1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * linux/fs/jbd2/checkpoint.c 4 * 5 * Written by Stephen C. Tweedie <sct@redhat.com>, 1999 6 * 7 * Copyright 1999 Red Hat Software --- All Rights Reserved 8 * 9 * Checkpoint routines for the generic filesystem journaling code. 10 * Part of the ext2fs journaling system. 11 * 12 * Checkpointing is the process of ensuring that a section of the log is 13 * committed fully to disk, so that that portion of the log can be 14 * reused. 15 */ 16 17 #include <linux/time.h> 18 #include <linux/fs.h> 19 #include <linux/jbd2.h> 20 #include <linux/errno.h> 21 #include <linux/slab.h> 22 #include <linux/blkdev.h> 23 #include <trace/events/jbd2.h> 24 25 /* 26 * Unlink a buffer from a transaction checkpoint list. 27 * 28 * Called with j_list_lock held. 29 */ 30 static inline void __buffer_unlink_first(struct journal_head *jh) 31 { 32 transaction_t *transaction = jh->b_cp_transaction; 33 34 jh->b_cpnext->b_cpprev = jh->b_cpprev; 35 jh->b_cpprev->b_cpnext = jh->b_cpnext; 36 if (transaction->t_checkpoint_list == jh) { 37 transaction->t_checkpoint_list = jh->b_cpnext; 38 if (transaction->t_checkpoint_list == jh) 39 transaction->t_checkpoint_list = NULL; 40 } 41 } 42 43 /* 44 * Unlink a buffer from a transaction checkpoint(io) list. 45 * 46 * Called with j_list_lock held. 47 */ 48 static inline void __buffer_unlink(struct journal_head *jh) 49 { 50 transaction_t *transaction = jh->b_cp_transaction; 51 52 __buffer_unlink_first(jh); 53 if (transaction->t_checkpoint_io_list == jh) { 54 transaction->t_checkpoint_io_list = jh->b_cpnext; 55 if (transaction->t_checkpoint_io_list == jh) 56 transaction->t_checkpoint_io_list = NULL; 57 } 58 } 59 60 /* 61 * Move a buffer from the checkpoint list to the checkpoint io list 62 * 63 * Called with j_list_lock held 64 */ 65 static inline void __buffer_relink_io(struct journal_head *jh) 66 { 67 transaction_t *transaction = jh->b_cp_transaction; 68 69 __buffer_unlink_first(jh); 70 71 if (!transaction->t_checkpoint_io_list) { 72 jh->b_cpnext = jh->b_cpprev = jh; 73 } else { 74 jh->b_cpnext = transaction->t_checkpoint_io_list; 75 jh->b_cpprev = transaction->t_checkpoint_io_list->b_cpprev; 76 jh->b_cpprev->b_cpnext = jh; 77 jh->b_cpnext->b_cpprev = jh; 78 } 79 transaction->t_checkpoint_io_list = jh; 80 } 81 82 /* 83 * Try to release a checkpointed buffer from its transaction. 84 * Returns 1 if we released it and 2 if we also released the 85 * whole transaction. 86 * 87 * Requires j_list_lock 88 */ 89 static int __try_to_free_cp_buf(struct journal_head *jh) 90 { 91 int ret = 0; 92 struct buffer_head *bh = jh2bh(jh); 93 94 if (!jh->b_transaction && !buffer_locked(bh) && !buffer_dirty(bh)) { 95 JBUFFER_TRACE(jh, "remove from checkpoint list"); 96 ret = __jbd2_journal_remove_checkpoint(jh) + 1; 97 } 98 return ret; 99 } 100 101 /* 102 * __jbd2_log_wait_for_space: wait until there is space in the journal. 103 * 104 * Called under j-state_lock *only*. It will be unlocked if we have to wait 105 * for a checkpoint to free up some space in the log. 106 */ 107 void __jbd2_log_wait_for_space(journal_t *journal) 108 __acquires(&journal->j_state_lock) 109 __releases(&journal->j_state_lock) 110 { 111 int nblocks, space_left; 112 /* assert_spin_locked(&journal->j_state_lock); */ 113 114 nblocks = journal->j_max_transaction_buffers; 115 while (jbd2_log_space_left(journal) < nblocks) { 116 write_unlock(&journal->j_state_lock); 117 mutex_lock_io(&journal->j_checkpoint_mutex); 118 119 /* 120 * Test again, another process may have checkpointed while we 121 * were waiting for the checkpoint lock. If there are no 122 * transactions ready to be checkpointed, try to recover 123 * journal space by calling cleanup_journal_tail(), and if 124 * that doesn't work, by waiting for the currently committing 125 * transaction to complete. If there is absolutely no way 126 * to make progress, this is either a BUG or corrupted 127 * filesystem, so abort the journal and leave a stack 128 * trace for forensic evidence. 