1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6 #include "xfs.h" 7 #include "xfs_fs.h" 8 #include "xfs_format.h" 9 #include "xfs_log_format.h" 10 #include "xfs_trans_resv.h" 11 #include "xfs_bit.h" 12 #include "xfs_sb.h" 13 #include "xfs_mount.h" 14 #include "xfs_trans.h" 15 #include "xfs_buf_item.h" 16 #include "xfs_trans_priv.h" 17 #include "xfs_error.h" 18 #include "xfs_trace.h" 19 #include "xfs_log.h" 20 #include "xfs_inode.h" 21 22 23 kmem_zone_t *xfs_buf_item_zone; 24 25 static inline struct xfs_buf_log_item *BUF_ITEM(struct xfs_log_item *lip) 26 { 27 return container_of(lip, struct xfs_buf_log_item, bli_item); 28 } 29 30 STATIC void xfs_buf_do_callbacks(struct xfs_buf *bp); 31 32 static inline int 33 xfs_buf_log_format_size( 34 struct xfs_buf_log_format *blfp) 35 { 36 return offsetof(struct xfs_buf_log_format, blf_data_map) + 37 (blfp->blf_map_size * sizeof(blfp->blf_data_map[0])); 38 } 39 40 /* 41 * This returns the number of log iovecs needed to log the 42 * given buf log item. 43 * 44 * It calculates this as 1 iovec for the buf log format structure 45 * and 1 for each stretch of non-contiguous chunks to be logged. 46 * Contiguous chunks are logged in a single iovec. 47 * 48 * If the XFS_BLI_STALE flag has been set, then log nothing. 49 */ 50 STATIC void 51 xfs_buf_item_size_segment( 52 struct xfs_buf_log_item *bip, 53 struct xfs_buf_log_format *blfp, 54 int *nvecs, 55 int *nbytes) 56 { 57 struct xfs_buf *bp = bip->bli_buf; 58 int next_bit; 59 int last_bit; 60 61 last_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0); 62 if (last_bit == -1) 63 return; 64 65 /* 66 * initial count for a dirty buffer is 2 vectors - the format structure 67 * and the first dirty region. 68 */ 69 *nvecs += 2; 70 *nbytes += xfs_buf_log_format_size(blfp) + XFS_BLF_CHUNK; 71 72 while (last_bit != -1) { 73 /* 74 * This takes the bit number to start looking from and 75 * returns the next set bit from there. It returns -1 76 * if there are no more bits set or the start bit is 77 * beyond the end of the bitmap. 78 */ 79 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 80 last_bit + 1); 81 /* 82 * If we run out of bits, leave the loop, 83 * else if we find a new set of bits bump the number of vecs, 84 * else keep scanning the current set of bits. 85 */ 86 if (next_bit == -1) { 87 break; 88 } else if (next_bit != last_bit + 1) { 89 last_bit = next_bit; 90 (*nvecs)++; 91 } else if (xfs_buf_offset(bp, next_bit * XFS_BLF_CHUNK) != 92 (xfs_buf_offset(bp, last_bit * XFS_BLF_CHUNK) + 93 XFS_BLF_CHUNK)) { 94 last_bit = next_bit; 95 (*nvecs)++; 96 } else { 97 last_bit++; 98 } 99 *nbytes += XFS_BLF_CHUNK; 100 } 101 } 102 103 /* 104 * This returns the number of log iovecs needed to log the given buf log item. 105 * 106 * It calculates this as 1 iovec for the buf log format structure and 1 for each 107 * stretch of non-contiguous chunks to be logged. Contiguous chunks are logged 108 * in a single iovec. 109 * 110 * Discontiguous buffers need a format structure per region that that is being 111 * logged. This makes the changes in the buffer appear to log recovery as though 112 * they came from separate buffers, just like would occur if multiple buffers 113 * were used instead of a single discontiguous buffer. This enables 114 * discontiguous buffers to be in-memory constructs, completely transparent to 115 * what ends up on disk. 116 * 117 * If the XFS_BLI_STALE flag has been set, then log nothing but the buf log 118 * format structures. 119 */ 120 STATIC void 121 xfs_buf_item_size( 122 struct xfs_log_item *lip, 123 int *nvecs, 124 int *nbytes) 125 { 126 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 127 int i; 128 129 ASSERT(atomic_read(&bip->bli_refcount) > 0); 130 if (bip->bli_flags & XFS_BLI_STALE) { 131 /* 132 * The buffer is stale, so all we need to log 133 * is the buf log format structure with the 134 * cancel flag in it. 135 */ 136 trace_xfs_buf_item_size_stale(bip); 137 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL); 138 *nvecs += bip->bli_format_count; 139 for (i = 0; i < bip->bli_format_count; i++) { 140 *nbytes += xfs_buf_log_format_size(&bip->bli_formats[i]); 141 } 142 return; 143 } 144 145 ASSERT(bip->bli_flags & XFS_BLI_LOGGED); 146 147 if (bip->bli_flags & XFS_BLI_ORDERED) { 148 /* 149 * The buffer has been logged just to order it. 150 * It is not being included in the transaction 151 * commit, so no vectors are used at all. 152 */ 153 trace_xfs_buf_item_size_ordered(bip); 154 *nvecs = XFS_LOG_VEC_ORDERED; 155 return; 156 } 157 158 /* 159 * the vector count is based on the number of buffer vectors we have 160 * dirty bits in. This will only be greater than one when we have a 161 * compound buffer with more than one segment dirty. Hence for compound 162 * buffers we need to track which segment the dirty bits correspond to, 163 * and when we move from one segment to the next increment the vector 164 * count for the extra buf log format structure that will need to be 165 * written. 