1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * linux/fs/jbd2/checkpoint.c 4 * 5 * Written by Stephen C. Tweedie <sct@redhat.com>, 1999 6 * 7 * Copyright 1999 Red Hat Software --- All Rights Reserved 8 * 9 * Checkpoint routines for the generic filesystem journaling code. 10 * Part of the ext2fs journaling system. 11 * 12 * Checkpointing is the process of ensuring that a section of the log is 13 * committed fully to disk, so that that portion of the log can be 14 * reused. 15 */ 16 17 #include <linux/time.h> 18 #include <linux/fs.h> 19 #include <linux/jbd2.h> 20 #include <linux/errno.h> 21 #include <linux/slab.h> 22 #include <linux/blkdev.h> 23 #include <trace/events/jbd2.h> 24 25 /* 26 * Unlink a buffer from a transaction checkpoint list. 27 * 28 * Called with j_list_lock held. 29 */ 30 static inline void __buffer_unlink_first(struct journal_head *jh) 31 { 32 transaction_t *transaction = jh->b_cp_transaction; 33 34 jh->b_cpnext->b_cpprev = jh->b_cpprev; 35 jh->b_cpprev->b_cpnext = jh->b_cpnext; 36 if (transaction->t_checkpoint_list == jh) { 37 transaction->t_checkpoint_list = jh->b_cpnext; 38 if (transaction->t_checkpoint_list == jh) 39 transaction->t_checkpoint_list = NULL; 40 } 41 } 42 43 /* 44 * Unlink a buffer from a transaction checkpoint(io) list. 45 * 46 * Called with j_list_lock held. 47 */ 48 static inline void __buffer_unlink(struct journal_head *jh) 49 { 50 transaction_t *transaction = jh->b_cp_transaction; 51 52 __buffer_unlink_first(jh); 53 if (transaction->t_checkpoint_io_list == jh) { 54 transaction->t_checkpoint_io_list = jh->b_cpnext; 55 if (transaction->t_checkpoint_io_list == jh) 56 transaction->t_checkpoint_io_list = NULL; 57 } 58 } 59 60 /* 61 * Move a buffer from the checkpoint list to the checkpoint io list 62 * 63 * Called with j_list_lock held 64 */ 65 static inline void __buffer_relink_io(struct journal_head *jh) 66 { 67 transaction_t *transaction = jh->b_cp_transaction; 68 69 __buffer_unlink_first(jh); 70 71 if (!transaction->t_checkpoint_io_list) { 72 jh->b_cpnext = jh->b_cpprev = jh; 73 } else { 74 jh->b_cpnext = transaction->t_checkpoint_io_list; 75 jh->b_cpprev = transaction->t_checkpoint_io_list->b_cpprev; 76 jh->b_cpprev->b_cpnext = jh; 77 jh->b_cpnext->b_cpprev = jh; 78 } 79 transaction->t_checkpoint_io_list = jh; 80 } 81 82 /* 83 * Try to release a checkpointed buffer from its transaction. 84 * Returns 1 if we released it and 2 if we also released the 85 * whole transaction. 86 * 87 * Requires j_list_lock 88 */ 89 static int __try_to_free_cp_buf(struct journal_head *jh) 90 { 91 int ret = 0; 92 struct buffer_head *bh = jh2bh(jh); 93 94 if (jh->b_transaction == NULL && !buffer_locked(bh) && 95 !buffer_dirty(bh) && !buffer_write_io_error(bh)) { 96 JBUFFER_TRACE(jh, "remove from checkpoint list"); 97 ret = __jbd2_journal_remove_checkpoint(jh) + 1; 98 } 99 return ret; 100 } 101 102 /* 103 * __jbd2_log_wait_for_space: wait until there is space in the journal. 104 * 105 * Called under j-state_lock *only*. It will be unlocked if we have to wait 106 * for a checkpoint to free up some space in the log. 107 */ 108 void __jbd2_log_wait_for_space(journal_t *journal) 109 __acquires(&journal->j_state_lock) 110 __releases(&journal->j_state_lock) 111 { 112 int nblocks, space_left; 113 /* assert_spin_locked(&journal->j_state_lock); */ 114 115 nblocks = journal->j_max_transaction_buffers; 116 while (jbd2_log_space_left(journal) < nblocks) { 117 write_unlock(&journal->j_state_lock); 118 mutex_lock_io(&journal->j_checkpoint_mutex); 119 120 /* 121 * Test again, another process may have checkpointed while we 122 * were waiting for the checkpoint lock. If there are no 123 * transactions ready to be checkpointed, try to recover 124 * journal space by calling cleanup_journal_tail(), and if 125 * that doesn't work, by waiting for the currently committing 126 * transaction to complete. If there is absolutely no way 127 * to make progress, this is either a BUG or corrupted 128 * filesystem, so abort the journal and leave a stack 129 * trace for forensic evidence. 