Current implementation of __sync_filesystem() ignores the
return code from ->sync_fs(). I am not sure why that's the case.
Ignoring ->sync_fs() return code is problematic for overlayfs where
it can return error if sync_filesystem() on upper super block failed.
That error will simply be lost and sycnfs(overlay_fd), will get
success (despite the fact it failed).
Al Viro noticed that there are other filesystems which can sometimes
return error in ->sync_fs() and these errors will be ignored too.
fs/btrfs/super.c:2412: .sync_fs = btrfs_sync_fs,
fs/exfat/super.c:204: .sync_fs = exfat_sync_fs,
fs/ext4/super.c:1674: .sync_fs = ext4_sync_fs,
fs/f2fs/super.c:2480: .sync_fs = f2fs_sync_fs,
fs/gfs2/super.c:1600: .sync_fs = gfs2_sync_fs,
fs/hfsplus/super.c:368: .sync_fs = hfsplus_sync_fs,
fs/nilfs2/super.c:689: .sync_fs = nilfs_sync_fs,
fs/ocfs2/super.c:139: .sync_fs = ocfs2_sync_fs,
fs/overlayfs/super.c:399: .sync_fs = ovl_sync_fs,
fs/ubifs/super.c:2052: .sync_fs = ubifs_sync_fs,
Hence, this patch tries to fix it and capture error returned
by ->sync_fs() and return to caller. I am specifically interested
in syncfs() path and return error to user.
I am assuming that we want to continue to call __sync_blockdev()
despite the fact that there have been errors reported from
->sync_fs(). So this patch continues to call __sync_blockdev()
even if ->sync_fs() returns an error.
Al noticed that there are few other callsites where ->sync_fs() error
code is being ignored.
sync_fs_one_sb(): For this it seems desirable to ignore the return code.
dquot_disable(): Jan Kara mentioned that ignoring return code here is fine
because we don't want to fail dquot_disable() just beacuse
caches might be incoherent.
dquot_quota_sync(): Jan thinks that it might make some sense to capture
return code here. But I am leaving it untouched for
now. When somebody needs it, they can easily fix it.
Signed-off-by: Vivek Goyal <[email protected]>
---
fs/sync.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/fs/sync.c b/fs/sync.c
index 1373a610dc78..b5fb83a734cd 100644
--- a/fs/sync.c
+++ b/fs/sync.c
@@ -30,14 +30,18 @@
*/
static int __sync_filesystem(struct super_block *sb, int wait)
{
+ int ret, ret2;
+
if (wait)
sync_inodes_sb(sb);
else
writeback_inodes_sb(sb, WB_REASON_SYNC);
if (sb->s_op->sync_fs)
- sb->s_op->sync_fs(sb, wait);
- return __sync_blockdev(sb->s_bdev, wait);
+ ret = sb->s_op->sync_fs(sb, wait);
+ ret2 = __sync_blockdev(sb->s_bdev, wait);
+
+ return ret ? ret : ret2;
}
/*
--
2.25.4
On Mon, Dec 21 2020, Vivek Goyal wrote:
> Current implementation of __sync_filesystem() ignores the
> return code from ->sync_fs(). I am not sure why that's the case.
>
> Ignoring ->sync_fs() return code is problematic for overlayfs where
> it can return error if sync_filesystem() on upper super block failed.
> That error will simply be lost and sycnfs(overlay_fd), will get
> success (despite the fact it failed).
>
> Al Viro noticed that there are other filesystems which can sometimes
> return error in ->sync_fs() and these errors will be ignored too.
>
> fs/btrfs/super.c:2412: .sync_fs = btrfs_sync_fs,
> fs/exfat/super.c:204: .sync_fs = exfat_sync_fs,
> fs/ext4/super.c:1674: .sync_fs = ext4_sync_fs,
> fs/f2fs/super.c:2480: .sync_fs = f2fs_sync_fs,
> fs/gfs2/super.c:1600: .sync_fs = gfs2_sync_fs,
> fs/hfsplus/super.c:368: .sync_fs = hfsplus_sync_fs,
> fs/nilfs2/super.c:689: .sync_fs = nilfs_sync_fs,
> fs/ocfs2/super.c:139: .sync_fs = ocfs2_sync_fs,
> fs/overlayfs/super.c:399: .sync_fs = ovl_sync_fs,
> fs/ubifs/super.c:2052: .sync_fs = ubifs_sync_fs,
>
> Hence, this patch tries to fix it and capture error returned
> by ->sync_fs() and return to caller. I am specifically interested
> in syncfs() path and return error to user.
>
> I am assuming that we want to continue to call __sync_blockdev()
> despite the fact that there have been errors reported from
> ->sync_fs(). So this patch continues to call __sync_blockdev()
> even if ->sync_fs() returns an error.
>
> Al noticed that there are few other callsites where ->sync_fs() error
> code is being ignored.
>
> sync_fs_one_sb(): For this it seems desirable to ignore the return code.
>
> dquot_disable(): Jan Kara mentioned that ignoring return code here is fine
> because we don't want to fail dquot_disable() just beacuse
> caches might be incoherent.
>
> dquot_quota_sync(): Jan thinks that it might make some sense to capture
> return code here. But I am leaving it untouched for
> now. When somebody needs it, they can easily fix it.