166 */ 167 for (i = 0; i < bip->bli_format_count; i++) { 168 xfs_buf_item_size_segment(bip, &bip->bli_formats[i], 169 nvecs, nbytes); 170 } 171 trace_xfs_buf_item_size(bip); 172 } 173 174 static inline void 175 xfs_buf_item_copy_iovec( 176 struct xfs_log_vec *lv, 177 struct xfs_log_iovec **vecp, 178 struct xfs_buf *bp, 179 uint offset, 180 int first_bit, 181 uint nbits) 182 { 183 offset += first_bit * XFS_BLF_CHUNK; 184 xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BCHUNK, 185 xfs_buf_offset(bp, offset), 186 nbits * XFS_BLF_CHUNK); 187 } 188 189 static inline bool 190 xfs_buf_item_straddle( 191 struct xfs_buf *bp, 192 uint offset, 193 int next_bit, 194 int last_bit) 195 { 196 return xfs_buf_offset(bp, offset + (next_bit << XFS_BLF_SHIFT)) != 197 (xfs_buf_offset(bp, offset + (last_bit << XFS_BLF_SHIFT)) + 198 XFS_BLF_CHUNK); 199 } 200 201 static void 202 xfs_buf_item_format_segment( 203 struct xfs_buf_log_item *bip, 204 struct xfs_log_vec *lv, 205 struct xfs_log_iovec **vecp, 206 uint offset, 207 struct xfs_buf_log_format *blfp) 208 { 209 struct xfs_buf *bp = bip->bli_buf; 210 uint base_size; 211 int first_bit; 212 int last_bit; 213 int next_bit; 214 uint nbits; 215 216 /* copy the flags across from the base format item */ 217 blfp->blf_flags = bip->__bli_format.blf_flags; 218 219 /* 220 * Base size is the actual size of the ondisk structure - it reflects 221 * the actual size of the dirty bitmap rather than the size of the in 222 * memory structure. 223 */ 224 base_size = xfs_buf_log_format_size(blfp); 225 226 first_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0); 227 if (!(bip->bli_flags & XFS_BLI_STALE) && first_bit == -1) { 228 /* 229 * If the map is not be dirty in the transaction, mark 230 * the size as zero and do not advance the vector pointer. 231 */ 232 return; 233 } 234 235 blfp = xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BFORMAT, blfp, base_size); 236 blfp->blf_size = 1; 237 238 if (bip->bli_flags & XFS_BLI_STALE) { 239 /* 240 * The buffer is stale, so all we need to log 241 * is the buf log format structure with the 242 * cancel flag in it. 243 */ 244 trace_xfs_buf_item_format_stale(bip); 245 ASSERT(blfp->blf_flags & XFS_BLF_CANCEL); 246 return; 247 } 248 249 250 /* 251 * Fill in an iovec for each set of contiguous chunks. 252 */ 253 last_bit = first_bit; 254 nbits = 1; 255 for (;;) { 256 /* 257 * This takes the bit number to start looking from and 258 * returns the next set bit from there. It returns -1 259 * if there are no more bits set or the start bit is 260 * beyond the end of the bitmap. 261 */ 262 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 263 (uint)last_bit + 1); 264 /* 265 * If we run out of bits fill in the last iovec and get out of 266 * the loop. Else if we start a new set of bits then fill in 267 * the iovec for the series we were looking at and start 268 * counting the bits in the new one. Else we're still in the 269 * same set of bits so just keep counting and scanning. 270 */ 271 if (next_bit == -1) { 272 xfs_buf_item_copy_iovec(lv, vecp, bp, offset, 273 first_bit, nbits); 274 blfp->blf_size++; 275 break; 276 } else if (next_bit != last_bit + 1 || 277 xfs_buf_item_straddle(bp, offset, next_bit, last_bit)) { 278 xfs_buf_item_copy_iovec(lv, vecp, bp, offset, 279 first_bit, nbits); 280 blfp->blf_size++; 281 first_bit = next_bit; 282 last_bit = next_bit; 283 nbits = 1; 284 } else { 285 last_bit++; 286 nbits++; 287 } 288 } 289 } 290 291 /* 292 * This is called to fill in the vector of log iovecs for the 293 * given log buf item. It fills the first entry with a buf log 294 * format structure, and the rest point to contiguous chunks 295 * within the buffer. 296 */ 297 STATIC void 298 xfs_buf_item_format( 299 struct xfs_log_item *lip, 300 struct xfs_log_vec *lv) 301 { 302 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 303 struct xfs_buf *bp = bip->bli_buf; 304 struct xfs_log_iovec *vecp = NULL; 305 uint offset = 0; 306 int i; 307 308 ASSERT(atomic_read(&bip->bli_refcount) > 0); 309 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) || 310 (bip->bli_flags & XFS_BLI_STALE)); 311 ASSERT((bip->bli_flags & XFS_BLI_STALE) || 312 (xfs_blft_from_flags(&bip->__bli_format) > XFS_BLFT_UNKNOWN_BUF 313 && xfs_blft_from_flags(&bip->__bli_format) < XFS_BLFT_MAX_BUF)); 314 ASSERT(!(bip->bli_flags & XFS_BLI_ORDERED) || 315 (bip->bli_flags & XFS_BLI_STALE)); 316 317 318 /* 319 * If it is an inode buffer, transfer the in-memory state to the 320 * format flags and clear the in-memory state. 321 * 322 * For buffer based inode allocation, we do not transfer 323 * this state if the inode buffer allocation has not yet been committed 324 * to the log as setting the XFS_BLI_INODE_BUF flag will prevent 325 * correct replay of the inode allocation. 326 * 327 * For icreate item based inode allocation, the buffers aren't written 328 * to the journal during allocation, and hence we should always tag the 329 * buffer as an inode buffer so that the correct unlinked list replay 330 * occurs during recovery. 