129 */ 130 write_lock(&journal->j_state_lock); 131 if (journal->j_flags & JBD2_ABORT) { 132 mutex_unlock(&journal->j_checkpoint_mutex); 133 return; 134 } 135 spin_lock(&journal->j_list_lock); 136 space_left = jbd2_log_space_left(journal); 137 if (space_left < nblocks) { 138 int chkpt = journal->j_checkpoint_transactions != NULL; 139 tid_t tid = 0; 140 141 if (journal->j_committing_transaction) 142 tid = journal->j_committing_transaction->t_tid; 143 spin_unlock(&journal->j_list_lock); 144 write_unlock(&journal->j_state_lock); 145 if (chkpt) { 146 jbd2_log_do_checkpoint(journal); 147 } else if (jbd2_cleanup_journal_tail(journal) == 0) { 148 /* We were able to recover space; yay! */ 149 ; 150 } else if (tid) { 151 /* 152 * jbd2_journal_commit_transaction() may want 153 * to take the checkpoint_mutex if JBD2_FLUSHED 154 * is set. So we need to temporarily drop it. 155 */ 156 mutex_unlock(&journal->j_checkpoint_mutex); 157 jbd2_log_wait_commit(journal, tid); 158 write_lock(&journal->j_state_lock); 159 continue; 160 } else { 161 printk(KERN_ERR "%s: needed %d blocks and " 162 "only had %d space available\n", 163 __func__, nblocks, space_left); 164 printk(KERN_ERR "%s: no way to get more " 165 "journal space in %s\n", __func__, 166 journal->j_devname); 167 WARN_ON(1); 168 jbd2_journal_abort(journal, -EIO); 169 } 170 write_lock(&journal->j_state_lock); 171 } else { 172 spin_unlock(&journal->j_list_lock); 173 } 174 mutex_unlock(&journal->j_checkpoint_mutex); 175 } 176 } 177 178 static void 179 __flush_batch(journal_t *journal, int *batch_count) 180 { 181 int i; 182 struct blk_plug plug; 183 184 blk_start_plug(&plug); 185 for (i = 0; i < *batch_count; i++) 186 write_dirty_buffer(journal->j_chkpt_bhs[i], REQ_SYNC); 187 blk_finish_plug(&plug); 188 189 for (i = 0; i < *batch_count; i++) { 190 struct buffer_head *bh = journal->j_chkpt_bhs[i]; 191 BUFFER_TRACE(bh, "brelse"); 192 __brelse(bh); 193 } 194 *batch_count = 0; 195 } 196 197 /* 198 * Perform an actual checkpoint. We take the first transaction on the 199 * list of transactions to be checkpointed and send all its buffers 200 * to disk. We submit larger chunks of data at once. 201 * 202 * The journal should be locked before calling this function. 203 * Called with j_checkpoint_mutex held. 204 */ 205 int jbd2_log_do_checkpoint(journal_t *journal) 206 { 207 struct journal_head *jh; 208 struct buffer_head *bh; 209 transaction_t *transaction; 210 tid_t this_tid; 211 int result, batch_count = 0; 212 213 jbd_debug(1, "Start checkpoint\n"); 214 215 /* 216 * First thing: if there are any transactions in the log which 217 * don't need checkpointing, just eliminate them from the 218 * journal straight away. 219 */ 220 result = jbd2_cleanup_journal_tail(journal); 221 trace_jbd2_checkpoint(journal, result); 222 jbd_debug(1, "cleanup_journal_tail returned %d\n", result); 223 if (result <= 0) 224 return result; 225 226 /* 227 * OK, we need to start writing disk blocks. Take one transaction 228 * and write it. 229 */ 230 spin_lock(&journal->j_list_lock); 231 if (!journal->j_checkpoint_transactions) 232 goto out; 233 transaction = journal->j_checkpoint_transactions; 234 if (transaction->t_chp_stats.cs_chp_time == 0) 235 transaction->t_chp_stats.cs_chp_time = jiffies; 236 this_tid = transaction->t_tid; 237 restart: 238 /* 239 * If someone cleaned up this transaction while we slept, we're 240 * done (maybe it's a new transaction, but it fell at the same 241 * address). 