2008-06-03 22:36:33

by Andrew Morton

[permalink] [raw]
Subject: + jbd-strictly-check-for-write-errors-on-data-buffers.patch added to -mm tree


The patch titled
jbd: strictly check for write errors on data buffers
has been added to the -mm tree. Its filename is
jbd-strictly-check-for-write-errors-on-data-buffers.patch

Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/SubmitChecklist when testing your code ***

See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this

The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/

------------------------------------------------------
Subject: jbd: strictly check for write errors on data buffers
From: Hidehiro Kawai <[email protected]>

In ordered mode, we should abort journaling when an I/O error has occurred
on a file data buffer in the committing transaction. But there can be
data buffers which are not checked for error:

(a) the buffer which has already been written out by pdflush
(b) the buffer which has been unlocked before scanned in the
t_locked_list loop

This patch adds missing error checks and aborts journaling
appropriately.

Signed-off-by: Hidehiro Kawai <[email protected]>
Acked-by: Jan Kara <[email protected]>
Cc: <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---

fs/jbd/commit.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)

diff -puN fs/jbd/commit.c~jbd-strictly-check-for-write-errors-on-data-buffers fs/jbd/commit.c
--- a/fs/jbd/commit.c~jbd-strictly-check-for-write-errors-on-data-buffers
+++ a/fs/jbd/commit.c
@@ -172,7 +172,7 @@ static void journal_do_submit_data(struc
/*
* Submit all the data buffers to disk
*/
-static void journal_submit_data_buffers(journal_t *journal,
+static int journal_submit_data_buffers(journal_t *journal,
transaction_t *commit_transaction)
{
struct journal_head *jh;
@@ -180,6 +180,7 @@ static void journal_submit_data_buffers(
int locked;
int bufs = 0;
struct buffer_head **wbuf = journal->j_wbuf;
+ int err = 0;

/*
* Whenever we unlock the journal and sleep, things can get added
@@ -253,6 +254,8 @@ write_out_data:
put_bh(bh);
} else {
BUFFER_TRACE(bh, "writeout complete: unfile");
+ if (unlikely(!buffer_uptodate(bh)))
+ err = -EIO;
__journal_unfile_buffer(jh);
jbd_unlock_bh_state(bh);
if (locked)
@@ -271,6 +274,8 @@ write_out_data:
}
spin_unlock(&journal->j_list_lock);
journal_do_submit_data(wbuf, bufs);
+
+ return err;
}

/*
@@ -410,8 +415,7 @@ void journal_commit_transaction(journal_
* Now start flushing things to disk, in the order they appear
* on the transaction lists. Data blocks go first.
*/
- err = 0;
- journal_submit_data_buffers(journal, commit_transaction);
+ err = journal_submit_data_buffers(journal, commit_transaction);

/*
* Wait for all previously submitted IO to complete.
@@ -426,10 +430,10 @@ void journal_commit_transaction(journal_
if (buffer_locked(bh)) {
spin_unlock(&journal->j_list_lock);
wait_on_buffer(bh);
- if (unlikely(!buffer_uptodate(bh)))
- err = -EIO;
spin_lock(&journal->j_list_lock);
}
+ if (unlikely(!buffer_uptodate(bh)))
+ err = -EIO;
if (!inverted_lock(journal, bh)) {
put_bh(bh);
spin_lock(&journal->j_list_lock);
_

Patches currently in -mm which might be from [email protected] are

jbd-strictly-check-for-write-errors-on-data-buffers.patch
jbd-ordered-data-integrity-fix.patch
jbd-abort-when-failed-to-log-metadata-buffers.patch
jbd-fix-error-handling-for-checkpoint-io.patch
ext3-abort-ext3-if-the-journal-has-aborted.patch



2008-06-04 03:53:41

by Andreas Dilger

[permalink] [raw]
Subject: Re: + jbd-strictly-check-for-write-errors-on-data-buffers.patch added to -mm tree

On Jun 03, 2008 15:36 -0700, Andrew Morton wrote:
> ------------------------------------------------------
> Subject: jbd: strictly check for write errors on data buffers
> From: Hidehiro Kawai <[email protected]>
>
> In ordered mode, we should abort journaling when an I/O error has occurred
> on a file data buffer in the committing transaction. But there can be
> data buffers which are not checked for error:
>
> (a) the buffer which has already been written out by pdflush
> (b) the buffer which has been unlocked before scanned in the
> t_locked_list loop
>
> This patch adds missing error checks and aborts journaling
> appropriately.

