1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6 #include "xfs.h" 7 #include "xfs_fs.h" 8 #include "xfs_shared.h" 9 #include "xfs_format.h" 10 #include "xfs_log_format.h" 11 #include "xfs_trans_resv.h" 12 #include "xfs_bit.h" 13 #include "xfs_mount.h" 14 #include "xfs_trans.h" 15 #include "xfs_buf_item.h" 16 #include "xfs_trans_priv.h" 17 #include "xfs_trace.h" 18 #include "xfs_log.h" 19 20 21 kmem_zone_t *xfs_buf_item_zone; 22 23 static inline struct xfs_buf_log_item *BUF_ITEM(struct xfs_log_item *lip) 24 { 25 return container_of(lip, struct xfs_buf_log_item, bli_item); 26 } 27 28 STATIC void xfs_buf_do_callbacks(struct xfs_buf *bp); 29 30 /* Is this log iovec plausibly large enough to contain the buffer log format? */ 31 bool 32 xfs_buf_log_check_iovec( 33 struct xfs_log_iovec *iovec) 34 { 35 struct xfs_buf_log_format *blfp = iovec->i_addr; 36 char *bmp_end; 37 char *item_end; 38 39 if (offsetof(struct xfs_buf_log_format, blf_data_map) > iovec->i_len) 40 return false; 41 42 item_end = (char *)iovec->i_addr + iovec->i_len; 43 bmp_end = (char *)&blfp->blf_data_map[blfp->blf_map_size]; 44 return bmp_end <= item_end; 45 } 46 47 static inline int 48 xfs_buf_log_format_size( 49 struct xfs_buf_log_format *blfp) 50 { 51 return offsetof(struct xfs_buf_log_format, blf_data_map) + 52 (blfp->blf_map_size * sizeof(blfp->blf_data_map[0])); 53 } 54 55 /* 56 * This returns the number of log iovecs needed to log the 57 * given buf log item. 58 * 59 * It calculates this as 1 iovec for the buf log format structure 60 * and 1 for each stretch of non-contiguous chunks to be logged. 61 * Contiguous chunks are logged in a single iovec. 62 * 63 * If the XFS_BLI_STALE flag has been set, then log nothing. 64 */ 65 STATIC void 66 xfs_buf_item_size_segment( 67 struct xfs_buf_log_item *bip, 68 struct xfs_buf_log_format *blfp, 69 int *nvecs, 70 int *nbytes) 71 { 72 struct xfs_buf *bp = bip->bli_buf; 73 int next_bit; 74 int last_bit; 75 76 last_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0); 77 if (last_bit == -1) 78 return; 79 80 /* 81 * initial count for a dirty buffer is 2 vectors - the format structure 82 * and the first dirty region. 83 */ 84 *nvecs += 2; 85 *nbytes += xfs_buf_log_format_size(blfp) + XFS_BLF_CHUNK; 86 87 while (last_bit != -1) { 88 /* 89 * This takes the bit number to start looking from and 90 * returns the next set bit from there. It returns -1 91 * if there are no more bits set or the start bit is 92 * beyond the end of the bitmap. 93 */ 94 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 95 last_bit + 1); 96 /* 97 * If we run out of bits, leave the loop, 98 * else if we find a new set of bits bump the number of vecs, 99 * else keep scanning the current set of bits. 100 */ 101 if (next_bit == -1) { 102 break; 103 } else if (next_bit != last_bit + 1) { 104 last_bit = next_bit; 105 (*nvecs)++; 106 } else if (xfs_buf_offset(bp, next_bit * XFS_BLF_CHUNK) != 107 (xfs_buf_offset(bp, last_bit * XFS_BLF_CHUNK) + 108 XFS_BLF_CHUNK)) { 109 last_bit = next_bit; 110 (*nvecs)++; 111 } else { 112 last_bit++; 113 } 114 *nbytes += XFS_BLF_CHUNK; 115 } 116 } 117 118 /* 119 * This returns the number of log iovecs needed to log the given buf log item. 120 * 121 * It calculates this as 1 iovec for the buf log format structure and 1 for each 122 * stretch of non-contiguous chunks to be logged. Contiguous chunks are logged 123 * in a single iovec. 124 * 125 * Discontiguous buffers need a format structure per region that that is being 126 * logged. This makes the changes in the buffer appear to log recovery as though 127 * they came from separate buffers, just like would occur if multiple buffers 128 * were used instead of a single discontiguous buffer. This enables 129 * discontiguous buffers to be in-memory constructs, completely transparent to 130 * what ends up on disk. 131 * 132 * If the XFS_BLI_STALE flag has been set, then log nothing but the buf log 133 * format structures. 134 */ 135 STATIC void 136 xfs_buf_item_size( 137 struct xfs_log_item *lip, 138 int *nvecs, 139 int *nbytes) 140 { 141 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 142 int i; 143 144 ASSERT(atomic_read(&bip->bli_refcount) > 0); 145 if (bip->bli_flags & XFS_BLI_STALE) { 146 /* 147 * The buffer is stale, so all we need to log 148 * is the buf log format structure with the 149 * cancel flag in it. 150 */ 151 trace_xfs_buf_item_size_stale(bip); 152 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL); 153 *nvecs += bip->bli_format_count; 154 for (i = 0; i < bip->bli_format_count; i++) { 155 *nbytes += xfs_buf_log_format_size(&bip->bli_formats[i]); 156 } 157 return; 158 } 159 160 ASSERT(bip->bli_flags & XFS_BLI_LOGGED); 161 162 if (bip->bli_flags & XFS_BLI_ORDERED) { 163 /* 164 * The buffer has been logged just to order it. 165 * It is not being included in the transaction 166 * commit, so no vectors are used at all. 167 */ 168 trace_xfs_buf_item_size_ordered(bip); 169 *nvecs = XFS_LOG_VEC_ORDERED; 170 return; 171 } 172 173 /* 174 * the vector count is based on the number of buffer vectors we have 175 * dirty bits in. This will only be greater than one when we have a 176 * compound buffer with more than one segment dirty. Hence for compound 177 * buffers we need to track which segment the dirty bits correspond to, 178 * and when we move from one segment to the next increment the vector 179 * count for the extra buf log format structure that will need to be 180 * written. 