242 */ 243 if (journal->j_checkpoint_transactions != transaction || 244 transaction->t_tid != this_tid) 245 goto out; 246 247 /* checkpoint all of the transaction's buffers */ 248 while (transaction->t_checkpoint_list) { 249 jh = transaction->t_checkpoint_list; 250 bh = jh2bh(jh); 251 252 if (buffer_locked(bh)) { 253 get_bh(bh); 254 spin_unlock(&journal->j_list_lock); 255 wait_on_buffer(bh); 256 /* the journal_head may have gone by now */ 257 BUFFER_TRACE(bh, "brelse"); 258 __brelse(bh); 259 goto retry; 260 } 261 if (jh->b_transaction != NULL) { 262 transaction_t *t = jh->b_transaction; 263 tid_t tid = t->t_tid; 264 265 transaction->t_chp_stats.cs_forced_to_close++; 266 spin_unlock(&journal->j_list_lock); 267 if (unlikely(journal->j_flags & JBD2_UNMOUNT)) 268 /* 269 * The journal thread is dead; so 270 * starting and waiting for a commit 271 * to finish will cause us to wait for 272 * a _very_ long time. 273 */ 274 printk(KERN_ERR 275 "JBD2: %s: Waiting for Godot: block %llu\n", 276 journal->j_devname, (unsigned long long) bh->b_blocknr); 277 278 if (batch_count) 279 __flush_batch(journal, &batch_count); 280 jbd2_log_start_commit(journal, tid); 281 /* 282 * jbd2_journal_commit_transaction() may want 283 * to take the checkpoint_mutex if JBD2_FLUSHED 284 * is set, jbd2_update_log_tail() called by 285 * jbd2_journal_commit_transaction() may also take 286 * checkpoint_mutex. So we need to temporarily 287 * drop it. 288 */ 289 mutex_unlock(&journal->j_checkpoint_mutex); 290 jbd2_log_wait_commit(journal, tid); 291 mutex_lock_io(&journal->j_checkpoint_mutex); 292 spin_lock(&journal->j_list_lock); 293 goto restart; 294 } 295 if (!buffer_dirty(bh)) { 296 BUFFER_TRACE(bh, "remove from checkpoint"); 297 if (__jbd2_journal_remove_checkpoint(jh)) 298 /* The transaction was released; we're done */ 299 goto out; 300 continue; 301 } 302 /* 303 * Important: we are about to write the buffer, and 304 * possibly block, while still holding the journal 305 * lock. We cannot afford to let the transaction 306 * logic start messing around with this buffer before 307 * we write it to disk, as that would break 308 * recoverability. 309 */ 310 BUFFER_TRACE(bh, "queue"); 311 get_bh(bh); 312 J_ASSERT_BH(bh, !buffer_jwrite(bh)); 313 journal->j_chkpt_bhs[batch_count++] = bh; 314 __buffer_relink_io(jh); 315 transaction->t_chp_stats.cs_written++; 316 if ((batch_count == JBD2_NR_BATCH) || 317 need_resched() || 318 spin_needbreak(&journal->j_list_lock)) 319 goto unlock_and_flush; 320 } 321 322 if (batch_count) { 323 unlock_and_flush: 324 spin_unlock(&journal->j_list_lock); 325 retry: 326 if (batch_count) 327 __flush_batch(journal, &batch_count); 328 spin_lock(&journal->j_list_lock); 329 goto restart; 330 } 331 332 /* 333 * Now we issued all of the transaction's buffers, let's deal 334 * with the buffers that are out for I/O. 335 */ 336 restart2: 337 /* Did somebody clean up the transaction in the meanwhile? */ 338 if (journal->j_checkpoint_transactions != transaction || 339 transaction->t_tid != this_tid) 340 goto out; 341 342 while (transaction->t_checkpoint_io_list) { 343 jh = transaction->t_checkpoint_io_list; 344 bh = jh2bh(jh); 345 if (buffer_locked(bh)) { 346 get_bh(bh); 347 spin_unlock(&journal->j_list_lock); 348 wait_on_buffer(bh); 349 /* the journal_head may have gone by now */ 350 BUFFER_TRACE(bh, "brelse"); 351 __brelse(bh); 