331 */ 332 if (bip->bli_flags & XFS_BLI_INODE_BUF) { 333 if (xfs_sb_version_hascrc(&lip->li_mountp->m_sb) || 334 !((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) && 335 xfs_log_item_in_current_chkpt(lip))) 336 bip->__bli_format.blf_flags |= XFS_BLF_INODE_BUF; 337 bip->bli_flags &= ~XFS_BLI_INODE_BUF; 338 } 339 340 for (i = 0; i < bip->bli_format_count; i++) { 341 xfs_buf_item_format_segment(bip, lv, &vecp, offset, 342 &bip->bli_formats[i]); 343 offset += BBTOB(bp->b_maps[i].bm_len); 344 } 345 346 /* 347 * Check to make sure everything is consistent. 348 */ 349 trace_xfs_buf_item_format(bip); 350 } 351 352 /* 353 * This is called to pin the buffer associated with the buf log item in memory 354 * so it cannot be written out. 355 * 356 * We also always take a reference to the buffer log item here so that the bli 357 * is held while the item is pinned in memory. This means that we can 358 * unconditionally drop the reference count a transaction holds when the 359 * transaction is completed. 360 */ 361 STATIC void 362 xfs_buf_item_pin( 363 struct xfs_log_item *lip) 364 { 365 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 366 367 ASSERT(atomic_read(&bip->bli_refcount) > 0); 368 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) || 369 (bip->bli_flags & XFS_BLI_ORDERED) || 370 (bip->bli_flags & XFS_BLI_STALE)); 371 372 trace_xfs_buf_item_pin(bip); 373 374 atomic_inc(&bip->bli_refcount); 375 atomic_inc(&bip->bli_buf->b_pin_count); 376 } 377 378 /* 379 * This is called to unpin the buffer associated with the buf log 380 * item which was previously pinned with a call to xfs_buf_item_pin(). 381 * 382 * Also drop the reference to the buf item for the current transaction. 383 * If the XFS_BLI_STALE flag is set and we are the last reference, 384 * then free up the buf log item and unlock the buffer. 385 * 386 * If the remove flag is set we are called from uncommit in the 387 * forced-shutdown path. If that is true and the reference count on 388 * the log item is going to drop to zero we need to free the item's 389 * descriptor in the transaction. 390 */ 391 STATIC void 392 xfs_buf_item_unpin( 393 struct xfs_log_item *lip, 394 int remove) 395 { 396 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 397 xfs_buf_t *bp = bip->bli_buf; 398 struct xfs_ail *ailp = lip->li_ailp; 399 int stale = bip->bli_flags & XFS_BLI_STALE; 400 int freed; 401 402 ASSERT(bp->b_log_item == bip); 403 ASSERT(atomic_read(&bip->bli_refcount) > 0); 404 405 trace_xfs_buf_item_unpin(bip); 406 407 freed = atomic_dec_and_test(&bip->bli_refcount); 408 409 if (atomic_dec_and_test(&bp->b_pin_count)) 410 wake_up_all(&bp->b_waiters); 411 412 if (freed && stale) { 413 ASSERT(bip->bli_flags & XFS_BLI_STALE); 414 ASSERT(xfs_buf_islocked(bp)); 415 ASSERT(bp->b_flags & XBF_STALE); 416 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL); 417 418 trace_xfs_buf_item_unpin_stale(bip); 419 420 if (remove) { 421 /* 422 * If we are in a transaction context, we have to 423 * remove the log item from the transaction as we are 424 * about to release our reference to the buffer. If we 425 * don't, the unlock that occurs later in 426 * xfs_trans_uncommit() will try to reference the 427 * buffer which we no longer have a hold on. 428 */ 429 if (!list_empty(&lip->li_trans)) 430 xfs_trans_del_item(lip); 431 432 /* 433 * Since the transaction no longer refers to the buffer, 434 * the buffer should no longer refer to the transaction. 435 */ 436 bp->b_transp = NULL; 437 } 438 439 /* 440 * If we get called here because of an IO error, we may 441 * or may not have the item on the AIL. xfs_trans_ail_delete() 442 * will take care of that situation. 443 * xfs_trans_ail_delete() drops the AIL lock. 444 */ 445 if (bip->bli_flags & XFS_BLI_STALE_INODE) { 446 xfs_buf_do_callbacks(bp); 447 bp->b_log_item = NULL; 448 list_del_init(&bp->b_li_list); 449 bp->b_iodone = NULL; 450 } else { 451 spin_lock(&ailp->ail_lock); 452 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_LOG_IO_ERROR); 453 xfs_buf_item_relse(bp); 454 ASSERT(bp->b_log_item == NULL); 455 } 456 xfs_buf_relse(bp); 457 } else if (freed && remove) { 458 /* 459 * There are currently two references to the buffer - the active 460 * LRU reference and the buf log item. What we are about to do 461 * here - simulate a failed IO completion - requires 3 462 * references. 463 * 464 * The LRU reference is removed by the xfs_buf_stale() call. The 465 * buf item reference is removed by the xfs_buf_iodone() 466 * callback that is run by xfs_buf_do_callbacks() during ioend 467 * processing (via the bp->b_iodone callback), and then finally 468 * the ioend processing will drop the IO reference if the buffer 469 * is marked XBF_ASYNC. 470 * 471 * Hence we need to take an additional reference here so that IO 472 * completion processing doesn't free the buffer prematurely. 