181 */ 182 for (i = 0; i < bip->bli_format_count; i++) { 183 xfs_buf_item_size_segment(bip, &bip->bli_formats[i], 184 nvecs, nbytes); 185 } 186 trace_xfs_buf_item_size(bip); 187 } 188 189 static inline void 190 xfs_buf_item_copy_iovec( 191 struct xfs_log_vec *lv, 192 struct xfs_log_iovec **vecp, 193 struct xfs_buf *bp, 194 uint offset, 195 int first_bit, 196 uint nbits) 197 { 198 offset += first_bit * XFS_BLF_CHUNK; 199 xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BCHUNK, 200 xfs_buf_offset(bp, offset), 201 nbits * XFS_BLF_CHUNK); 202 } 203 204 static inline bool 205 xfs_buf_item_straddle( 206 struct xfs_buf *bp, 207 uint offset, 208 int next_bit, 209 int last_bit) 210 { 211 return xfs_buf_offset(bp, offset + (next_bit << XFS_BLF_SHIFT)) != 212 (xfs_buf_offset(bp, offset + (last_bit << XFS_BLF_SHIFT)) + 213 XFS_BLF_CHUNK); 214 } 215 216 static void 217 xfs_buf_item_format_segment( 218 struct xfs_buf_log_item *bip, 219 struct xfs_log_vec *lv, 220 struct xfs_log_iovec **vecp, 221 uint offset, 222 struct xfs_buf_log_format *blfp) 223 { 224 struct xfs_buf *bp = bip->bli_buf; 225 uint base_size; 226 int first_bit; 227 int last_bit; 228 int next_bit; 229 uint nbits; 230 231 /* copy the flags across from the base format item */ 232 blfp->blf_flags = bip->__bli_format.blf_flags; 233 234 /* 235 * Base size is the actual size of the ondisk structure - it reflects 236 * the actual size of the dirty bitmap rather than the size of the in 237 * memory structure. 238 */ 239 base_size = xfs_buf_log_format_size(blfp); 240 241 first_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0); 242 if (!(bip->bli_flags & XFS_BLI_STALE) && first_bit == -1) { 243 /* 244 * If the map is not be dirty in the transaction, mark 245 * the size as zero and do not advance the vector pointer. 246 */ 247 return; 248 } 249 250 blfp = xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BFORMAT, blfp, base_size); 251 blfp->blf_size = 1; 252 253 if (bip->bli_flags & XFS_BLI_STALE) { 254 /* 255 * The buffer is stale, so all we need to log 256 * is the buf log format structure with the 257 * cancel flag in it. 258 */ 259 trace_xfs_buf_item_format_stale(bip); 260 ASSERT(blfp->blf_flags & XFS_BLF_CANCEL); 261 return; 262 } 263 264 265 /* 266 * Fill in an iovec for each set of contiguous chunks. 267 */ 268 last_bit = first_bit; 269 nbits = 1; 270 for (;;) { 271 /* 272 * This takes the bit number to start looking from and 273 * returns the next set bit from there. It returns -1 274 * if there are no more bits set or the start bit is 275 * beyond the end of the bitmap. 276 */ 277 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 278 (uint)last_bit + 1); 279 /* 280 * If we run out of bits fill in the last iovec and get out of 281 * the loop. Else if we start a new set of bits then fill in 282 * the iovec for the series we were looking at and start 283 * counting the bits in the new one. Else we're still in the 284 * same set of bits so just keep counting and scanning. 285 */ 286 if (next_bit == -1) { 287 xfs_buf_item_copy_iovec(lv, vecp, bp, offset, 288 first_bit, nbits); 289 blfp->blf_size++; 290 break; 291 } else if (next_bit != last_bit + 1 || 292 xfs_buf_item_straddle(bp, offset, next_bit, last_bit)) { 293 xfs_buf_item_copy_iovec(lv, vecp, bp, offset, 294 first_bit, nbits); 295 blfp->blf_size++; 296 first_bit = next_bit; 297 last_bit = next_bit; 298 nbits = 1; 299 } else { 300 last_bit++; 301 nbits++; 302 } 303 } 304 } 305 306 /* 307 * This is called to fill in the vector of log iovecs for the 308 * given log buf item. It fills the first entry with a buf log 309 * format structure, and the rest point to contiguous chunks 310 * within the buffer. 311 */ 312 STATIC void 313 xfs_buf_item_format( 314 struct xfs_log_item *lip, 315 struct xfs_log_vec *lv) 316 { 317 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 318 struct xfs_buf *bp = bip->bli_buf; 319 struct xfs_log_iovec *vecp = NULL; 320 uint offset = 0; 321 int i; 322 323 ASSERT(atomic_read(&bip->bli_refcount) > 0); 324 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) || 325 (bip->bli_flags & XFS_BLI_STALE)); 326 ASSERT((bip->bli_flags & XFS_BLI_STALE) || 327 (xfs_blft_from_flags(&bip->__bli_format) > XFS_BLFT_UNKNOWN_BUF 328 && xfs_blft_from_flags(&bip->__bli_format) < XFS_BLFT_MAX_BUF)); 329 ASSERT(!(bip->bli_flags & XFS_BLI_ORDERED) || 330 (bip->bli_flags & XFS_BLI_STALE)); 331 332 333 /* 334 * If it is an inode buffer, transfer the in-memory state to the 335 * format flags and clear the in-memory state. 336 * 337 * For buffer based inode allocation, we do not transfer 338 * this state if the inode buffer allocation has not yet been committed 339 * to the log as setting the XFS_BLI_INODE_BUF flag will prevent 340 * correct replay of the inode allocation. 