352 spin_lock(&journal->j_list_lock); 353 goto restart2; 354 } 355 356 /* 357 * Now in whatever state the buffer currently is, we 358 * know that it has been written out and so we can 359 * drop it from the list 360 */ 361 if (__jbd2_journal_remove_checkpoint(jh)) 362 break; 363 } 364 out: 365 spin_unlock(&journal->j_list_lock); 366 result = jbd2_cleanup_journal_tail(journal); 367 368 return (result < 0) ? result : 0; 369 } 370 371 /* 372 * Check the list of checkpoint transactions for the journal to see if 373 * we have already got rid of any since the last update of the log tail 374 * in the journal superblock. If so, we can instantly roll the 375 * superblock forward to remove those transactions from the log. 376 * 377 * Return <0 on error, 0 on success, 1 if there was nothing to clean up. 378 * 379 * Called with the journal lock held. 380 * 381 * This is the only part of the journaling code which really needs to be 382 * aware of transaction aborts. Checkpointing involves writing to the 383 * main filesystem area rather than to the journal, so it can proceed 384 * even in abort state, but we must not update the super block if 385 * checkpointing may have failed. Otherwise, we would lose some metadata 386 * buffers which should be written-back to the filesystem. 387 */ 388 389 int jbd2_cleanup_journal_tail(journal_t *journal) 390 { 391 tid_t first_tid; 392 unsigned long blocknr; 393 394 if (is_journal_aborted(journal)) 395 return -EIO; 396 397 if (!jbd2_journal_get_log_tail(journal, &first_tid, &blocknr)) 398 return 1; 399 J_ASSERT(blocknr != 0); 400 401 /* 402 * We need to make sure that any blocks that were recently written out 403 * --- perhaps by jbd2_log_do_checkpoint() --- are flushed out before 404 * we drop the transactions from the journal. It's unlikely this will 405 * be necessary, especially with an appropriately sized journal, but we 406 * need this to guarantee correctness. Fortunately 407 * jbd2_cleanup_journal_tail() doesn't get called all that often. 408 */ 409 if (journal->j_flags & JBD2_BARRIER) 410 blkdev_issue_flush(journal->j_fs_dev); 411 412 return __jbd2_update_log_tail(journal, first_tid, blocknr); 413 } 414 415 416 /* Checkpoint list management */ 417 418 /* 419 * journal_clean_one_cp_list 420 * 421 * Find all the written-back checkpoint buffers in the given list and 422 * release them. If 'destroy' is set, clean all buffers unconditionally. 423 * 424 * Called with j_list_lock held. 425 * Returns 1 if we freed the transaction, 0 otherwise. 426 */ 427 static int journal_clean_one_cp_list(struct journal_head *jh, bool destroy) 428 { 429 struct journal_head *last_jh; 430 struct journal_head *next_jh = jh; 431 int ret; 432 433 if (!jh) 434 return 0; 435 436 last_jh = jh->b_cpprev; 437 do { 438 jh = next_jh; 439 next_jh = jh->b_cpnext; 440 if (!destroy) 441 ret = __try_to_free_cp_buf(jh); 442 else 443 ret = __jbd2_journal_remove_checkpoint(jh) + 1; 444 if (!ret) 445 return 0; 446 if (ret == 2) 447 return 1; 448 /* 449 * This function only frees up some memory 450 * if possible so we dont have an obligation 451 * to finish processing. Bail out if preemption 452 * requested: 453 */ 454 if (need_resched()) 455 return 0; 456 } while (jh != last_jh); 457 458 return 0; 459 } 460 461 /* 462 * journal_clean_checkpoint_list 463 * 464 * Find all the written-back checkpoint buffers in the journal and release them. 465 * If 'destroy' is set, release all buffers unconditionally. 