473 */ 474 xfs_buf_lock(bp); 475 xfs_buf_hold(bp); 476 bp->b_flags |= XBF_ASYNC; 477 xfs_buf_ioerror(bp, -EIO); 478 bp->b_flags &= ~XBF_DONE; 479 xfs_buf_stale(bp); 480 xfs_buf_ioend(bp); 481 } 482 } 483 484 /* 485 * Buffer IO error rate limiting. Limit it to no more than 10 messages per 30 486 * seconds so as to not spam logs too much on repeated detection of the same 487 * buffer being bad.. 488 */ 489 490 static DEFINE_RATELIMIT_STATE(xfs_buf_write_fail_rl_state, 30 * HZ, 10); 491 492 STATIC uint 493 xfs_buf_item_push( 494 struct xfs_log_item *lip, 495 struct list_head *buffer_list) 496 { 497 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 498 struct xfs_buf *bp = bip->bli_buf; 499 uint rval = XFS_ITEM_SUCCESS; 500 501 if (xfs_buf_ispinned(bp)) 502 return XFS_ITEM_PINNED; 503 if (!xfs_buf_trylock(bp)) { 504 /* 505 * If we have just raced with a buffer being pinned and it has 506 * been marked stale, we could end up stalling until someone else 507 * issues a log force to unpin the stale buffer. Check for the 508 * race condition here so xfsaild recognizes the buffer is pinned 509 * and queues a log force to move it along. 510 */ 511 if (xfs_buf_ispinned(bp)) 512 return XFS_ITEM_PINNED; 513 return XFS_ITEM_LOCKED; 514 } 515 516 ASSERT(!(bip->bli_flags & XFS_BLI_STALE)); 517 518 trace_xfs_buf_item_push(bip); 519 520 /* has a previous flush failed due to IO errors? */ 521 if ((bp->b_flags & XBF_WRITE_FAIL) && 522 ___ratelimit(&xfs_buf_write_fail_rl_state, "XFS: Failing async write")) { 523 xfs_warn(bp->b_target->bt_mount, 524 "Failing async write on buffer block 0x%llx. Retrying async write.", 525 (long long)bp->b_bn); 526 } 527 528 if (!xfs_buf_delwri_queue(bp, buffer_list)) 529 rval = XFS_ITEM_FLUSHING; 530 xfs_buf_unlock(bp); 531 return rval; 532 } 533 534 /* 535 * Drop the buffer log item refcount and take appropriate action. This helper 536 * determines whether the bli must be freed or not, since a decrement to zero 537 * does not necessarily mean the bli is unused. 538 * 539 * Return true if the bli is freed, false otherwise. 540 */ 541 bool 542 xfs_buf_item_put( 543 struct xfs_buf_log_item *bip) 544 { 545 struct xfs_log_item *lip = &bip->bli_item; 546 bool aborted; 547 bool dirty; 548 549 /* drop the bli ref and return if it wasn't the last one */ 550 if (!atomic_dec_and_test(&bip->bli_refcount)) 551 return false; 552 553 /* 554 * We dropped the last ref and must free the item if clean or aborted. 555 * If the bli is dirty and non-aborted, the buffer was clean in the 556 * transaction but still awaiting writeback from previous changes. In 557 * that case, the bli is freed on buffer writeback completion. 558 */ 559 aborted = test_bit(XFS_LI_ABORTED, &lip->li_flags) || 560 XFS_FORCED_SHUTDOWN(lip->li_mountp); 561 dirty = bip->bli_flags & XFS_BLI_DIRTY; 562 if (dirty && !aborted) 563 return false; 564 565 /* 566 * The bli is aborted or clean. An aborted item may be in the AIL 567 * regardless of dirty state. For example, consider an aborted 568 * transaction that invalidated a dirty bli and cleared the dirty 569 * state. 570 */ 571 if (aborted) 572 xfs_trans_ail_remove(lip, SHUTDOWN_LOG_IO_ERROR); 573 xfs_buf_item_relse(bip->bli_buf); 574 return true; 575 } 576 577 /* 578 * Release the buffer associated with the buf log item. If there is no dirty 579 * logged data associated with the buffer recorded in the buf log item, then 580 * free the buf log item and remove the reference to it in the buffer. 581 * 582 * This call ignores the recursion count. It is only called when the buffer 583 * should REALLY be unlocked, regardless of the recursion count. 584 * 585 * We unconditionally drop the transaction's reference to the log item. If the 586 * item was logged, then another reference was taken when it was pinned, so we 587 * can safely drop the transaction reference now. This also allows us to avoid 588 * potential races with the unpin code freeing the bli by not referencing the 589 * bli after we've dropped the reference count. 590 * 591 * If the XFS_BLI_HOLD flag is set in the buf log item, then free the log item 592 * if necessary but do not unlock the buffer. This is for support of 593 * xfs_trans_bhold(). Make sure the XFS_BLI_HOLD field is cleared if we don't 594 * free the item. 595 */ 596 STATIC void 597 xfs_buf_item_unlock( 598 struct xfs_log_item *lip) 599 { 600 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 601 struct xfs_buf *bp = bip->bli_buf; 602 bool released; 603 bool hold = bip->bli_flags & XFS_BLI_HOLD; 604 bool stale = bip->bli_flags & XFS_BLI_STALE; 605 #if defined(DEBUG) || defined(XFS_WARN) 606 bool ordered = bip->bli_flags & XFS_BLI_ORDERED; 607 bool dirty = bip->bli_flags & XFS_BLI_DIRTY; 608 bool aborted = test_bit(XFS_LI_ABORTED, 609 &lip->li_flags); 610 #endif 611 612 trace_xfs_buf_item_unlock(bip); 613 614 /* 615 * The bli dirty state should match whether the blf has logged segments 616 * except for ordered buffers, where only the bli should be dirty. 617 */ 618 ASSERT((!ordered && dirty == xfs_buf_item_dirty_format(bip)) || 619 (ordered && dirty && !xfs_buf_item_dirty_format(bip))); 620 ASSERT(!stale || (bip->__bli_format.blf_flags & XFS_BLF_CANCEL)); 621 622 /* 623 * Clear the buffer's association with this transaction and 624 * per-transaction state from the bli, which has been copied above. 