130 */ 131 write_lock(&journal->j_state_lock); 132 if (journal->j_flags & JBD2_ABORT) { 133 mutex_unlock(&journal->j_checkpoint_mutex); 134 return; 135 } 136 spin_lock(&journal->j_list_lock); 137 space_left = jbd2_log_space_left(journal); 138 if (space_left < nblocks) { 139 int chkpt = journal->j_checkpoint_transactions != NULL; 140 tid_t tid = 0; 141 142 if (journal->j_committing_transaction) 143 tid = journal->j_committing_transaction->t_tid; 144 spin_unlock(&journal->j_list_lock); 145 write_unlock(&journal->j_state_lock); 146 if (chkpt) { 147 jbd2_log_do_checkpoint(journal); 148 } else if (jbd2_cleanup_journal_tail(journal) == 0) { 149 /* We were able to recover space; yay! */ 150 ; 151 } else if (tid) { 152 /* 153 * jbd2_journal_commit_transaction() may want 154 * to take the checkpoint_mutex if JBD2_FLUSHED 155 * is set. So we need to temporarily drop it. 156 */ 157 mutex_unlock(&journal->j_checkpoint_mutex); 158 jbd2_log_wait_commit(journal, tid); 159 write_lock(&journal->j_state_lock); 160 continue; 161 } else { 162 printk(KERN_ERR "%s: needed %d blocks and " 163 "only had %d space available\n", 164 __func__, nblocks, space_left); 165 printk(KERN_ERR "%s: no way to get more " 166 "journal space in %s\n", __func__, 167 journal->j_devname); 168 WARN_ON(1); 169 jbd2_journal_abort(journal, -EIO); 170 } 171 write_lock(&journal->j_state_lock); 172 } else { 173 spin_unlock(&journal->j_list_lock); 174 } 175 mutex_unlock(&journal->j_checkpoint_mutex); 176 } 177 } 178 179 static void 180 __flush_batch(journal_t *journal, int *batch_count) 181 { 182 int i; 183 struct blk_plug plug; 184 185 blk_start_plug(&plug); 186 for (i = 0; i < *batch_count; i++) 187 write_dirty_buffer(journal->j_chkpt_bhs[i], REQ_SYNC); 188 blk_finish_plug(&plug); 189 190 for (i = 0; i < *batch_count; i++) { 191 struct buffer_head *bh = journal->j_chkpt_bhs[i]; 192 BUFFER_TRACE(bh, "brelse"); 193 __brelse(bh); 194 } 195 *batch_count = 0; 196 } 197 198 /* 199 * Perform an actual checkpoint. We take the first transaction on the 200 * list of transactions to be checkpointed and send all its buffers 201 * to disk. We submit larger chunks of data at once. 202 * 203 * The journal should be locked before calling this function. 204 * Called with j_checkpoint_mutex held. 205 */ 206 int jbd2_log_do_checkpoint(journal_t *journal) 207 { 208 struct journal_head *jh; 209 struct buffer_head *bh; 210 transaction_t *transaction; 211 tid_t this_tid; 212 int result, batch_count = 0; 213 214 jbd_debug(1, "Start checkpoint\n"); 215 216 /* 217 * First thing: if there are any transactions in the log which 218 * don't need checkpointing, just eliminate them from the 219 * journal straight away. 220 */ 221 result = jbd2_cleanup_journal_tail(journal); 222 trace_jbd2_checkpoint(journal, result); 223 jbd_debug(1, "cleanup_journal_tail returned %d\n", result); 224 if (result <= 0) 225 return result; 226 227 /* 228 * OK, we need to start writing disk blocks. Take one transaction 229 * and write it. 230 */ 231 result = 0; 232 spin_lock(&journal->j_list_lock); 233 if (!journal->j_checkpoint_transactions) 234 goto out; 235 transaction = journal->j_checkpoint_transactions; 236 if (transaction->t_chp_stats.cs_chp_time == 0) 237 transaction->t_chp_stats.cs_chp_time = jiffies; 238 this_tid = transaction->t_tid; 239 restart: 240 /* 241 * If someone cleaned up this transaction while we slept, we're 242 * done (maybe it's a new transaction, but it fell at the same 243 * address). 