466 * 467 * Called with j_list_lock held. 468 */ 469 void __jbd2_journal_clean_checkpoint_list(journal_t *journal, bool destroy) 470 { 471 transaction_t *transaction, *last_transaction, *next_transaction; 472 int ret; 473 474 transaction = journal->j_checkpoint_transactions; 475 if (!transaction) 476 return; 477 478 last_transaction = transaction->t_cpprev; 479 next_transaction = transaction; 480 do { 481 transaction = next_transaction; 482 next_transaction = transaction->t_cpnext; 483 ret = journal_clean_one_cp_list(transaction->t_checkpoint_list, 484 destroy); 485 /* 486 * This function only frees up some memory if possible so we 487 * dont have an obligation to finish processing. Bail out if 488 * preemption requested: 489 */ 490 if (need_resched()) 491 return; 492 if (ret) 493 continue; 494 /* 495 * It is essential that we are as careful as in the case of 496 * t_checkpoint_list with removing the buffer from the list as 497 * we can possibly see not yet submitted buffers on io_list 498 */ 499 ret = journal_clean_one_cp_list(transaction-> 500 t_checkpoint_io_list, destroy); 501 if (need_resched()) 502 return; 503 /* 504 * Stop scanning if we couldn't free the transaction. This 505 * avoids pointless scanning of transactions which still 506 * weren't checkpointed. 507 */ 508 if (!ret) 509 return; 510 } while (transaction != last_transaction); 511 } 512 513 /* 514 * Remove buffers from all checkpoint lists as journal is aborted and we just 515 * need to free memory 516 */ 517 void jbd2_journal_destroy_checkpoint(journal_t *journal) 518 { 519 /* 520 * We loop because __jbd2_journal_clean_checkpoint_list() may abort 521 * early due to a need of rescheduling. 522 */ 523 while (1) { 524 spin_lock(&journal->j_list_lock); 525 if (!journal->j_checkpoint_transactions) { 526 spin_unlock(&journal->j_list_lock); 527 break; 528 } 529 __jbd2_journal_clean_checkpoint_list(journal, true); 530 spin_unlock(&journal->j_list_lock); 531 cond_resched(); 532 } 533 } 534 535 /* 536 * journal_remove_checkpoint: called after a buffer has been committed 537 * to disk (either by being write-back flushed to disk, or being 538 * committed to the log). 539 * 540 * We cannot safely clean a transaction out of the log until all of the 541 * buffer updates committed in that transaction have safely been stored 542 * elsewhere on disk. To achieve this, all of the buffers in a 543 * transaction need to be maintained on the transaction's checkpoint 544 * lists until they have been rewritten, at which point this function is 545 * called to remove the buffer from the existing transaction's 546 * checkpoint lists. 547 * 548 * The function returns 1 if it frees the transaction, 0 otherwise. 549 * The function can free jh and bh. 550 * 551 * This function is called with j_list_lock held. 552 */ 553 int __jbd2_journal_remove_checkpoint(struct journal_head *jh) 554 { 555 struct transaction_chp_stats_s *stats; 556 transaction_t *transaction; 557 journal_t *journal; 558 struct buffer_head *bh = jh2bh(jh); 559 560 JBUFFER_TRACE(jh, "entry"); 561 562 transaction = jh->b_cp_transaction; 563 if (!transaction) { 564 JBUFFER_TRACE(jh, "not on transaction"); 565 return 0; 566 } 567 journal = transaction->t_journal; 568 569 JBUFFER_TRACE(jh, "removing from transaction"); 570 571 /* 572 * If we have failed to write the buffer out to disk, the filesystem 573 * may become inconsistent. We cannot abort the journal here since 574 * we hold j_list_lock and we have to be careful about races with 575 * jbd2_journal_destroy(). So mark the writeback IO error in the 576 * journal here and we abort the journal later from a better context. 