio->ft_vmpage = vmpage;
+        lock_page(vmpage);
+
+        return 0;
+}
+#else
+static int vvp_io_kernel_fault(struct vvp_fault_io *cfio)
+{
+        struct vm_fault *vmf = cfio->fault.ft_vmf;
+
+        cfio->fault.ft_flags = filemap_fault(cfio->ft_vma, vmf);
+
+        if (vmf->page) {
+                LL_CDEBUG_PAGE(D_PAGE, vmf->page, "got addr %p type NOPAGE\n",
+                               vmf->virtual_address);
+                if (unlikely(!(cfio->fault.ft_flags & VM_FAULT_LOCKED))) {
+                        lock_page(vmf->page);
+                        cfio->fault.ft_flags &= VM_FAULT_LOCKED;
+                }
+
+                cfio->ft_vmpage = vmf->page;
+                return 0;
+        }
+
+        if (cfio->fault.ft_flags & VM_FAULT_SIGBUS) {
+                CDEBUG(D_PAGE, "got addr %p - SIGBUS\n", vmf->virtual_address);
+                return -EFAULT;
+        }
+
+        if (cfio->fault.ft_flags & VM_FAULT_OOM) {
+                CDEBUG(D_PAGE, "got addr %p - OOM\n", vmf->virtual_address);
+                return -ENOMEM;
+        }
+
+        if (cfio->fault.ft_flags & VM_FAULT_RETRY)
+                return -EAGAIN;
+
+        CERROR("unknow error in page fault %d!\n", cfio->fault.ft_flags);
+        return -EINVAL;
+}
+
+#endif
+
  static int vvp_io_fault_start(const struct lu_env *env,
                                const struct cl_io_slice *ios)
  {
@@ -542,11 +687,12 @@ static int vvp_io_fault_start(const struct lu_env *env,
          struct inode        *inode   = ccc_object_inode(obj);
          struct cl_fault_io  *fio     = &io->u.ci_fault;
          struct vvp_fault_io *cfio    = &vio->u.fault;
-        cfs_page_t          *vmpage;
          loff_t               offset;
          int                  result  = 0;
-
-        LASSERT(vio->cui_oneshot == 0);
+        cfs_page_t          *vmpage  = NULL;
+        struct cl_page      *page;
+        loff_t               size;
+        pgoff_t              last; /* last page in a file data region */
  
          if (fio->ft_executable &&
              LTIME_S(inode->i_mtime) != vio->u.fault.ft_mtime)
@@ -557,91 +703,91 @@ static int vvp_io_fault_start(const struct lu_env *env,
          /* offset of the last byte on the page */
          offset = cl_offset(obj, fio->ft_index + 1) - 1;
          LASSERT(cl_index(obj, offset) == fio->ft_index);
-        result = ccc_prep_size(env, obj, io, offset, 0);
+        result = ccc_prep_size(env, obj, io, 0, offset + 1, NULL);
          if (result != 0)
                  return result;
  
-        vmpage = filemap_nopage(cfio->ft_vma, cfio->ft_address, cfio->ft_type);
-        if (vmpage != NOPAGE_SIGBUS && vmpage != NOPAGE_OOM)
-                LL_CDEBUG_PAGE(D_PAGE, vmpage,
-                               "got addr %lu type %lx\n",
-                               cfio->ft_address, (long)cfio->ft_type);
-        else
-                CDEBUG(D_PAGE, "got addr %lu type %lx - SIGBUS\n",
-                       cfio->ft_address, (long)cfio->ft_type);
-
-        if (vmpage == NOPAGE_SIGBUS)
-                result = -EFAULT;
-        else if (vmpage == NOPAGE_OOM)
-                result = -ENOMEM;
-        else {
-                struct cl_page *page;
-                loff_t          size;
-                pgoff_t         last; /* last page in a file data region */
-
-                /* Temporarily lock vmpage to keep cl_page_find() happy. */
-                lock_page(vmpage);
-                page = cl_page_find(env, obj, fio->ft_index, vmpage,
-                                    CPT_CACHEABLE);
-                unlock_page(vmpage);
-                if (!IS_ERR(page)) {
-                        size = i_size_read(inode);
-                        last = cl_index(obj, size - 1);
-                        if (fio->ft_index == last)
-                                /*
-                                 * Last page is mapped partially.
-                                 */
-                                fio->ft_nob = size - cl_offset(obj,
-                                                               fio->ft_index);
-                        else
-                                fio->ft_nob = cl_page_size(obj);
-                        lu_ref_add(&page->cp_reference, "fault", io);
-                        fio->ft_page = page;
-                        /*
-                         * Certain 2.6 kernels return not-NULL from
-                         * filemap_nopage() when page is beyond the file size,
-                         * on the grounds that "An external ptracer can access
-                         * pages that normally aren't accessible.." Don't
-                         * propagate such page fault to the lower layers to
-                         * avoid side-effects like KMS updates.
-                         */
-                        if (fio->ft_index > last)
-                                result = +1;
-                } else
-                        result = PTR_ERR(page);
+        /* must return locked page */
+        if (fio->ft_mkwrite) {
+                LASSERT(cfio->ft_vmpage != NULL);
+                lock_page(cfio->ft_vmpage);
+        } else {
+                result = vvp_io_kernel_fault(cfio);
+                if (result != 0)
+                        return result;
          }
-        return result;
-}
  