244 */ 245 if (journal->j_checkpoint_transactions != transaction || 246 transaction->t_tid != this_tid) 247 goto out; 248 249 /* checkpoint all of the transaction's buffers */ 250 while (transaction->t_checkpoint_list) { 251 jh = transaction->t_checkpoint_list; 252 bh = jh2bh(jh); 253 254 if (buffer_locked(bh)) { 255 get_bh(bh); 256 spin_unlock(&journal->j_list_lock); 257 wait_on_buffer(bh); 258 /* the journal_head may have gone by now */ 259 BUFFER_TRACE(bh, "brelse"); 260 __brelse(bh); 261 goto retry; 262 } 263 if (jh->b_transaction != NULL) { 264 transaction_t *t = jh->b_transaction; 265 tid_t tid = t->t_tid; 266 267 transaction->t_chp_stats.cs_forced_to_close++; 268 spin_unlock(&journal->j_list_lock); 269 if (unlikely(journal->j_flags & JBD2_UNMOUNT)) 270 /* 271 * The journal thread is dead; so 272 * starting and waiting for a commit 273 * to finish will cause us to wait for 274 * a _very_ long time. 275 */ 276 printk(KERN_ERR 277 "JBD2: %s: Waiting for Godot: block %llu\n", 278 journal->j_devname, (unsigned long long) bh->b_blocknr); 279 280 if (batch_count) 281 __flush_batch(journal, &batch_count); 282 jbd2_log_start_commit(journal, tid); 283 /* 284 * jbd2_journal_commit_transaction() may want 285 * to take the checkpoint_mutex if JBD2_FLUSHED 286 * is set, jbd2_update_log_tail() called by 287 * jbd2_journal_commit_transaction() may also take 288 * checkpoint_mutex. So we need to temporarily 289 * drop it. 290 */ 291 mutex_unlock(&journal->j_checkpoint_mutex); 292 jbd2_log_wait_commit(journal, tid); 293 mutex_lock_io(&journal->j_checkpoint_mutex); 294 spin_lock(&journal->j_list_lock); 295 goto restart; 296 } 297 if (!buffer_dirty(bh)) { 298 if (unlikely(buffer_write_io_error(bh)) && !result) 299 result = -EIO; 300 BUFFER_TRACE(bh, "remove from checkpoint"); 301 if (__jbd2_journal_remove_checkpoint(jh)) 302 /* The transaction was released; we're done */ 303 goto out; 304 continue; 305 } 306 /* 307 * Important: we are about to write the buffer, and 308 * possibly block, while still holding the journal 309 * lock. We cannot afford to let the transaction 310 * logic start messing around with this buffer before 311 * we write it to disk, as that would break 312 * recoverability. 313 */ 314 BUFFER_TRACE(bh, "queue"); 315 get_bh(bh); 316 J_ASSERT_BH(bh, !buffer_jwrite(bh)); 317 journal->j_chkpt_bhs[batch_count++] = bh; 318 __buffer_relink_io(jh); 319 transaction->t_chp_stats.cs_written++; 320 if ((batch_count == JBD2_NR_BATCH) || 321 need_resched() || 322 spin_needbreak(&journal->j_list_lock)) 323 goto unlock_and_flush; 324 } 325 326 if (batch_count) { 327 unlock_and_flush: 328 spin_unlock(&journal->j_list_lock); 329 retry: 330 if (batch_count) 331 __flush_batch(journal, &batch_count); 332 spin_lock(&journal->j_list_lock); 333 goto restart; 334 } 335 336 /* 337 * Now we issued all of the transaction's buffers, let's deal 338 * with the buffers that are out for I/O. 339 */ 340 restart2: 341 /* Did somebody clean up the transaction in the meanwhile? */ 342 if (journal->j_checkpoint_transactions != transaction || 343 transaction->t_tid != this_tid) 344 goto out; 345 346 while (transaction->t_checkpoint_io_list) { 347 jh = transaction->t_checkpoint_io_list; 348 bh = jh2bh(jh); 349 if (buffer_locked(bh)) { 350 get_bh(bh); 351 spin_unlock(&journal->j_list_lock); 352 wait_on_buffer(bh); 353 /* the journal_head may have gone by now */ 354 BUFFER_TRACE(bh, "brelse"); 355 __brelse(bh); 356 spin_lock(&journal->j_list_lock); 357 goto restart2; 358 } 359 if (unlikely(buffer_write_io_error(bh)) && !result) 360 result = -EIO; 361 362 /* 363 * Now in whatever state the buffer currently is, we 364 * know that it has been written out and so we can 365 * drop it from the list 366 */ 367 if (__jbd2_journal_remove_checkpoint(jh)) 368 break; 369 } 370 out: 371 spin_unlock(&journal->j_list_lock); 372 if (result < 0) 373 jbd2_journal_abort(journal, result); 374 else 375 result = jbd2_cleanup_journal_tail(journal); 376 377 return (result < 0) ? result : 0; 378 } 379 380 /* 381 * Check the list of checkpoint transactions for the journal to see if 382 * we have already got rid of any since the last update of the log tail 383 * in the journal superblock. If so, we can instantly roll the 384 * superblock forward to remove those transactions from the log. 385 * 386 * Return <0 on error, 0 on success, 1 if there was nothing to clean up. 387 * 388 * Called with the journal lock held. 389 * 390 * This is the only part of the journaling code which really needs to be 391 * aware of transaction aborts. Checkpointing involves writing to the 392 * main filesystem area rather than to the journal, so it can proceed 393 * even in abort state, but we must not update the super block if 394 * checkpointing may have failed. Otherwise, we would lose some metadata 395 * buffers which should be written-back to the filesystem. 396 */ 397 398 int jbd2_cleanup_journal_tail(journal_t *journal) 399 { 400 tid_t first_tid; 401 unsigned long blocknr; 402 403 if (is_journal_aborted(journal)) 404 return -EIO; 405 406 if (!jbd2_journal_get_log_tail(journal, &first_tid, &blocknr)) 407 return 1; 408 J_ASSERT(blocknr != 0); 409 410 /* 411 * We need to make sure that any blocks that were recently written out 412 * --- perhaps by jbd2_log_do_checkpoint() --- are flushed out before 413 * we drop the transactions from the journal. It's unlikely this will 414 * be necessary, especially with an appropriately sized journal, but we 415 * need this to guarantee correctness. Fortunately 416 * jbd2_cleanup_journal_tail() doesn't get called all that often. 417 */ 418 if (journal->j_flags & JBD2_BARRIER) 419 blkdev_issue_flush(journal->j_fs_dev); 420 421 return __jbd2_update_log_tail(journal, first_tid, blocknr); 422 } 423 424 425 /* Checkpoint list management */ 426 427 /* 428 * journal_clean_one_cp_list 429 * 430 * Find all the written-back checkpoint buffers in the given list and 431 * release them. If 'destroy' is set, clean all buffers unconditionally. 432 * 433 * Called with j_list_lock held. 434 * Returns 1 if we freed the transaction, 0 otherwise. 435 */ 436 static int journal_clean_one_cp_list(struct journal_head *jh, bool destroy) 437 { 438 struct journal_head *last_jh; 439 struct journal_head *next_jh = jh; 440 int ret; 441 442 if (!jh) 443 return 0; 444 445 last_jh = jh->b_cpprev; 446 do { 447 jh = next_jh; 448 next_jh = jh->b_cpnext; 449 if (!destroy) 450 ret = __try_to_free_cp_buf(jh); 451 else 452 ret = __jbd2_journal_remove_checkpoint(jh) + 1; 453 if (!ret) 454 return 0; 455 if (ret == 2) 456 return 1; 457 /* 458 * This function only frees up some memory 459 * if possible so we dont have an obligation 460 * to finish processing. Bail out if preemption 461 * requested: 462 */ 463 if (need_resched()) 464 return 0; 465 } while (jh != last_jh); 466 467 return 0; 468 } 469 470 /* 471 * journal_clean_checkpoint_list 472 * 473 * Find all the written-back checkpoint buffers in the journal and release them. 474 * If 'destroy' is set, release all buffers unconditionally. 