341 * 342 * For icreate item based inode allocation, the buffers aren't written 343 * to the journal during allocation, and hence we should always tag the 344 * buffer as an inode buffer so that the correct unlinked list replay 345 * occurs during recovery. 346 */ 347 if (bip->bli_flags & XFS_BLI_INODE_BUF) { 348 if (xfs_sb_version_hascrc(&lip->li_mountp->m_sb) || 349 !((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) && 350 xfs_log_item_in_current_chkpt(lip))) 351 bip->__bli_format.blf_flags |= XFS_BLF_INODE_BUF; 352 bip->bli_flags &= ~XFS_BLI_INODE_BUF; 353 } 354 355 for (i = 0; i < bip->bli_format_count; i++) { 356 xfs_buf_item_format_segment(bip, lv, &vecp, offset, 357 &bip->bli_formats[i]); 358 offset += BBTOB(bp->b_maps[i].bm_len); 359 } 360 361 /* 362 * Check to make sure everything is consistent. 363 */ 364 trace_xfs_buf_item_format(bip); 365 } 366 367 /* 368 * This is called to pin the buffer associated with the buf log item in memory 369 * so it cannot be written out. 370 * 371 * We also always take a reference to the buffer log item here so that the bli 372 * is held while the item is pinned in memory. This means that we can 373 * unconditionally drop the reference count a transaction holds when the 374 * transaction is completed. 375 */ 376 STATIC void 377 xfs_buf_item_pin( 378 struct xfs_log_item *lip) 379 { 380 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 381 382 ASSERT(atomic_read(&bip->bli_refcount) > 0); 383 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) || 384 (bip->bli_flags & XFS_BLI_ORDERED) || 385 (bip->bli_flags & XFS_BLI_STALE)); 386 387 trace_xfs_buf_item_pin(bip); 388 389 atomic_inc(&bip->bli_refcount); 390 atomic_inc(&bip->bli_buf->b_pin_count); 391 } 392 393 /* 394 * This is called to unpin the buffer associated with the buf log 395 * item which was previously pinned with a call to xfs_buf_item_pin(). 396 * 397 * Also drop the reference to the buf item for the current transaction. 398 * If the XFS_BLI_STALE flag is set and we are the last reference, 399 * then free up the buf log item and unlock the buffer. 400 * 401 * If the remove flag is set we are called from uncommit in the 402 * forced-shutdown path. If that is true and the reference count on 403 * the log item is going to drop to zero we need to free the item's 404 * descriptor in the transaction. 405 */ 406 STATIC void 407 xfs_buf_item_unpin( 408 struct xfs_log_item *lip, 409 int remove) 410 { 411 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 412 xfs_buf_t *bp = bip->bli_buf; 413 struct xfs_ail *ailp = lip->li_ailp; 414 int stale = bip->bli_flags & XFS_BLI_STALE; 415 int freed; 416 417 ASSERT(bp->b_log_item == bip); 418 ASSERT(atomic_read(&bip->bli_refcount) > 0); 419 420 trace_xfs_buf_item_unpin(bip); 421 422 freed = atomic_dec_and_test(&bip->bli_refcount); 423 424 if (atomic_dec_and_test(&bp->b_pin_count)) 425 wake_up_all(&bp->b_waiters); 426 427 if (freed && stale) { 428 ASSERT(bip->bli_flags & XFS_BLI_STALE); 429 ASSERT(xfs_buf_islocked(bp)); 430 ASSERT(bp->b_flags & XBF_STALE); 431 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL); 432 433 trace_xfs_buf_item_unpin_stale(bip); 434 435 if (remove) { 436 /* 437 * If we are in a transaction context, we have to 438 * remove the log item from the transaction as we are 439 * about to release our reference to the buffer. If we 440 * don't, the unlock that occurs later in 441 * xfs_trans_uncommit() will try to reference the 442 * buffer which we no longer have a hold on. 443 */ 444 if (!list_empty(&lip->li_trans)) 445 xfs_trans_del_item(lip); 446 447 /* 448 * Since the transaction no longer refers to the buffer, 449 * the buffer should no longer refer to the transaction. 450 */ 451 bp->b_transp = NULL; 452 } 453 454 /* 455 * If we get called here because of an IO error, we may 456 * or may not have the item on the AIL. xfs_trans_ail_delete() 457 * will take care of that situation. 458 * xfs_trans_ail_delete() drops the AIL lock. 459 */ 460 if (bip->bli_flags & XFS_BLI_STALE_INODE) { 461 xfs_buf_do_callbacks(bp); 462 bp->b_log_item = NULL; 463 list_del_init(&bp->b_li_list); 464 bp->b_iodone = NULL; 465 } else { 466 spin_lock(&ailp->ail_lock); 467 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_LOG_IO_ERROR); 468 xfs_buf_item_relse(bp); 469 ASSERT(bp->b_log_item == NULL); 470 } 471 xfs_buf_relse(bp); 472 } else if (freed && remove) { 473 /* 474 * There are currently two references to the buffer - the active 475 * LRU reference and the buf log item. What we are about to do 476 * here - simulate a failed IO completion - requires 3 477 * references. 478 * 479 * The LRU reference is removed by the xfs_buf_stale() call. The 480 * buf item reference is removed by the xfs_buf_iodone() 481 * callback that is run by xfs_buf_do_callbacks() during ioend 482 * processing (via the bp->b_iodone callback), and then finally 483 * the ioend processing will drop the IO reference if the buffer 484 * is marked XBF_ASYNC. 