-static void vvp_io_advance(const struct lu_env *env,
-                           const struct cl_io_slice *ios, size_t nob)
-{
-        struct ccc_io    *vio = cl2ccc_io(env, ios);
-        struct cl_io     *io  = ios->cis_io;
-        struct cl_object *obj = ios->cis_io->ci_obj;
+        vmpage = cfio->ft_vmpage;
+        LASSERT(PageLocked(vmpage));
  
-        CLOBINVRNT(env, obj, ccc_object_invariant(obj));
+        if (OBD_FAIL_CHECK(OBD_FAIL_LLITE_FAULT_TRUNC_RACE))
+                ll_invalidate_page(vmpage);
  
-        if (!cl_io_is_sendfile(io) && io->ci_continue) {
-                /* update the iov */
-                LASSERT(vio->cui_tot_nrsegs >= vio->cui_nrsegs);
-                LASSERT(vio->cui_tot_count  >= nob);
+        /* Though we have already held a cl_lock upon this page, but
+         * it still can be truncated locally. */
+        if (unlikely(vmpage->mapping == NULL)) {
+                CDEBUG(D_PAGE, "llite: fault and truncate race happened!\n");
  
-                vio->cui_iov        += vio->cui_nrsegs;
-                vio->cui_tot_nrsegs -= vio->cui_nrsegs;
-                vio->cui_tot_count  -= nob;
-
-                if (vio->cui_iov_olen) {
-                        struct iovec *iv;
+                /* return +1 to stop cl_io_loop() and ll_fault() will catch
+                 * and retry. */
+                GOTO(out, result = +1);
+        }
  
-                        vio->cui_iov--;
-                        vio->cui_tot_nrsegs++;
-                        iv = &vio->cui_iov[0];
-                        iv->iov_base += iv->iov_len;
-                        LASSERT(vio->cui_iov_olen > iv->iov_len);
-                        iv->iov_len = vio->cui_iov_olen - iv->iov_len;
+        page = cl_page_find(env, obj, fio->ft_index, vmpage, CPT_CACHEABLE);
+        if (IS_ERR(page))
+                GOTO(out, result = PTR_ERR(page));
+
+        /* if page is going to be written, we should add this page into cache
+         * earlier. */
+        if (fio->ft_mkwrite) {
+                wait_on_page_writeback(vmpage);
+                if (set_page_dirty(vmpage)) {
+                        struct ccc_page *cp;
+
+                        /* vvp_page_assume() calls wait_on_page_writeback(). */
+                        cl_page_assume(env, io, page);
+
+                        cp = cl2ccc_page(cl_page_at(page, &vvp_device_type));
+                        vvp_write_pending(cl2ccc(obj), cp);
+
+                        /* Do not set Dirty bit here so that in case IO is
+                         * started before the page is really made dirty, we
+                         * still have chance to detect it. */
+                        result = cl_page_cache_add(env, io, page, CRT_WRITE);
+                        if (result < 0) {
+                                cl_page_unassume(env, io, page);
+                                cl_page_put(env, page);
+
+                                /* we're in big trouble, what can we do now? */
+                                if (result == -EDQUOT)
+                                        result = -ENOSPC;
+                                GOTO(out, result);
+                        }
                  }
          }
+
+        size = i_size_read(inode);
+        last = cl_index(obj, size - 1);
+        LASSERT(fio->ft_index <= last);
+        if (fio->ft_index == last)
+                /*
+                 * Last page is mapped partially.
+                 */
+                fio->ft_nob = size - cl_offset(obj, fio->ft_index);
+        else
+                fio->ft_nob = cl_page_size(obj);
+
+        lu_ref_add(&page->cp_reference, "fault", io);
+        fio->ft_page = page;
+        EXIT;
+
+out:
+        /* return unlocked vmpage to avoid deadlocking */
+        unlock_page(vmpage);
+#ifdef HAVE_VM_OP_FAULT
+        cfio->fault.ft_flags &= ~VM_FAULT_LOCKED;
+#endif
+        return result;
  }
  