625 */ 626 bp->b_transp = NULL; 627 bip->bli_flags &= ~(XFS_BLI_LOGGED | XFS_BLI_HOLD | XFS_BLI_ORDERED); 628 629 /* 630 * Unref the item and unlock the buffer unless held or stale. Stale 631 * buffers remain locked until final unpin unless the bli is freed by 632 * the unref call. The latter implies shutdown because buffer 633 * invalidation dirties the bli and transaction. 634 */ 635 released = xfs_buf_item_put(bip); 636 if (hold || (stale && !released)) 637 return; 638 ASSERT(!stale || aborted); 639 xfs_buf_relse(bp); 640 } 641 642 /* 643 * This is called to find out where the oldest active copy of the 644 * buf log item in the on disk log resides now that the last log 645 * write of it completed at the given lsn. 646 * We always re-log all the dirty data in a buffer, so usually the 647 * latest copy in the on disk log is the only one that matters. For 648 * those cases we simply return the given lsn. 649 * 650 * The one exception to this is for buffers full of newly allocated 651 * inodes. These buffers are only relogged with the XFS_BLI_INODE_BUF 652 * flag set, indicating that only the di_next_unlinked fields from the 653 * inodes in the buffers will be replayed during recovery. If the 654 * original newly allocated inode images have not yet been flushed 655 * when the buffer is so relogged, then we need to make sure that we 656 * keep the old images in the 'active' portion of the log. We do this 657 * by returning the original lsn of that transaction here rather than 658 * the current one. 659 */ 660 STATIC xfs_lsn_t 661 xfs_buf_item_committed( 662 struct xfs_log_item *lip, 663 xfs_lsn_t lsn) 664 { 665 struct xfs_buf_log_item *bip = BUF_ITEM(lip); 666 667 trace_xfs_buf_item_committed(bip); 668 669 if ((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) && lip->li_lsn != 0) 670 return lip->li_lsn; 671 return lsn; 672 } 673 674 STATIC void 675 xfs_buf_item_committing( 676 struct xfs_log_item *lip, 677 xfs_lsn_t commit_lsn) 678 { 679 } 680 681 /* 682 * This is the ops vector shared by all buf log items. 683 */ 684 static const struct xfs_item_ops xfs_buf_item_ops = { 685 .iop_size = xfs_buf_item_size, 686 .iop_format = xfs_buf_item_format, 687 .iop_pin = xfs_buf_item_pin, 688 .iop_unpin = xfs_buf_item_unpin, 689 .iop_unlock = xfs_buf_item_unlock, 690 .iop_committed = xfs_buf_item_committed, 691 .iop_push = xfs_buf_item_push, 692 .iop_committing = xfs_buf_item_committing 693 }; 694 695 STATIC int 696 xfs_buf_item_get_format( 697 struct xfs_buf_log_item *bip, 698 int count) 699 { 700 ASSERT(bip->bli_formats == NULL); 701 bip->bli_format_count = count; 702 703 if (count == 1) { 704 bip->bli_formats = &bip->__bli_format; 705 return 0; 706 } 707 708 bip->bli_formats = kmem_zalloc(count * sizeof(struct xfs_buf_log_format), 709 KM_SLEEP); 710 if (!bip->bli_formats) 711 return -ENOMEM; 712 return 0; 713 } 714 715 STATIC void 716 xfs_buf_item_free_format( 717 struct xfs_buf_log_item *bip) 718 { 719 if (bip->bli_formats != &bip->__bli_format) { 720 kmem_free(bip->bli_formats); 721 bip->bli_formats = NULL; 722 } 723 } 724 725 /* 726 * Allocate a new buf log item to go with the given buffer. 727 * Set the buffer's b_log_item field to point to the new 728 * buf log item. 729 */ 730 int 731 xfs_buf_item_init( 732 struct xfs_buf *bp, 733 struct xfs_mount *mp) 734 { 735 struct xfs_buf_log_item *bip = bp->b_log_item; 736 int chunks; 737 int map_size; 738 int error; 739 int i; 740 741 /* 742 * Check to see if there is already a buf log item for 743 * this buffer. If we do already have one, there is 744 * nothing to do here so return. 745 */ 746 ASSERT(bp->b_target->bt_mount == mp); 747 if (bip) { 748 ASSERT(bip->bli_item.li_type == XFS_LI_BUF); 749 ASSERT(!bp->b_transp); 750 ASSERT(bip->bli_buf == bp); 751 return 0; 752 } 753 754 bip = kmem_zone_zalloc(xfs_buf_item_zone, KM_SLEEP); 755 xfs_log_item_init(mp, &bip->bli_item, XFS_LI_BUF, &xfs_buf_item_ops); 756 bip->bli_buf = bp; 757 758 /* 759 * chunks is the number of XFS_BLF_CHUNK size pieces the buffer 760 * can be divided into. Make sure not to truncate any pieces. 761 * map_size is the size of the bitmap needed to describe the 762 * chunks of the buffer. 763 * 764 * Discontiguous buffer support follows the layout of the underlying 765 * buffer. This makes the implementation as simple as possible. 766 */ 767 error = xfs_buf_item_get_format(bip, bp->b_map_count); 768 ASSERT(error == 0); 769 if (error) { /* to stop gcc throwing set-but-unused warnings */ 770 kmem_zone_free(xfs_buf_item_zone, bip); 771 return error; 772 } 773 774 775 for (i = 0; i < bip->bli_format_count; i++) { 776 chunks = DIV_ROUND_UP(BBTOB(bp->b_maps[i].bm_len), 777 XFS_BLF_CHUNK); 778 map_size = DIV_ROUND_UP(chunks, NBWORD); 779 780 bip->bli_formats[i].blf_type = XFS_LI_BUF; 781 bip->bli_formats[i].blf_blkno = bp->b_maps[i].bm_bn; 782 bip->bli_formats[i].blf_len = bp->b_maps[i].bm_len; 783 bip->bli_formats[i].blf_map_size = map_size; 784 } 785 786 bp->b_log_item = bip; 787 xfs_buf_hold(bp); 788 return 0; 789 } 790 791 792 /* 793 * Mark bytes first through last inclusive as dirty in the buf 794 * item's bitmap. 