485 * 486 * Hence we need to take an additional reference here so that IO 487 * completion processing doesn't free the buffer prematurely. 488 */ 489 xfs_buf_lock(bp); 490 xfs_buf_hold(bp); 491 bp->b_flags |= XBF_ASYNC; 492 xfs_buf_ioerror(bp, -EIO); 493 bp->b_flags &= ~XBF_DONE; 494 xfs_buf_stale(bp); 495 xfs_buf_ioend(bp); 496 } 497 } 498 499 /* 500 * Buffer IO error rate limiting. Limit it to no more than 10 messages per 30 501 * seconds so as to not spam logs too much on repeated detection of the same 502 * buffer being bad.. 503 */ 504 505 static DEFINE_RATELIMIT_STATE(xfs_buf_write_fail_rl_state, 30 * HZ, 10); 506 507 STATIC uint 508 xfs_buf_item_push( 509 struct xfs_log_item *lip, 510 struct list_head *buffer_list) 511 { 512 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 513 struct xfs_buf *bp = bip->bli_buf; 514 uint rval = XFS_ITEM_SUCCESS; 515 516 if (xfs_buf_ispinned(bp)) 517 return XFS_ITEM_PINNED; 518 if (!xfs_buf_trylock(bp)) { 519 /* 520 * If we have just raced with a buffer being pinned and it has 521 * been marked stale, we could end up stalling until someone else 522 * issues a log force to unpin the stale buffer. Check for the 523 * race condition here so xfsaild recognizes the buffer is pinned 524 * and queues a log force to move it along. 525 */ 526 if (xfs_buf_ispinned(bp)) 527 return XFS_ITEM_PINNED; 528 return XFS_ITEM_LOCKED; 529 } 530 531 ASSERT(!(bip->bli_flags & XFS_BLI_STALE)); 532 533 trace_xfs_buf_item_push(bip); 534 535 /* has a previous flush failed due to IO errors? */ 536 if ((bp->b_flags & XBF_WRITE_FAIL) && 537 ___ratelimit(&xfs_buf_write_fail_rl_state, "XFS: Failing async write")) { 538 xfs_warn(bp->b_mount, 539 "Failing async write on buffer block 0x%llx. Retrying async write.", 540 (long long)bp->b_bn); 541 } 542 543 if (!xfs_buf_delwri_queue(bp, buffer_list)) 544 rval = XFS_ITEM_FLUSHING; 545 xfs_buf_unlock(bp); 546 return rval; 547 } 548 549 /* 550 * Drop the buffer log item refcount and take appropriate action. This helper 551 * determines whether the bli must be freed or not, since a decrement to zero 552 * does not necessarily mean the bli is unused. 553 * 554 * Return true if the bli is freed, false otherwise. 555 */ 556 bool 557 xfs_buf_item_put( 558 struct xfs_buf_log_item *bip) 559 { 560 struct xfs_log_item *lip = &bip->bli_item; 561 bool aborted; 562 bool dirty; 563 564 /* drop the bli ref and return if it wasn't the last one */ 565 if (!atomic_dec_and_test(&bip->bli_refcount)) 566 return false; 567 568 /* 569 * We dropped the last ref and must free the item if clean or aborted. 570 * If the bli is dirty and non-aborted, the buffer was clean in the 571 * transaction but still awaiting writeback from previous changes. In 572 * that case, the bli is freed on buffer writeback completion. 573 */ 574 aborted = test_bit(XFS_LI_ABORTED, &lip->li_flags) || 575 XFS_FORCED_SHUTDOWN(lip->li_mountp); 576 dirty = bip->bli_flags & XFS_BLI_DIRTY; 577 if (dirty && !aborted) 578 return false; 579 580 /* 581 * The bli is aborted or clean. An aborted item may be in the AIL 582 * regardless of dirty state. For example, consider an aborted 583 * transaction that invalidated a dirty bli and cleared the dirty 584 * state. 585 */ 586 if (aborted) 587 xfs_trans_ail_remove(lip, SHUTDOWN_LOG_IO_ERROR); 588 xfs_buf_item_relse(bip->bli_buf); 589 return true; 590 } 591 592 /* 593 * Release the buffer associated with the buf log item. If there is no dirty 594 * logged data associated with the buffer recorded in the buf log item, then 595 * free the buf log item and remove the reference to it in the buffer. 596 * 597 * This call ignores the recursion count. It is only called when the buffer 598 * should REALLY be unlocked, regardless of the recursion count. 599 * 600 * We unconditionally drop the transaction's reference to the log item. If the 601 * item was logged, then another reference was taken when it was pinned, so we 602 * can safely drop the transaction reference now. This also allows us to avoid 603 * potential races with the unpin code freeing the bli by not referencing the 604 * bli after we've dropped the reference count. 605 * 606 * If the XFS_BLI_HOLD flag is set in the buf log item, then free the log item 607 * if necessary but do not unlock the buffer. This is for support of 608 * xfs_trans_bhold(). Make sure the XFS_BLI_HOLD field is cleared if we don't 609 * free the item. 610 */ 611 STATIC void 612 xfs_buf_item_release( 613 struct xfs_log_item *lip) 614 { 615 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 616 struct xfs_buf *bp = bip->bli_buf; 617 bool released; 618 bool hold = bip->bli_flags & XFS_BLI_HOLD; 619 bool stale = bip->bli_flags & XFS_BLI_STALE; 620 #if defined(DEBUG) || defined(XFS_WARN) 621 bool ordered = bip->bli_flags & XFS_BLI_ORDERED; 622 bool dirty = bip->bli_flags & XFS_BLI_DIRTY; 623 bool aborted = test_bit(XFS_LI_ABORTED, 624 &lip->li_flags); 625 #endif 626 627 trace_xfs_buf_item_release(bip); 628 629 /* 630 * The bli dirty state should match whether the blf has logged segments 631 * except for ordered buffers, where only the bli should be dirty. 