577 */ 578 if (buffer_write_io_error(bh)) 579 set_bit(JBD2_CHECKPOINT_IO_ERROR, &journal->j_atomic_flags); 580 581 __buffer_unlink(jh); 582 jh->b_cp_transaction = NULL; 583 jbd2_journal_put_journal_head(jh); 584 585 /* Is this transaction empty? */ 586 if (transaction->t_checkpoint_list || transaction->t_checkpoint_io_list) 587 return 0; 588 589 /* 590 * There is one special case to worry about: if we have just pulled the 591 * buffer off a running or committing transaction's checkpoing list, 592 * then even if the checkpoint list is empty, the transaction obviously 593 * cannot be dropped! 594 * 595 * The locking here around t_state is a bit sleazy. 596 * See the comment at the end of jbd2_journal_commit_transaction(). 597 */ 598 if (transaction->t_state != T_FINISHED) 599 return 0; 600 601 /* 602 * OK, that was the last buffer for the transaction, we can now 603 * safely remove this transaction from the log. 604 */ 605 stats = &transaction->t_chp_stats; 606 if (stats->cs_chp_time) 607 stats->cs_chp_time = jbd2_time_diff(stats->cs_chp_time, 608 jiffies); 609 trace_jbd2_checkpoint_stats(journal->j_fs_dev->bd_dev, 610 transaction->t_tid, stats); 611 612 __jbd2_journal_drop_transaction(journal, transaction); 613 jbd2_journal_free_transaction(transaction); 614 return 1; 615 } 616 617 /* 618 * journal_insert_checkpoint: put a committed buffer onto a checkpoint 619 * list so that we know when it is safe to clean the transaction out of 620 * the log. 621 * 622 * Called with the journal locked. 623 * Called with j_list_lock held. 624 */ 625 void __jbd2_journal_insert_checkpoint(struct journal_head *jh, 626 transaction_t *transaction) 627 { 628 JBUFFER_TRACE(jh, "entry"); 629 J_ASSERT_JH(jh, buffer_dirty(jh2bh(jh)) || buffer_jbddirty(jh2bh(jh))); 630 J_ASSERT_JH(jh, jh->b_cp_transaction == NULL); 631 632 /* Get reference for checkpointing transaction */ 633 jbd2_journal_grab_journal_head(jh2bh(jh)); 634 jh->b_cp_transaction = transaction; 635 636 if (!transaction->t_checkpoint_list) { 637 jh->b_cpnext = jh->b_cpprev = jh; 638 } else { 639 jh->b_cpnext = transaction->t_checkpoint_list; 640 jh->b_cpprev = transaction->t_checkpoint_list->b_cpprev; 641 jh->b_cpprev->b_cpnext = jh; 642 jh->b_cpnext->b_cpprev = jh; 643 } 644 transaction->t_checkpoint_list = jh; 645 } 646 647 /* 648 * We've finished with this transaction structure: adios... 649 * 650 * The transaction must have no links except for the checkpoint by this 651 * point. 652 * 653 * Called with the journal locked. 654 * Called with j_list_lock held. 655 */ 656 657 void __jbd2_journal_drop_transaction(journal_t *journal, transaction_t *transaction) 658 { 659 assert_spin_locked(&journal->j_list_lock); 660 if (transaction->t_cpnext) { 661 transaction->t_cpnext->t_cpprev = transaction->t_cpprev; 662 transaction->t_cpprev->t_cpnext = transaction->t_cpnext; 663 if (journal->j_checkpoint_transactions == transaction) 664 journal->j_checkpoint_transactions = 665 transaction->t_cpnext; 666 if (journal->j_checkpoint_transactions == transaction) 667 journal->j_checkpoint_transactions = NULL; 668 } 669 670 J_ASSERT(transaction->t_state == T_FINISHED); 671 J_ASSERT(transaction->t_buffers == NULL); 672 J_ASSERT(transaction->t_forget == NULL); 673 J_ASSERT(transaction->t_shadow_list == NULL); 674 J_ASSERT(transaction->t_checkpoint_list == NULL); 675 J_ASSERT(transaction->t_checkpoint_io_list == NULL); 676 J_ASSERT(atomic_read(&transaction->t_updates) == 0); 677 J_ASSERT(journal->j_committing_transaction != transaction); 678 J_ASSERT(journal->j_running_transaction != transaction); 679 680 trace_jbd2_drop_transaction(journal, transaction); 681 682 jbd_debug(1, "Dropping transaction %d, all done\n", transaction->t_tid); 683 } 684