475 * 476 * Called with j_list_lock held. 477 */ 478 void __jbd2_journal_clean_checkpoint_list(journal_t *journal, bool destroy) 479 { 480 transaction_t *transaction, *last_transaction, *next_transaction; 481 int ret; 482 483 transaction = journal->j_checkpoint_transactions; 484 if (!transaction) 485 return; 486 487 last_transaction = transaction->t_cpprev; 488 next_transaction = transaction; 489 do { 490 transaction = next_transaction; 491 next_transaction = transaction->t_cpnext; 492 ret = journal_clean_one_cp_list(transaction->t_checkpoint_list, 493 destroy); 494 /* 495 * This function only frees up some memory if possible so we 496 * dont have an obligation to finish processing. Bail out if 497 * preemption requested: 498 */ 499 if (need_resched()) 500 return; 501 if (ret) 502 continue; 503 /* 504 * It is essential that we are as careful as in the case of 505 * t_checkpoint_list with removing the buffer from the list as 506 * we can possibly see not yet submitted buffers on io_list 507 */ 508 ret = journal_clean_one_cp_list(transaction-> 509 t_checkpoint_io_list, destroy); 510 if (need_resched()) 511 return; 512 /* 513 * Stop scanning if we couldn't free the transaction. This 514 * avoids pointless scanning of transactions which still 515 * weren't checkpointed. 516 */ 517 if (!ret) 518 return; 519 } while (transaction != last_transaction); 520 } 521 522 /* 523 * Remove buffers from all checkpoint lists as journal is aborted and we just 524 * need to free memory 525 */ 526 void jbd2_journal_destroy_checkpoint(journal_t *journal) 527 { 528 /* 529 * We loop because __jbd2_journal_clean_checkpoint_list() may abort 530 * early due to a need of rescheduling. 531 */ 532 while (1) { 533 spin_lock(&journal->j_list_lock); 534 if (!journal->j_checkpoint_transactions) { 535 spin_unlock(&journal->j_list_lock); 536 break; 537 } 538 __jbd2_journal_clean_checkpoint_list(journal, true); 539 spin_unlock(&journal->j_list_lock); 540 cond_resched(); 541 } 542 } 543 544 /* 545 * journal_remove_checkpoint: called after a buffer has been committed 546 * to disk (either by being write-back flushed to disk, or being 547 * committed to the log). 548 * 549 * We cannot safely clean a transaction out of the log until all of the 550 * buffer updates committed in that transaction have safely been stored 551 * elsewhere on disk. To achieve this, all of the buffers in a 552 * transaction need to be maintained on the transaction's checkpoint 553 * lists until they have been rewritten, at which point this function is 554 * called to remove the buffer from the existing transaction's 555 * checkpoint lists. 556 * 557 * The function returns 1 if it frees the transaction, 0 otherwise. 558 * The function can free jh and bh. 559 * 560 * This function is called with j_list_lock held. 561 */ 562 int __jbd2_journal_remove_checkpoint(struct journal_head *jh) 563 { 564 struct transaction_chp_stats_s *stats; 565 transaction_t *transaction; 566 journal_t *journal; 567 int ret = 0; 568 569 JBUFFER_TRACE(jh, "entry"); 570 571 if ((transaction = jh->b_cp_transaction) == NULL) { 572 JBUFFER_TRACE(jh, "not on transaction"); 573 goto out; 574 } 575 journal = transaction->t_journal; 576 577 JBUFFER_TRACE(jh, "removing from transaction"); 578 __buffer_unlink(jh); 579 jh->b_cp_transaction = NULL; 580 jbd2_journal_put_journal_head(jh); 581 582 if (transaction->t_checkpoint_list != NULL || 583 transaction->t_checkpoint_io_list != NULL) 584 goto out; 585 586 /* 587 * There is one special case to worry about: if we have just pulled the 588 * buffer off a running or committing transaction's checkpoing list, 589 * then even if the checkpoint list is empty, the transaction obviously 590 * cannot be dropped! 