  static int vvp_io_read_page(const struct lu_env *env,
@@ -658,41 +804,39 @@ static int vvp_io_read_page(const struct lu_env *env,
          struct ll_readahead_state *ras    = &fd->fd_ras;
          cfs_page_t                *vmpage = cp->cpg_page;
          struct cl_2queue          *queue  = &io->ci_queue;
+        int rc;
  
          CLOBINVRNT(env, obj, ccc_object_invariant(obj));
-        LASSERT(cl2vvp_io(env, ios)->cui_oneshot == 0);
          LASSERT(slice->cpl_obj == obj);
  
          ENTRY;
  
-        if (sbi->ll_ra_info.ra_max_pages)
+        if (sbi->ll_ra_info.ra_max_pages_per_file &&
+            sbi->ll_ra_info.ra_max_pages)
                  ras_update(sbi, inode, ras, page->cp_index,
                             cp->cpg_defer_uptodate);
  
          /* Sanity check whether the page is protected by a lock. */
-        if (likely(!(fd->fd_flags & LL_FILE_IGNORE_LOCK))) {
-                int rc;
-
-                rc = cl_page_is_under_lock(env, io, page);
-                if (rc != -EBUSY) {
-                        CL_PAGE_HEADER(D_WARNING, env, page, "%s: %i\n",
-                                       rc == -ENODATA ? "without a lock" :
-                                       "match failed", rc);
-                        if (rc != -ENODATA)
-                                RETURN(rc);
-                }
+        rc = cl_page_is_under_lock(env, io, page);
+        if (rc != -EBUSY) {
+                CL_PAGE_HEADER(D_WARNING, env, page, "%s: %d\n",
+                               rc == -ENODATA ? "without a lock" :
+                               "match failed", rc);
+                if (rc != -ENODATA)
+                        RETURN(rc);
          }
  
          if (cp->cpg_defer_uptodate) {
                  cp->cpg_ra_used = 1;
-                cl_page_export(env, page);
+                cl_page_export(env, page, 1);
          }
          /*
           * Add page into the queue even when it is marked uptodate above.
           * this will unlock it automatically as part of cl_page_list_disown().
           */
          cl_2queue_add(queue, page);
-        if (sbi->ll_ra_info.ra_max_pages)
+        if (sbi->ll_ra_info.ra_max_pages_per_file &&
+            sbi->ll_ra_info.ra_max_pages)
                  ll_readahead(env, io, ras,
                               vmpage->mapping, &queue->c2_qin, fd->fd_flags);
  
@@ -701,35 +845,18 @@ static int vvp_io_read_page(const struct lu_env *env,
  
  static int vvp_page_sync_io(const struct lu_env *env, struct cl_io *io,
                              struct cl_page *page, struct ccc_page *cp,
-                            int to, enum cl_req_type crt)
+                            enum cl_req_type crt)
  {
          struct cl_2queue  *queue;
-        struct ccc_object *cobo   = cl2ccc(page->cp_obj);
-        struct cl_sync_io *anchor = &ccc_env_info(env)->cti_sync_io;
-
-        int writing = io->ci_type == CIT_WRITE;
          int result;
  