795 */ 796 static void 797 xfs_buf_item_log_segment( 798 uint first, 799 uint last, 800 uint *map) 801 { 802 uint first_bit; 803 uint last_bit; 804 uint bits_to_set; 805 uint bits_set; 806 uint word_num; 807 uint *wordp; 808 uint bit; 809 uint end_bit; 810 uint mask; 811 812 /* 813 * Convert byte offsets to bit numbers. 814 */ 815 first_bit = first >> XFS_BLF_SHIFT; 816 last_bit = last >> XFS_BLF_SHIFT; 817 818 /* 819 * Calculate the total number of bits to be set. 820 */ 821 bits_to_set = last_bit - first_bit + 1; 822 823 /* 824 * Get a pointer to the first word in the bitmap 825 * to set a bit in. 826 */ 827 word_num = first_bit >> BIT_TO_WORD_SHIFT; 828 wordp = &map[word_num]; 829 830 /* 831 * Calculate the starting bit in the first word. 832 */ 833 bit = first_bit & (uint)(NBWORD - 1); 834 835 /* 836 * First set any bits in the first word of our range. 837 * If it starts at bit 0 of the word, it will be 838 * set below rather than here. That is what the variable 839 * bit tells us. The variable bits_set tracks the number 840 * of bits that have been set so far. End_bit is the number 841 * of the last bit to be set in this word plus one. 842 */ 843 if (bit) { 844 end_bit = min(bit + bits_to_set, (uint)NBWORD); 845 mask = ((1U << (end_bit - bit)) - 1) << bit; 846 *wordp |= mask; 847 wordp++; 848 bits_set = end_bit - bit; 849 } else { 850 bits_set = 0; 851 } 852 853 /* 854 * Now set bits a whole word at a time that are between 855 * first_bit and last_bit. 856 */ 857 while ((bits_to_set - bits_set) >= NBWORD) { 858 *wordp |= 0xffffffff; 859 bits_set += NBWORD; 860 wordp++; 861 } 862 863 /* 864 * Finally, set any bits left to be set in one last partial word. 865 */ 866 end_bit = bits_to_set - bits_set; 867 if (end_bit) { 868 mask = (1U << end_bit) - 1; 869 *wordp |= mask; 870 } 871 } 872 873 /* 874 * Mark bytes first through last inclusive as dirty in the buf 875 * item's bitmap. 876 */ 877 void 878 xfs_buf_item_log( 879 struct xfs_buf_log_item *bip, 880 uint first, 881 uint last) 882 { 883 int i; 884 uint start; 885 uint end; 886 struct xfs_buf *bp = bip->bli_buf; 887 888 /* 889 * walk each buffer segment and mark them dirty appropriately. 890 */ 891 start = 0; 892 for (i = 0; i < bip->bli_format_count; i++) { 893 if (start > last) 894 break; 895 end = start + BBTOB(bp->b_maps[i].bm_len) - 1; 896 897 /* skip to the map that includes the first byte to log */ 898 if (first > end) { 899 start += BBTOB(bp->b_maps[i].bm_len); 900 continue; 901 } 902 903 /* 904 * Trim the range to this segment and mark it in the bitmap. 905 * Note that we must convert buffer offsets to segment relative 906 * offsets (e.g., the first byte of each segment is byte 0 of 907 * that segment). 908 */ 909 if (first < start) 910 first = start; 911 if (end > last) 912 end = last; 913 xfs_buf_item_log_segment(first - start, end - start, 914 &bip->bli_formats[i].blf_data_map[0]); 915 916 start += BBTOB(bp->b_maps[i].bm_len); 917 } 918 } 919 920 921 /* 922 * Return true if the buffer has any ranges logged/dirtied by a transaction, 923 * false otherwise. 924 */ 925 bool 926 xfs_buf_item_dirty_format( 927 struct xfs_buf_log_item *bip) 928 { 929 int i; 930 931 for (i = 0; i < bip->bli_format_count; i++) { 932 if (!xfs_bitmap_empty(bip->bli_formats[i].blf_data_map, 933 bip->bli_formats[i].blf_map_size)) 934 return true; 935 } 936 937 return false; 938 } 939 940 STATIC void 941 xfs_buf_item_free( 942 struct xfs_buf_log_item *bip) 943 { 944 xfs_buf_item_free_format(bip); 945 kmem_free(bip->bli_item.li_lv_shadow); 946 kmem_zone_free(xfs_buf_item_zone, bip); 947 } 948 949 /* 950 * This is called when the buf log item is no longer needed. It should 951 * free the buf log item associated with the given buffer and clear 952 * the buffer's pointer to the buf log item. If there are no more 953 * items in the list, clear the b_iodone field of the buffer (see 954 * xfs_buf_attach_iodone() below). 955 */ 956 void 957 xfs_buf_item_relse( 958 xfs_buf_t *bp) 959 { 960 struct xfs_buf_log_item *bip = bp->b_log_item; 961 962 trace_xfs_buf_item_relse(bp, _RET_IP_); 963 ASSERT(!