632 */ 633 ASSERT((!ordered && dirty == xfs_buf_item_dirty_format(bip)) || 634 (ordered && dirty && !xfs_buf_item_dirty_format(bip))); 635 ASSERT(!stale || (bip->__bli_format.blf_flags & XFS_BLF_CANCEL)); 636 637 /* 638 * Clear the buffer's association with this transaction and 639 * per-transaction state from the bli, which has been copied above. 640 */ 641 bp->b_transp = NULL; 642 bip->bli_flags &= ~(XFS_BLI_LOGGED | XFS_BLI_HOLD | XFS_BLI_ORDERED); 643 644 /* 645 * Unref the item and unlock the buffer unless held or stale. Stale 646 * buffers remain locked until final unpin unless the bli is freed by 647 * the unref call. The latter implies shutdown because buffer 648 * invalidation dirties the bli and transaction. 649 */ 650 released = xfs_buf_item_put(bip); 651 if (hold || (stale && !released)) 652 return; 653 ASSERT(!stale || aborted); 654 xfs_buf_relse(bp); 655 } 656 657 STATIC void 658 xfs_buf_item_committing( 659 struct xfs_log_item *lip, 660 xfs_lsn_t commit_lsn) 661 { 662 return xfs_buf_item_release(lip); 663 } 664 665 /* 666 * This is called to find out where the oldest active copy of the 667 * buf log item in the on disk log resides now that the last log 668 * write of it completed at the given lsn. 669 * We always re-log all the dirty data in a buffer, so usually the 670 * latest copy in the on disk log is the only one that matters. For 671 * those cases we simply return the given lsn. 672 * 673 * The one exception to this is for buffers full of newly allocated 674 * inodes. These buffers are only relogged with the XFS_BLI_INODE_BUF 675 * flag set, indicating that only the di_next_unlinked fields from the 676 * inodes in the buffers will be replayed during recovery. If the 677 * original newly allocated inode images have not yet been flushed 678 * when the buffer is so relogged, then we need to make sure that we 679 * keep the old images in the 'active' portion of the log. We do this 680 * by returning the original lsn of that transaction here rather than 681 * the current one. 682 */ 683 STATIC xfs_lsn_t 684 xfs_buf_item_committed( 685 struct xfs_log_item *lip, 686 xfs_lsn_t lsn) 687 { 688 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 689 690 trace_xfs_buf_item_committed(bip); 691 692 if ((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) && lip->li_lsn != 0) 693 return lip->li_lsn; 694 return lsn; 695 } 696 697 static const struct xfs_item_ops xfs_buf_item_ops = { 698 .iop_size = xfs_buf_item_size, 699 .iop_format = xfs_buf_item_format, 700 .iop_pin = xfs_buf_item_pin, 701 .iop_unpin = xfs_buf_item_unpin, 702 .iop_release = xfs_buf_item_release, 703 .iop_committing = xfs_buf_item_committing, 704 .iop_committed = xfs_buf_item_committed, 705 .iop_push = xfs_buf_item_push, 706 }; 707 708 STATIC void 709 xfs_buf_item_get_format( 710 struct xfs_buf_log_item *bip, 711 int count) 712 { 713 ASSERT(bip->bli_formats == NULL); 714 bip->bli_format_count = count; 715 716 if (count == 1) { 717 bip->bli_formats = &bip->__bli_format; 718 return; 719 } 720 721 bip->bli_formats = kmem_zalloc(count * sizeof(struct xfs_buf_log_format), 722 0); 723 } 724 725 STATIC void 726 xfs_buf_item_free_format( 727 struct xfs_buf_log_item *bip) 728 { 729 if (bip->bli_formats != &bip->__bli_format) { 730 kmem_free(bip->bli_formats); 731 bip->bli_formats = NULL; 732 } 733 } 734 735 /* 736 * Allocate a new buf log item to go with the given buffer. 737 * Set the buffer's b_log_item field to point to the new 738 * buf log item. 739 */ 740 int 741 xfs_buf_item_init( 742 struct xfs_buf *bp, 743 struct xfs_mount *mp) 744 { 745 struct xfs_buf_log_item *bip = bp->b_log_item; 746 int chunks; 747 int map_size; 748 int i; 749 750 /* 751 * Check to see if there is already a buf log item for 752 * this buffer. If we do already have one, there is 753 * nothing to do here so return. 754 */ 755 ASSERT(bp->b_mount == mp); 756 if (bip) { 757 ASSERT(bip->bli_item.li_type == XFS_LI_BUF); 758 ASSERT(!bp->b_transp); 759 ASSERT(bip->bli_buf == bp); 760 return 0; 761 } 762 763 bip = kmem_zone_zalloc(xfs_buf_item_zone, 0); 764 xfs_log_item_init(mp, &bip->bli_item, XFS_LI_BUF, &xfs_buf_item_ops); 765 bip->bli_buf = bp; 766 767 /* 768 * chunks is the number of XFS_BLF_CHUNK size pieces the buffer 769 * can be divided into. Make sure not to truncate any pieces. 770 * map_size is the size of the bitmap needed to describe the 771 * chunks of the buffer. 772 * 773 * Discontiguous buffer support follows the layout of the underlying 774 * buffer. This makes the implementation as simple as possible. 775 */ 776 xfs_buf_item_get_format(bip, bp->b_map_count); 777 778 for (i = 0; i < bip->bli_format_count; i++) { 779 chunks = DIV_ROUND_UP(BBTOB(bp->b_maps[i].bm_len), 780 XFS_BLF_CHUNK); 781 map_size = DIV_ROUND_UP(chunks, NBWORD); 782 783 if (map_size > XFS_BLF_DATAMAP_SIZE) { 784 kmem_cache_free(xfs_buf_item_zone, bip); 785 xfs_err(mp, 786 "buffer item dirty bitmap (%u uints) too small to reflect %u bytes!", 787 map_size, 788 BBTOB(bp->b_maps[i].bm_len)); 789 return -EFSCORRUPTED; 790 } 791 792 bip->bli_formats[i].blf_type = XFS_LI_BUF; 793 bip->bli_formats[i].blf_blkno = bp->b_maps[i].bm_bn; 794 bip->bli_formats[i].blf_len = bp->b_maps[i].bm_len; 795 bip->bli_formats[i].blf_map_size = map_size; 796 } 797 798 bp->b_log_item = bip; 799 xfs_buf_hold(bp); 800 return 0; 801 } 802 803 804 /* 805 * Mark bytes first through last inclusive as dirty in the buf 806 * item's bitmap. 