          LASSERT(io->ci_type == CIT_READ || io->ci_type == CIT_WRITE);
  
          queue = &io->ci_queue;
-
          cl_2queue_init_page(queue, page);
  
-        if (writing)
-                /* Do not pass llap here as it is sync write. */
-                vvp_write_pending(cobo, cp);
-
-        cl_sync_io_init(anchor, 1);
-        cp->cpg_sync_io = anchor;
-        cl_page_clip(env, page, 0, to);
-        result = cl_io_submit_rw(env, io, crt, queue);
-        if (result == 0)
-                result = cl_sync_io_wait(env, io, &queue->c2_qout, anchor);
-        else
-                cp->cpg_sync_io = NULL;
+        result = cl_io_submit_sync(env, io, crt, queue, CRP_NORMAL, 0);
          LASSERT(cl_page_is_owned(page, io));
-        cl_page_clip(env, page, 0, CFS_PAGE_SIZE);
  
          if (crt == CRT_READ)
                  /*
@@ -750,7 +877,7 @@ static int vvp_io_prepare_partial(const struct lu_env *env, struct cl_io *io,
                                    struct ccc_page *cp,
                                    unsigned from, unsigned to)
  {
-        struct cl_attr *attr   = &ccc_env_info(env)->cti_attr;
+        struct cl_attr *attr   = ccc_env_thread_attr(env);
          loff_t          offset = cl_offset(obj, pg->cp_index);
          int             result;
  
@@ -771,8 +898,7 @@ static int vvp_io_prepare_partial(const struct lu_env *env, struct cl_io *io,
                  } else if (cp->cpg_defer_uptodate)
                          cp->cpg_ra_used = 1;
                  else
-                        result = vvp_page_sync_io(env, io, pg, cp,
-                                                  CFS_PAGE_SIZE, CRT_READ);
+                        result = vvp_page_sync_io(env, io, pg, cp, CRT_READ);
                  /*
                   * In older implementations, obdo_refresh_inode is called here
                   * to update the inode because the write might modify the
@@ -782,7 +908,7 @@ static int vvp_io_prepare_partial(const struct lu_env *env, struct cl_io *io,
                   * details. -jay
                   */
                  if (result == 0)
-                        cl_page_export(env, pg);
+                        cl_page_export(env, pg, 1);
          }
          return result;
  }
@@ -872,8 +998,14 @@ static int vvp_io_commit_write(const struct lu_env *env,
                  tallyop = LPROC_LL_DIRTY_MISSES;
                  vvp_write_pending(cl2ccc(obj), cp);
                  set_page_dirty(vmpage);
+                /* ll_set_page_dirty() does the same for now, but
+                 * it will not soon. */
+                vvp_write_pending(cl2ccc(obj), cp);
                  result = cl_page_cache_add(env, io, pg, CRT_WRITE);
-                if (result == -EDQUOT)
+                if (result == -EDQUOT) {
+                        pgoff_t last_index = i_size_read(inode) >> CFS_PAGE_SHIFT;
+                        bool need_clip = true;
+
                          /*
                           * Client ran out of disk space grant. Possible
                           * strategies are:
@@ -888,8 +1020,21 @@ static int vvp_io_commit_write(const struct lu_env *env,
                           * what the new code continues to do for the time
                           * being.
                           */
-                        result = vvp_page_sync_io(env, io, pg, cp,
-                                                  to, CRT_WRITE);
+                        if (last_index > pg->cp_index) {
+                                to = CFS_PAGE_SIZE;
+                                need_clip = false;
+                        } else if (last_index == pg->cp_index) {
+                                int size_to = i_size_read(inode) & ~CFS_PAGE_MASK;
+                                if (to < size_to)
+                                        to = size_to;
+                        }
+                        if (need_clip)
+                                cl_page_clip(env, pg, 0, to);
+                        result = vvp_page_sync_io(env, io, pg, cp, CRT_WRITE);
+                        if (result)
+                                CERROR("Write page %lu of inode %p failed %d\n",
+                                       pg->cp_index, inode, result);
+                }
          } else {
                  tallyop = LPROC_LL_DIRTY_HITS;
                  result = 0;
@@ -898,12 +1043,20 @@ static int vvp_io_commit_write(const struct lu_env *env,
  
          size = cl_offset(obj, pg->cp_index) + to;
  