591 * 592 * The locking here around t_state is a bit sleazy. 593 * See the comment at the end of jbd2_journal_commit_transaction(). 594 */ 595 if (transaction->t_state != T_FINISHED) 596 goto out; 597 598 /* OK, that was the last buffer for the transaction: we can now 599 safely remove this transaction from the log */ 600 stats = &transaction->t_chp_stats; 601 if (stats->cs_chp_time) 602 stats->cs_chp_time = jbd2_time_diff(stats->cs_chp_time, 603 jiffies); 604 trace_jbd2_checkpoint_stats(journal->j_fs_dev->bd_dev, 605 transaction->t_tid, stats); 606 607 __jbd2_journal_drop_transaction(journal, transaction); 608 jbd2_journal_free_transaction(transaction); 609 ret = 1; 610 out: 611 return ret; 612 } 613 614 /* 615 * journal_insert_checkpoint: put a committed buffer onto a checkpoint 616 * list so that we know when it is safe to clean the transaction out of 617 * the log. 618 * 619 * Called with the journal locked. 620 * Called with j_list_lock held. 621 */ 622 void __jbd2_journal_insert_checkpoint(struct journal_head *jh, 623 transaction_t *transaction) 624 { 625 JBUFFER_TRACE(jh, "entry"); 626 J_ASSERT_JH(jh, buffer_dirty(jh2bh(jh)) || buffer_jbddirty(jh2bh(jh))); 627 J_ASSERT_JH(jh, jh->b_cp_transaction == NULL); 628 629 /* Get reference for checkpointing transaction */ 630 jbd2_journal_grab_journal_head(jh2bh(jh)); 631 jh->b_cp_transaction = transaction; 632 633 if (!transaction->t_checkpoint_list) { 634 jh->b_cpnext = jh->b_cpprev = jh; 635 } else { 636 jh->b_cpnext = transaction->t_checkpoint_list; 637 jh->b_cpprev = transaction->t_checkpoint_list->b_cpprev; 638 jh->b_cpprev->b_cpnext = jh; 639 jh->b_cpnext->b_cpprev = jh; 640 } 641 transaction->t_checkpoint_list = jh; 642 } 643 644 /* 645 * We've finished with this transaction structure: adios... 646 * 647 * The transaction must have no links except for the checkpoint by this 648 * point. 649 * 650 * Called with the journal locked. 651 * Called with j_list_lock held. 652 */ 653 654 void __jbd2_journal_drop_transaction(journal_t *journal, transaction_t *transaction) 655 { 656 assert_spin_locked(&journal->j_list_lock); 657 if (transaction->t_cpnext) { 658 transaction->t_cpnext->t_cpprev = transaction->t_cpprev; 659 transaction->t_cpprev->t_cpnext = transaction->t_cpnext; 660 if (journal->j_checkpoint_transactions == transaction) 661 journal->j_checkpoint_transactions = 662 transaction->t_cpnext; 663 if (journal->j_checkpoint_transactions == transaction) 664 journal->j_checkpoint_transactions = NULL; 665 } 666 667 J_ASSERT(transaction->t_state == T_FINISHED); 668 J_ASSERT(transaction->t_buffers == NULL); 669 J_ASSERT(transaction->t_forget == NULL); 670 J_ASSERT(transaction->t_shadow_list == NULL); 671 J_ASSERT(transaction->t_checkpoint_list == NULL); 672 J_ASSERT(transaction->t_checkpoint_io_list == NULL); 673 J_ASSERT(atomic_read(&transaction->t_updates) == 0); 674 J_ASSERT(journal->j_committing_transaction != transaction); 675 J_ASSERT(journal->j_running_transaction != transaction); 676 677 trace_jbd2_drop_transaction(journal, transaction); 678 679 jbd_debug(1, "Dropping transaction %d, all done\n", transaction->t_tid); 680 } 681