807 */ 808 static void 809 xfs_buf_item_log_segment( 810 uint first, 811 uint last, 812 uint *map) 813 { 814 uint first_bit; 815 uint last_bit; 816 uint bits_to_set; 817 uint bits_set; 818 uint word_num; 819 uint *wordp; 820 uint bit; 821 uint end_bit; 822 uint mask; 823 824 ASSERT(first < XFS_BLF_DATAMAP_SIZE * XFS_BLF_CHUNK * NBWORD); 825 ASSERT(last < XFS_BLF_DATAMAP_SIZE * XFS_BLF_CHUNK * NBWORD); 826 827 /* 828 * Convert byte offsets to bit numbers. 829 */ 830 first_bit = first >> XFS_BLF_SHIFT; 831 last_bit = last >> XFS_BLF_SHIFT; 832 833 /* 834 * Calculate the total number of bits to be set. 835 */ 836 bits_to_set = last_bit - first_bit + 1; 837 838 /* 839 * Get a pointer to the first word in the bitmap 840 * to set a bit in. 841 */ 842 word_num = first_bit >> BIT_TO_WORD_SHIFT; 843 wordp = &map[word_num]; 844 845 /* 846 * Calculate the starting bit in the first word. 847 */ 848 bit = first_bit & (uint)(NBWORD - 1); 849 850 /* 851 * First set any bits in the first word of our range. 852 * If it starts at bit 0 of the word, it will be 853 * set below rather than here. That is what the variable 854 * bit tells us. The variable bits_set tracks the number 855 * of bits that have been set so far. End_bit is the number 856 * of the last bit to be set in this word plus one. 857 */ 858 if (bit) { 859 end_bit = min(bit + bits_to_set, (uint)NBWORD); 860 mask = ((1U << (end_bit - bit)) - 1) << bit; 861 *wordp |= mask; 862 wordp++; 863 bits_set = end_bit - bit; 864 } else { 865 bits_set = 0; 866 } 867 868 /* 869 * Now set bits a whole word at a time that are between 870 * first_bit and last_bit. 871 */ 872 while ((bits_to_set - bits_set) >= NBWORD) { 873 *wordp = 0xffffffff; 874 bits_set += NBWORD; 875 wordp++; 876 } 877 878 /* 879 * Finally, set any bits left to be set in one last partial word. 880 */ 881 end_bit = bits_to_set - bits_set; 882 if (end_bit) { 883 mask = (1U << end_bit) - 1; 884 *wordp |= mask; 885 } 886 } 887 888 /* 889 * Mark bytes first through last inclusive as dirty in the buf 890 * item's bitmap. 891 */ 892 void 893 xfs_buf_item_log( 894 struct xfs_buf_log_item *bip, 895 uint first, 896 uint last) 897 { 898 int i; 899 uint start; 900 uint end; 901 struct xfs_buf *bp = bip->bli_buf; 902 903 /* 904 * walk each buffer segment and mark them dirty appropriately. 905 */ 906 start = 0; 907 for (i = 0; i < bip->bli_format_count; i++) { 908 if (start > last) 909 break; 910 end = start + BBTOB(bp->b_maps[i].bm_len) - 1; 911 912 /* skip to the map that includes the first byte to log */ 913 if (first > end) { 914 start += BBTOB(bp->b_maps[i].bm_len); 915 continue; 916 } 917 918 /* 919 * Trim the range to this segment and mark it in the bitmap. 920 * Note that we must convert buffer offsets to segment relative 921 * offsets (e.g., the first byte of each segment is byte 0 of 922 * that segment). 923 */ 924 if (first < start) 925 first = start; 926 if (end > last) 927 end = last; 928 xfs_buf_item_log_segment(first - start, end - start, 929 &bip->bli_formats[i].blf_data_map[0]); 930 931 start += BBTOB(bp->b_maps[i].bm_len); 932 } 933 } 934 935 936 /* 937 * Return true if the buffer has any ranges logged/dirtied by a transaction, 938 * false otherwise. 939 */ 940 bool 941 xfs_buf_item_dirty_format( 942 struct xfs_buf_log_item *bip) 943 { 944 int i; 945 946 for (i = 0; i < bip->bli_format_count; i++) { 947 if (!xfs_bitmap_empty(bip->bli_formats[i].blf_data_map, 948 bip->bli_formats[i].blf_map_size)) 949 return true; 950 } 951 952 return false; 953 } 954 955 STATIC void 956 xfs_buf_item_free( 957 struct xfs_buf_log_item *bip) 958 { 959 xfs_buf_item_free_format(bip); 960 kmem_free(bip->bli_item.li_lv_shadow); 961 kmem_cache_free(xfs_buf_item_zone, bip); 962 } 963 964 /* 965 * This is called when the buf log item is no longer needed. It should 966 * free the buf log item associated with the given buffer and clear 967 * the buffer's pointer to the buf log item. If there are no more 968 * items in the list, clear the b_iodone field of the buffer (see 969 * xfs_buf_attach_iodone() below). 