Should we actually abort the journal for file data write errors?

It appears journal_submit_data_buffers() is only for file data
(BJ_SyncData) and not any metadata (BJ_Metadata). In data=ordered
mode there is no risk to the filesystem integrity.

> Signed-off-by: Hidehiro Kawai <[email protected]>
> Acked-by: Jan Kara <[email protected]>
> Cc: <[email protected]>
> Signed-off-by: Andrew Morton <[email protected]>
> ---
>
> fs/jbd/commit.c | 14 +++++++++-----
> 1 file changed, 9 insertions(+), 5 deletions(-)
>
> diff -puN fs/jbd/commit.c~jbd-strictly-check-for-write-errors-on-data-buffers fs/jbd/commit.c
> --- a/fs/jbd/commit.c~jbd-strictly-check-for-write-errors-on-data-buffers
> +++ a/fs/jbd/commit.c
> @@ -172,7 +172,7 @@ static void journal_do_submit_data(struc
> /*
> * Submit all the data buffers to disk
> */
> -static void journal_submit_data_buffers(journal_t *journal,
> +static int journal_submit_data_buffers(journal_t *journal,
> transaction_t *commit_transaction)
> {
> struct journal_head *jh;
> @@ -180,6 +180,7 @@ static void journal_submit_data_buffers(
> int locked;
> int bufs = 0;
> struct buffer_head **wbuf = journal->j_wbuf;
> + int err = 0;
>
> /*
> * Whenever we unlock the journal and sleep, things can get added
> @@ -253,6 +254,8 @@ write_out_data:
> put_bh(bh);
> } else {
> BUFFER_TRACE(bh, "writeout complete: unfile");
> + if (unlikely(!buffer_uptodate(bh)))
> + err = -EIO;
> __journal_unfile_buffer(jh);
> jbd_unlock_bh_state(bh);
> if (locked)
> @@ -271,6 +274,8 @@ write_out_data:
> }
> spin_unlock(&journal->j_list_lock);
> journal_do_submit_data(wbuf, bufs);
> +
> + return err;
> }
>
> /*
> @@ -410,8 +415,7 @@ void journal_commit_transaction(journal_
> * Now start flushing things to disk, in the order they appear
> * on the transaction lists. Data blocks go first.
> */
> - err = 0;
> - journal_submit_data_buffers(journal, commit_transaction);
> + err = journal_submit_data_buffers(journal, commit_transaction);
>
> /*
> * Wait for all previously submitted IO to complete.
> @@ -426,10 +430,10 @@ void journal_commit_transaction(journal_
> if (buffer_locked(bh)) {
> spin_unlock(&journal->j_list_lock);
> wait_on_buffer(bh);
> - if (unlikely(!buffer_uptodate(bh)))
> - err = -EIO;
> spin_lock(&journal->j_list_lock);
> }
> + if (unlikely(!buffer_uptodate(bh)))
> + err = -EIO;
> if (!inverted_lock(journal, bh)) {
> put_bh(bh);
> spin_lock(&journal->j_list_lock);
> _
>
> Patches currently in -mm which might be from [email protected] are
>
> jbd-strictly-check-for-write-errors-on-data-buffers.patch
> jbd-ordered-data-integrity-fix.patch
> jbd-abort-when-failed-to-log-metadata-buffers.patch
> jbd-fix-error-handling-for-checkpoint-io.patch
> ext3-abort-ext3-if-the-journal-has-aborted.patch
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html

Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.