(bip->bli_item.li_flags & XFS_LI_IN_AIL)); 964 965 bp->b_log_item = NULL; 966 if (list_empty(&bp->b_li_list)) 967 bp->b_iodone = NULL; 968 969 xfs_buf_rele(bp); 970 xfs_buf_item_free(bip); 971 } 972 973 974 /* 975 * Add the given log item with its callback to the list of callbacks 976 * to be called when the buffer's I/O completes. If it is not set 977 * already, set the buffer's b_iodone() routine to be 978 * xfs_buf_iodone_callbacks() and link the log item into the list of 979 * items rooted at b_li_list. 980 */ 981 void 982 xfs_buf_attach_iodone( 983 xfs_buf_t *bp, 984 void (*cb)(xfs_buf_t *, xfs_log_item_t *), 985 xfs_log_item_t *lip) 986 { 987 ASSERT(xfs_buf_islocked(bp)); 988 989 lip->li_cb = cb; 990 list_add_tail(&lip->li_bio_list, &bp->b_li_list); 991 992 ASSERT(bp->b_iodone == NULL || 993 bp->b_iodone == xfs_buf_iodone_callbacks); 994 bp->b_iodone = xfs_buf_iodone_callbacks; 995 } 996 997 /* 998 * We can have many callbacks on a buffer. Running the callbacks individually 999 * can cause a lot of contention on the AIL lock, so we allow for a single 1000 * callback to be able to scan the remaining items in bp->b_li_list for other 1001 * items of the same type and callback to be processed in the first call. 1002 * 1003 * As a result, the loop walking the callback list below will also modify the 1004 * list. it removes the first item from the list and then runs the callback. 1005 * The loop then restarts from the new first item int the list. This allows the 1006 * callback to scan and modify the list attached to the buffer and we don't 1007 * have to care about maintaining a next item pointer. 1008 */ 1009 STATIC void 1010 xfs_buf_do_callbacks( 1011 struct xfs_buf *bp) 1012 { 1013 struct xfs_buf_log_item *blip = bp->b_log_item; 1014 struct xfs_log_item *lip; 1015 1016 /* If there is a buf_log_item attached, run its callback */ 1017 if (blip) { 1018 lip = &blip->bli_item; 1019 lip->li_cb(bp, lip); 1020 } 1021 1022 while (!list_empty(&bp->b_li_list)) { 1023 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item, 1024 li_bio_list); 1025 1026 /* 1027 * Remove the item from the list, so we don't have any 1028 * confusion if the item is added to another buf. 1029 * Don't touch the log item after calling its 1030 * callback, because it could have freed itself. 1031 */ 1032 list_del_init(&lip->li_bio_list); 1033 lip->li_cb(bp, lip); 1034 } 1035 } 1036 1037 /* 1038 * Invoke the error state callback for each log item affected by the failed I/O. 1039 * 1040 * If a metadata buffer write fails with a non-permanent error, the buffer is 1041 * eventually resubmitted and so the completion callbacks are not run. The error 1042 * state may need to be propagated to the log items attached to the buffer, 1043 * however, so the next AIL push of the item knows hot to handle it correctly. 1044 */ 1045 STATIC void 1046 xfs_buf_do_callbacks_fail( 1047 struct xfs_buf *bp) 1048 { 1049 struct xfs_log_item *lip; 1050 struct xfs_ail *ailp; 1051 1052 /* 1053 * Buffer log item errors are handled directly by xfs_buf_item_push() 1054 * and xfs_buf_iodone_callback_error, and they have no IO error 1055 * callbacks. Check only for items in b_li_list. 1056 */ 1057 if (list_empty(&bp->b_li_list)) 1058 return; 1059 1060 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item, 1061 li_bio_list); 1062 ailp = lip->li_ailp; 1063 spin_lock(&ailp->ail_lock); 1064 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) { 1065 if (lip->li_ops->iop_error) 1066 lip->li_ops->iop_error(lip, bp); 1067 } 1068 spin_unlock(&ailp->ail_lock); 1069 } 1070 1071 static bool 1072 xfs_buf_iodone_callback_error( 1073 struct xfs_buf *bp) 1074 { 1075 struct xfs_buf_log_item *bip = bp->b_log_item; 1076 struct xfs_log_item *lip; 1077 struct xfs_mount *mp; 1078 static ulong lasttime; 1079 static xfs_buftarg_t *lasttarg; 1080 struct xfs_error_cfg *cfg; 1081 1082 /* 1083 * The failed buffer might not have a buf_log_item attached or the 1084 * log_item list might be empty. Get the mp from the available 1085 * xfs_log_item 1086 */ 1087 lip = list_first_entry_or_null(&bp->b_li_list, struct xfs_log_item, 1088 li_bio_list); 1089 mp = lip ? lip->li_mountp : bip->bli_item.li_mountp; 1090 1091 /* 1092 * If we've already decided to shutdown the filesystem because of 1093 * I/O errors, there's no point in giving this a retry. 1094 */ 1095 if (XFS_FORCED_SHUTDOWN(mp)) 1096 goto out_stale; 1097 1098 if (bp->b_target != lasttarg || 1099 time_after(jiffies, (lasttime + 5*HZ))) { 1100 lasttime = jiffies; 1101 xfs_buf_ioerror_alert(bp, __func__); 1102 } 1103 lasttarg = bp->b_target; 1104 1105 /* synchronous writes will have callers process the error */ 1106 if (!(bp->b_flags & XBF_ASYNC)) 1107 goto out_stale; 1108 1109 trace_xfs_buf_item_iodone_async(bp, _RET_IP_); 1110 ASSERT(bp->b_iodone != NULL); 1111 1112 cfg = xfs_error_get_cfg(mp, XFS_ERR_METADATA, bp->b_error); 1113 1114 /* 1115 * If the write was asynchronous then no one will be looking for the 1116 * error. If this is the first failure of this type, clear the error 1117 * state and write the buffer out again. This means we always retry an 1118 * async write failure at least once, but we also need to set the buffer 1119 * up to behave correctly now for repeated failures. 1120 */ 1121 if (!