>
> Signed-off-by: Vivek Goyal <[email protected]>
> ---
> fs/sync.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/fs/sync.c b/fs/sync.c
> index 1373a610dc78..b5fb83a734cd 100644
> --- a/fs/sync.c
> +++ b/fs/sync.c
> @@ -30,14 +30,18 @@
> */
> static int __sync_filesystem(struct super_block *sb, int wait)
> {
> + int ret, ret2;
> +
> if (wait)
> sync_inodes_sb(sb);
> else
> writeback_inodes_sb(sb, WB_REASON_SYNC);
>
> if (sb->s_op->sync_fs)
> - sb->s_op->sync_fs(sb, wait);
> - return __sync_blockdev(sb->s_bdev, wait);
> + ret = sb->s_op->sync_fs(sb, wait);
> + ret2 = __sync_blockdev(sb->s_bdev, wait);
> +
> + return ret ? ret : ret2;
I'm surprised that the compiler didn't complain that 'ret' might be used
uninitialized.
NeilBrown
> }
>
> /*
> --
> 2.25.4
On Tue, Dec 22, 2020 at 12:23:11PM +1100, NeilBrown wrote:
[...]
> > diff --git a/fs/sync.c b/fs/sync.c
> > index 1373a610dc78..b5fb83a734cd 100644
> > --- a/fs/sync.c
> > +++ b/fs/sync.c
> > @@ -30,14 +30,18 @@
> > */
> > static int __sync_filesystem(struct super_block *sb, int wait)
> > {
> > + int ret, ret2;
> > +
> > if (wait)
> > sync_inodes_sb(sb);
> > else
> > writeback_inodes_sb(sb, WB_REASON_SYNC);
> >
> > if (sb->s_op->sync_fs)
> > - sb->s_op->sync_fs(sb, wait);
> > - return __sync_blockdev(sb->s_bdev, wait);
> > + ret = sb->s_op->sync_fs(sb, wait);
> > + ret2 = __sync_blockdev(sb->s_bdev, wait);
> > +
> > + return ret ? ret : ret2;
>
> I'm surprised that the compiler didn't complain that 'ret' might be used
> uninitialized.
Indeed. That "ret" can be used uninitialized. Here is the fixed patch.
Subject: vfs: Do not ignore return code from s_op->sync_fs
Current implementation of __sync_filesystem() ignores the
return code from ->sync_fs(). I am not sure why that's the case.
Ignoring ->sync_fs() return code is problematic for overlayfs where
it can return error if sync_filesystem() on upper super block failed.
That error will simply be lost and sycnfs(overlay_fd), will get
success (despite the fact it failed).
Al Viro noticed that there are other filesystems which can sometimes
return error in ->sync_fs() and these errors will be ignored too.
fs/btrfs/super.c:2412: .sync_fs = btrfs_sync_fs,
fs/exfat/super.c:204: .sync_fs = exfat_sync_fs,
fs/ext4/super.c:1674: .sync_fs = ext4_sync_fs,
fs/f2fs/super.c:2480: .sync_fs = f2fs_sync_fs,
fs/gfs2/super.c:1600: .sync_fs = gfs2_sync_fs,
fs/hfsplus/super.c:368: .sync_fs = hfsplus_sync_fs,
fs/nilfs2/super.c:689: .sync_fs = nilfs_sync_fs,
fs/ocfs2/super.c:139: .sync_fs = ocfs2_sync_fs,
fs/overlayfs/super.c:399: .sync_fs = ovl_sync_fs,
fs/ubifs/super.c:2052: .sync_fs = ubifs_sync_fs,
Hence, this patch tries to fix it and capture error returned
by ->sync_fs() and return to caller. I am specifically interested
in syncfs() path and return error to user.
I am assuming that we want to continue to call __sync_blockdev()
despite the fact that there have been errors reported from
->sync_fs(). So this patch continues to call __sync_blockdev()
even if ->sync_fs() returns an error.
Al noticed that there are few other callsites where ->sync_fs() error
code is being ignored.
sync_fs_one_sb(): For this it seems desirable to ignore the return code.
dquot_disable(): Jan Kara mentioned that ignoring return code here is fine
because we don't want to fail dquot_disable() just beacuse
caches might be incoherent.
dquot_quota_sync(): Jan thinks that it might make some sense to capture
return code here. But I am leaving it untouched for
now. When somebody needs it, they can easily fix it.
Signed-off-by: Vivek Goyal <[email protected]>
---
fs/sync.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Index: redhat-linux/fs/sync.c
===================================================================
--- redhat-linux.orig/fs/sync.c 2020-12-22 09:56:04.543483440 -0500
+++ redhat-linux/fs/sync.c 2020-12-22 10:01:28.560483440 -0500
@@ -30,14 +30,18 @@
*/
static int __sync_filesystem(struct super_block *sb, int wait)
{
+ int ret = 0, ret2;
+
if (wait)
sync_inodes_sb(sb);
else
writeback_inodes_sb(sb, WB_REASON_SYNC);
if (sb->s_op->sync_fs)
- sb->s_op->sync_fs(sb, wait);
- return __sync_blockdev(sb->s_bdev, wait);
+ ret = sb->s_op->sync_fs(sb, wait);
+ ret2 = __sync_blockdev(sb->s_bdev, wait);
+
+ return ret ? ret : ret2;
}
/*