970 */ 971 void 972 xfs_buf_item_relse( 973 xfs_buf_t *bp) 974 { 975 struct xfs_buf_log_item *bip = bp->b_log_item; 976 977 trace_xfs_buf_item_relse(bp, _RET_IP_); 978 ASSERT(!test_bit(XFS_LI_IN_AIL, &bip->bli_item.li_flags)); 979 980 bp->b_log_item = NULL; 981 if (list_empty(&bp->b_li_list)) 982 bp->b_iodone = NULL; 983 984 xfs_buf_rele(bp); 985 xfs_buf_item_free(bip); 986 } 987 988 989 /* 990 * Add the given log item with its callback to the list of callbacks 991 * to be called when the buffer's I/O completes. If it is not set 992 * already, set the buffer's b_iodone() routine to be 993 * xfs_buf_iodone_callbacks() and link the log item into the list of 994 * items rooted at b_li_list. 995 */ 996 void 997 xfs_buf_attach_iodone( 998 struct xfs_buf *bp, 999 void (*cb)(struct xfs_buf *, struct xfs_log_item *), 1000 struct xfs_log_item *lip) 1001 { 1002 ASSERT(xfs_buf_islocked(bp)); 1003 1004 lip->li_cb = cb; 1005 list_add_tail(&lip->li_bio_list, &bp->b_li_list); 1006 1007 ASSERT(bp->b_iodone == NULL || 1008 bp->b_iodone == xfs_buf_iodone_callbacks); 1009 bp->b_iodone = xfs_buf_iodone_callbacks; 1010 } 1011 1012 /* 1013 * We can have many callbacks on a buffer. Running the callbacks individually 1014 * can cause a lot of contention on the AIL lock, so we allow for a single 1015 * callback to be able to scan the remaining items in bp->b_li_list for other 1016 * items of the same type and callback to be processed in the first call. 1017 * 1018 * As a result, the loop walking the callback list below will also modify the 1019 * list. it removes the first item from the list and then runs the callback. 1020 * The loop then restarts from the new first item int the list. This allows the 1021 * callback to scan and modify the list attached to the buffer and we don't 1022 * have to care about maintaining a next item pointer. 1023 */ 1024 STATIC void 1025 xfs_buf_do_callbacks( 1026 struct xfs_buf *bp) 1027 { 1028 struct xfs_buf_log_item *blip = bp->b_log_item; 1029 struct xfs_log_item *lip; 1030 1031 /* If there is a buf_log_item attached, run its callback */ 1032 if (blip) { 1033 lip = &blip->bli_item; 1034 lip->li_cb(bp, lip); 1035 } 1036 1037 while (!list_empty(&bp->b_li_list)) { 1038 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item, 1039 li_bio_list); 1040 1041 /* 1042 * Remove the item from the list, so we don't have any 1043 * confusion if the item is added to another buf. 1044 * Don't touch the log item after calling its 1045 * callback, because it could have freed itself. 1046 */ 1047 list_del_init(&lip->li_bio_list); 1048 lip->li_cb(bp, lip); 1049 } 1050 } 1051 1052 /* 1053 * Invoke the error state callback for each log item affected by the failed I/O. 1054 * 1055 * If a metadata buffer write fails with a non-permanent error, the buffer is 1056 * eventually resubmitted and so the completion callbacks are not run. The error 1057 * state may need to be propagated to the log items attached to the buffer, 1058 * however, so the next AIL push of the item knows hot to handle it correctly. 1059 */ 1060 STATIC void 1061 xfs_buf_do_callbacks_fail( 1062 struct xfs_buf *bp) 1063 { 1064 struct xfs_log_item *lip; 1065 struct xfs_ail *ailp; 1066 1067 /* 1068 * Buffer log item errors are handled directly by xfs_buf_item_push() 1069 * and xfs_buf_iodone_callback_error, and they have no IO error 1070 * callbacks. Check only for items in b_li_list. 1071 */ 1072 if (list_empty(&bp->b_li_list)) 1073 return; 1074 1075 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item, 1076 li_bio_list); 1077 ailp = lip->li_ailp; 1078 spin_lock(&ailp->ail_lock); 1079 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) { 1080 if (lip->li_ops->iop_error) 1081 lip->li_ops->iop_error(lip, bp); 1082 } 1083 spin_unlock(&ailp->ail_lock); 1084 } 1085 1086 static bool 1087 xfs_buf_iodone_callback_error( 1088 struct xfs_buf *bp) 1089 { 1090 struct xfs_buf_log_item *bip = bp->b_log_item; 1091 struct xfs_log_item *lip; 1092 struct xfs_mount *mp; 1093 static ulong lasttime; 1094 static xfs_buftarg_t *lasttarg; 1095 struct xfs_error_cfg *cfg; 1096 1097 /* 1098 * The failed buffer might not have a buf_log_item attached or the 1099 * log_item list might be empty. Get the mp from the available 1100 * xfs_log_item 1101 */ 1102 lip = list_first_entry_or_null(&bp->b_li_list, struct xfs_log_item, 1103 li_bio_list); 1104 mp = lip ? lip->li_mountp : bip->bli_item.li_mountp; 1105 1106 /* 1107 * If we've already decided to shutdown the filesystem because of 1108 * I/O errors, there's no point in giving this a retry. 1109 */ 1110 if (XFS_FORCED_SHUTDOWN(mp)) 1111 goto out_stale; 1112 1113 if (bp->b_target != lasttarg || 1114 time_after(jiffies, (lasttime + 5*HZ))) { 1115 lasttime = jiffies; 1116 xfs_buf_ioerror_alert(bp, __this_address); 1117 } 1118 lasttarg = bp->b_target; 1119 1120 /* synchronous writes will have callers process the error */ 1121 if (!(bp->b_flags & XBF_ASYNC)) 1122 goto out_stale; 1123 1124 trace_xfs_buf_item_iodone_async(bp, _RET_IP_); 1125 ASSERT(bp->b_iodone != NULL); 1126 1127 cfg = xfs_error_get_cfg(mp, XFS_ERR_METADATA, bp->b_error); 1128 1129 /* 1130 * If the write was asynchronous then no one will be looking for the 1131 * error. If this is the first failure of this type, clear the error 1132 * state and write the buffer out again. This means we always retry an 1133 * async write failure at least once, but we also need to set the buffer 1134 * up to behave correctly now for repeated failures. 1135 */ 1136 if (!