+        ll_inode_size_lock(inode, 0);
          if (result == 0) {
+                if (size > i_size_read(inode)) {
+                        cl_isize_write_nolock(inode, size);
+                        CDEBUG(D_VFSTRACE, DFID" updating i_size %lu\n",
+                               PFID(lu_object_fid(&obj->co_lu)),
+                               (unsigned long)size);
+                }
+                cl_page_export(env, pg, 1);
+        } else {
                  if (size > i_size_read(inode))
-                        i_size_write(inode, size);
-                cl_page_export(env, pg);
-        } else if (size > i_size_read(inode))
-                cl_page_discard(env, io, pg);
+                        cl_page_discard(env, io, pg);
+        }
+        ll_inode_size_unlock(inode, 0);
          RETURN(result);
  }
  
@@ -913,20 +1066,20 @@ static const struct cl_io_operations vvp_io_ops = {
                          .cio_fini      = vvp_io_fini,
                          .cio_lock      = vvp_io_read_lock,
                          .cio_start     = vvp_io_read_start,
-                        .cio_advance   = vvp_io_advance
+                        .cio_advance   = ccc_io_advance
                  },
                  [CIT_WRITE] = {
                          .cio_fini      = vvp_io_fini,
                          .cio_lock      = vvp_io_write_lock,
                          .cio_start     = vvp_io_write_start,
-                        .cio_advance   = vvp_io_advance
+                        .cio_advance   = ccc_io_advance
                  },
-                [CIT_TRUNC] = {
-                        .cio_fini       = vvp_io_trunc_fini,
-                        .cio_iter_init  = vvp_io_trunc_iter_init,
-                        .cio_lock       = vvp_io_trunc_lock,
-                        .cio_start      = vvp_io_trunc_start,
-                        .cio_end        = vvp_io_trunc_end
+                [CIT_SETATTR] = {
+                        .cio_fini       = vvp_io_setattr_fini,
+                        .cio_iter_init  = vvp_io_setattr_iter_init,
+                        .cio_lock       = vvp_io_setattr_lock,
+                        .cio_start      = vvp_io_setattr_start,
+                        .cio_end        = vvp_io_setattr_end
                  },
                  [CIT_FAULT] = {
                          .cio_fini      = vvp_io_fault_fini,
@@ -958,18 +1111,12 @@ int vvp_io_init(const struct lu_env *env, struct cl_object *obj,
  
          CL_IO_SLICE_CLEAN(cio, cui_cl);
          cl_io_slice_add(io, &cio->cui_cl, obj, &vvp_io_ops);
-        vio->cui_oneshot = 0;
          vio->cui_ra_window_set = 0;
          result = 0;
          if (io->ci_type == CIT_READ || io->ci_type == CIT_WRITE) {
-                int    op;
                  size_t count;
  
                  count = io->u.ci_rw.crw_count;
-                op    = io->ci_type == CIT_READ ?
-                        LPROC_LL_READ_BYTES : LPROC_LL_WRITE_BYTES;
-                if (io->ci_type == CIT_WRITE)
-                        down(&ll_i2info(inode)->lli_write_sem);
                  /* "If nbyte is 0, read() will return 0 and have no other
                   *  results."  -- Single Unix Spec */
                  if (count == 0)
@@ -977,11 +1124,13 @@ int vvp_io_init(const struct lu_env *env, struct cl_object *obj,
                  else {
                          cio->cui_tot_count = count;
                          cio->cui_tot_nrsegs = 0;
-                        ll_stats_ops_tally(sbi, op, count);
                  }
-        } else if (io->ci_type == CIT_TRUNC) {
-                /* lockless truncate? */
-                ll_stats_ops_tally(sbi, LPROC_LL_TRUNC, 1);
+        } else if (io->ci_type == CIT_SETATTR) {
+                if (cl_io_is_trunc(io))
+                        /* lockless truncate? */
+                        ll_stats_ops_tally(sbi, LPROC_LL_TRUNC, 1);
+                else
+                        io->ci_lockreq = CILR_MANDATORY;
          }
          RETURN(result);
  }