(bp->b_flags & (XBF_STALE | XBF_WRITE_FAIL)) || 1122 bp->b_last_error != bp->b_error) { 1123 bp->b_flags |= (XBF_WRITE | XBF_DONE | XBF_WRITE_FAIL); 1124 bp->b_last_error = bp->b_error; 1125 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER && 1126 !bp->b_first_retry_time) 1127 bp->b_first_retry_time = jiffies; 1128 1129 xfs_buf_ioerror(bp, 0); 1130 xfs_buf_submit(bp); 1131 return true; 1132 } 1133 1134 /* 1135 * Repeated failure on an async write. Take action according to the 1136 * error configuration we have been set up to use. 1137 */ 1138 1139 if (cfg->max_retries != XFS_ERR_RETRY_FOREVER && 1140 ++bp->b_retries > cfg->max_retries) 1141 goto permanent_error; 1142 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER && 1143 time_after(jiffies, cfg->retry_timeout + bp->b_first_retry_time)) 1144 goto permanent_error; 1145 1146 /* At unmount we may treat errors differently */ 1147 if ((mp->m_flags & XFS_MOUNT_UNMOUNTING) && mp->m_fail_unmount) 1148 goto permanent_error; 1149 1150 /* 1151 * Still a transient error, run IO completion failure callbacks and let 1152 * the higher layers retry the buffer. 1153 */ 1154 xfs_buf_do_callbacks_fail(bp); 1155 xfs_buf_ioerror(bp, 0); 1156 xfs_buf_relse(bp); 1157 return true; 1158 1159 /* 1160 * Permanent error - we need to trigger a shutdown if we haven't already 1161 * to indicate that inconsistency will result from this action. 1162 */ 1163 permanent_error: 1164 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR); 1165 out_stale: 1166 xfs_buf_stale(bp); 1167 bp->b_flags |= XBF_DONE; 1168 trace_xfs_buf_error_relse(bp, _RET_IP_); 1169 return false; 1170 } 1171 1172 /* 1173 * This is the iodone() function for buffers which have had callbacks attached 1174 * to them by xfs_buf_attach_iodone(). We need to iterate the items on the 1175 * callback list, mark the buffer as having no more callbacks and then push the 1176 * buffer through IO completion processing. 1177 */ 1178 void 1179 xfs_buf_iodone_callbacks( 1180 struct xfs_buf *bp) 1181 { 1182 /* 1183 * If there is an error, process it. Some errors require us 1184 * to run callbacks after failure processing is done so we 1185 * detect that and take appropriate action. 1186 */ 1187 if (bp->b_error && xfs_buf_iodone_callback_error(bp)) 1188 return; 1189 1190 /* 1191 * Successful IO or permanent error. Either way, we can clear the 1192 * retry state here in preparation for the next error that may occur. 1193 */ 1194 bp->b_last_error = 0; 1195 bp->b_retries = 0; 1196 bp->b_first_retry_time = 0; 1197 1198 xfs_buf_do_callbacks(bp); 1199 bp->b_log_item = NULL; 1200 list_del_init(&bp->b_li_list); 1201 bp->b_iodone = NULL; 1202 xfs_buf_ioend(bp); 1203 } 1204 1205 /* 1206 * This is the iodone() function for buffers which have been 1207 * logged. It is called when they are eventually flushed out. 1208 * It should remove the buf item from the AIL, and free the buf item. 1209 * It is called by xfs_buf_iodone_callbacks() above which will take 1210 * care of cleaning up the buffer itself. 1211 */ 1212 void 1213 xfs_buf_iodone( 1214 struct xfs_buf *bp, 1215 struct xfs_log_item *lip) 1216 { 1217 struct xfs_ail *ailp = lip->li_ailp; 1218 1219 ASSERT(BUF_ITEM(lip)->bli_buf == bp); 1220 1221 xfs_buf_rele(bp); 1222 1223 /* 1224 * If we are forcibly shutting down, this may well be 1225 * off the AIL already. That's because we simulate the 1226 * log-committed callbacks to unpin these buffers. Or we may never 1227 * have put this item on AIL because of the transaction was 1228 * aborted forcibly. xfs_trans_ail_delete() takes care of these. 1229 * 1230 * Either way, AIL is useless if we're forcing a shutdown. 1231 */ 1232 spin_lock(&ailp->ail_lock); 1233 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_CORRUPT_INCORE); 1234 xfs_buf_item_free(BUF_ITEM(lip)); 1235 } 1236 1237 /* 1238 * Requeue a failed buffer for writeback. 1239 * 1240 * We clear the log item failed state here as well, but we have to be careful 1241 * about reference counts because the only active reference counts on the buffer 1242 * may be the failed log items. Hence if we clear the log item failed state 1243 * before queuing the buffer for IO we can release all active references to 1244 * the buffer and free it, leading to use after free problems in 1245 * xfs_buf_delwri_queue. It makes no difference to the buffer or log items which 1246 * order we process them in - the buffer is locked, and we own the buffer list 1247 * so nothing on them is going to change while we are performing this action. 1248 * 1249 * Hence we can safely queue the buffer for IO before we clear the failed log 1250 * item state, therefore always having an active reference to the buffer and 1251 * avoiding the transient zero-reference state that leads to use-after-free. 1252 * 1253 * Return true if the buffer was added to the buffer list, false if it was 1254 * already on the buffer list. 1255 */ 1256 bool 1257 xfs_buf_resubmit_failed_buffers( 1258 struct xfs_buf *bp, 1259 struct list_head *buffer_list) 1260 { 1261 struct xfs_log_item *lip; 1262 bool ret; 1263 1264 ret = xfs_buf_delwri_queue(bp, buffer_list); 1265 1266 /* 1267 * XFS_LI_FAILED set/clear is protected by ail_lock, caller of this 1268 * function already have it acquired 1269 */ 1270 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) 1271 xfs_clear_li_failed(lip); 1272 1273 return ret; 1274 } 1275