(bp->b_flags & (XBF_STALE | XBF_WRITE_FAIL)) || 1137 bp->b_last_error != bp->b_error) { 1138 bp->b_flags |= (XBF_WRITE | XBF_DONE | XBF_WRITE_FAIL); 1139 bp->b_last_error = bp->b_error; 1140 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER && 1141 !bp->b_first_retry_time) 1142 bp->b_first_retry_time = jiffies; 1143 1144 xfs_buf_ioerror(bp, 0); 1145 xfs_buf_submit(bp); 1146 return true; 1147 } 1148 1149 /* 1150 * Repeated failure on an async write. Take action according to the 1151 * error configuration we have been set up to use. 1152 */ 1153 1154 if (cfg->max_retries != XFS_ERR_RETRY_FOREVER && 1155 ++bp->b_retries > cfg->max_retries) 1156 goto permanent_error; 1157 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER && 1158 time_after(jiffies, cfg->retry_timeout + bp->b_first_retry_time)) 1159 goto permanent_error; 1160 1161 /* At unmount we may treat errors differently */ 1162 if ((mp->m_flags & XFS_MOUNT_UNMOUNTING) && mp->m_fail_unmount) 1163 goto permanent_error; 1164 1165 /* 1166 * Still a transient error, run IO completion failure callbacks and let 1167 * the higher layers retry the buffer. 1168 */ 1169 xfs_buf_do_callbacks_fail(bp); 1170 xfs_buf_ioerror(bp, 0); 1171 xfs_buf_relse(bp); 1172 return true; 1173 1174 /* 1175 * Permanent error - we need to trigger a shutdown if we haven't already 1176 * to indicate that inconsistency will result from this action. 1177 */ 1178 permanent_error: 1179 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR); 1180 out_stale: 1181 xfs_buf_stale(bp); 1182 bp->b_flags |= XBF_DONE; 1183 trace_xfs_buf_error_relse(bp, _RET_IP_); 1184 return false; 1185 } 1186 1187 /* 1188 * This is the iodone() function for buffers which have had callbacks attached 1189 * to them by xfs_buf_attach_iodone(). We need to iterate the items on the 1190 * callback list, mark the buffer as having no more callbacks and then push the 1191 * buffer through IO completion processing. 1192 */ 1193 void 1194 xfs_buf_iodone_callbacks( 1195 struct xfs_buf *bp) 1196 { 1197 /* 1198 * If there is an error, process it. Some errors require us 1199 * to run callbacks after failure processing is done so we 1200 * detect that and take appropriate action. 1201 */ 1202 if (bp->b_error && xfs_buf_iodone_callback_error(bp)) 1203 return; 1204 1205 /* 1206 * Successful IO or permanent error. Either way, we can clear the 1207 * retry state here in preparation for the next error that may occur. 1208 */ 1209 bp->b_last_error = 0; 1210 bp->b_retries = 0; 1211 bp->b_first_retry_time = 0; 1212 1213 xfs_buf_do_callbacks(bp); 1214 bp->b_log_item = NULL; 1215 list_del_init(&bp->b_li_list); 1216 bp->b_iodone = NULL; 1217 xfs_buf_ioend(bp); 1218 } 1219 1220 /* 1221 * This is the iodone() function for buffers which have been 1222 * logged. It is called when they are eventually flushed out. 1223 * It should remove the buf item from the AIL, and free the buf item. 1224 * It is called by xfs_buf_iodone_callbacks() above which will take 1225 * care of cleaning up the buffer itself. 1226 */ 1227 void 1228 xfs_buf_iodone( 1229 struct xfs_buf *bp, 1230 struct xfs_log_item *lip) 1231 { 1232 struct xfs_ail *ailp = lip->li_ailp; 1233 1234 ASSERT(BUF_ITEM(lip)->bli_buf == bp); 1235 1236 xfs_buf_rele(bp); 1237 1238 /* 1239 * If we are forcibly shutting down, this may well be 1240 * off the AIL already. That's because we simulate the 1241 * log-committed callbacks to unpin these buffers. Or we may never 1242 * have put this item on AIL because of the transaction was 1243 * aborted forcibly. xfs_trans_ail_delete() takes care of these. 1244 * 1245 * Either way, AIL is useless if we're forcing a shutdown. 1246 */ 1247 spin_lock(&ailp->ail_lock); 1248 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_CORRUPT_INCORE); 1249 xfs_buf_item_free(BUF_ITEM(lip)); 1250 } 1251 1252 /* 1253 * Requeue a failed buffer for writeback. 1254 * 1255 * We clear the log item failed state here as well, but we have to be careful 1256 * about reference counts because the only active reference counts on the buffer 1257 * may be the failed log items. Hence if we clear the log item failed state 1258 * before queuing the buffer for IO we can release all active references to 1259 * the buffer and free it, leading to use after free problems in 1260 * xfs_buf_delwri_queue. It makes no difference to the buffer or log items which 1261 * order we process them in - the buffer is locked, and we own the buffer list 1262 * so nothing on them is going to change while we are performing this action. 1263 * 1264 * Hence we can safely queue the buffer for IO before we clear the failed log 1265 * item state, therefore always having an active reference to the buffer and 1266 * avoiding the transient zero-reference state that leads to use-after-free. 1267 * 1268 * Return true if the buffer was added to the buffer list, false if it was 1269 * already on the buffer list. 1270 */ 1271 bool 1272 xfs_buf_resubmit_failed_buffers( 1273 struct xfs_buf *bp, 1274 struct list_head *buffer_list) 1275 { 1276 struct xfs_log_item *lip; 1277 bool ret; 1278 1279 ret = xfs_buf_delwri_queue(bp, buffer_list); 1280 1281 /* 1282 * XFS_LI_FAILED set/clear is protected by ail_lock, caller of this 1283 * function already have it acquired 1284 */ 1285 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) 1286 xfs_clear_li_failed(lip); 1287 1288 return ret; 1289 } 1290