1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_sb.h" 25 #include "xfs_ag.h" 26 #include "xfs_mount.h" 27 #include "xfs_error.h" 28 #include "xfs_trans.h" 29 #include "xfs_trans_priv.h" 30 #include "xfs_log.h" 31 #include "xfs_log_priv.h" 32 #include "xfs_log_recover.h" 33 #include "xfs_inode.h" 34 #include "xfs_trace.h" 35 #include "xfs_fsops.h" 36 #include "xfs_cksum.h" 37 #include "xfs_sysfs.h" 38 39 kmem_zone_t *xfs_log_ticket_zone; 40 41 /* Local miscellaneous function prototypes */ 42 STATIC int 43 xlog_commit_record( 44 struct xlog *log, 45 struct xlog_ticket *ticket, 46 struct xlog_in_core **iclog, 47 xfs_lsn_t *commitlsnp); 48 49 STATIC struct xlog * 50 xlog_alloc_log( 51 struct xfs_mount *mp, 52 struct xfs_buftarg *log_target, 53 xfs_daddr_t blk_offset, 54 int num_bblks); 55 STATIC int 56 xlog_space_left( 57 struct xlog *log, 58 atomic64_t *head); 59 STATIC int 60 xlog_sync( 61 struct xlog *log, 62 struct xlog_in_core *iclog); 63 STATIC void 64 xlog_dealloc_log( 65 struct xlog *log); 66 67 /* local state machine functions */ 68 STATIC void xlog_state_done_syncing(xlog_in_core_t *iclog, int); 69 STATIC void 70 xlog_state_do_callback( 71 struct xlog *log, 72 int aborted, 73 struct xlog_in_core *iclog); 74 STATIC int 75 xlog_state_get_iclog_space( 76 struct xlog *log, 77 int len, 78 struct xlog_in_core **iclog, 79 struct xlog_ticket *ticket, 80 int *continued_write, 81 int *logoffsetp); 82 STATIC int 83 xlog_state_release_iclog( 84 struct xlog *log, 85 struct xlog_in_core *iclog); 86 STATIC void 87 xlog_state_switch_iclogs( 88 struct xlog *log, 89 struct xlog_in_core *iclog, 90 int eventual_size); 91 STATIC void 92 xlog_state_want_sync( 93 struct xlog *log, 94 struct xlog_in_core *iclog); 95 96 STATIC void 97 xlog_grant_push_ail( 98 struct xlog *log, 99 int need_bytes); 100 STATIC void 101 xlog_regrant_reserve_log_space( 102 struct xlog *log, 103 struct xlog_ticket *ticket); 104 STATIC void 105 xlog_ungrant_log_space( 106 struct xlog *log, 107 struct xlog_ticket *ticket); 108 109 #if defined(DEBUG) 110 STATIC void 111 xlog_verify_dest_ptr( 112 struct xlog *log, 113 char *ptr); 114 STATIC void 115 xlog_verify_grant_tail( 116 struct xlog *log); 117 STATIC void 118 xlog_verify_iclog( 119 struct xlog *log, 120 struct xlog_in_core *iclog, 121 int count, 122 bool syncing); 123 STATIC void 124 xlog_verify_tail_lsn( 125 struct xlog *log, 126 struct xlog_in_core *iclog, 127 xfs_lsn_t tail_lsn); 128 #else 129 #define xlog_verify_dest_ptr(a,b) 130 #define xlog_verify_grant_tail(a) 131 #define xlog_verify_iclog(a,b,c,d) 132 #define xlog_verify_tail_lsn(a,b,c) 133 #endif 134 135 STATIC int 136 xlog_iclogs_empty( 137 struct xlog *log); 138 139 static void 140 xlog_grant_sub_space( 141 struct xlog *log, 142 atomic64_t *head, 143 int bytes) 144 { 145 int64_t head_val = atomic64_read(head); 146 int64_t new, old; 147 148 do { 149 int cycle, space; 150 151 xlog_crack_grant_head_val(head_val, &cycle, &space); 152 153 space -= bytes; 154 if (space < 0) { 155 space += log->l_logsize; 156 cycle--; 157 } 158 159 old = head_val; 160 new = xlog_assign_grant_head_val(cycle, space); 161 head_val = atomic64_cmpxchg(head, old, new); 162 } while (head_val != old); 163 } 164 165 static void 166 xlog_grant_add_space( 167 struct xlog *log, 168 atomic64_t *head, 169 int bytes) 170 { 171 int64_t head_val = atomic64_read(head); 172 int64_t new, old; 173 174 do { 175 int tmp; 176 int cycle, space; 177 178 xlog_crack_grant_head_val(head_val, &cycle, &space); 179 180 tmp = log->l_logsize - space; 181 if (tmp > bytes) 182 space += bytes; 183 else { 184 space = bytes - tmp; 185 cycle++; 186 } 187 188 old = head_val; 189 new = xlog_assign_grant_head_val(cycle, space); 190 head_val = atomic64_cmpxchg(head, old, new); 191 } while (head_val != old); 192 } 193 194 STATIC void 195 xlog_grant_head_init( 196 struct xlog_grant_head *head) 197 { 198 xlog_assign_grant_head(&head->grant, 1, 0); 199 INIT_LIST_HEAD(&head->waiters); 200 spin_lock_init(&head->lock); 201 } 202 203 STATIC void 204 xlog_grant_head_wake_all( 205 struct xlog_grant_head *head) 206 { 207 struct xlog_ticket *tic; 208 209 spin_lock(&head->lock); 210 list_for_each_entry(tic, &head->waiters, t_queue) 211 wake_up_process(tic->t_task); 212 spin_unlock(&head->lock); 213 } 214 215 static inline int 216 xlog_ticket_reservation( 217 struct xlog *log, 218 struct xlog_grant_head *head, 219 struct xlog_ticket *tic) 220 { 221 if (head == &log->l_write_head) { 222 ASSERT(tic->t_flags & XLOG_TIC_PERM_RESERV); 223 return tic->t_unit_res; 224 } else { 225 if (tic->t_flags & XLOG_TIC_PERM_RESERV) 226 return tic->t_unit_res * tic->t_cnt; 227 else 228 return tic->t_unit_res; 229 } 230 } 231 232 STATIC bool 233 xlog_grant_head_wake( 234 struct xlog *log, 235 struct xlog_grant_head *head, 236 int *free_bytes) 237 { 238 struct xlog_ticket *tic; 239 int need_bytes; 240 241 list_for_each_entry(tic, &head->waiters, t_queue) { 242 need_bytes = xlog_ticket_reservation(log, head, tic); 243 if (*free_bytes < need_bytes) 244 return false; 245 246 *free_bytes -= need_bytes; 247 trace_xfs_log_grant_wake_up(log, tic); 248 wake_up_process(tic->t_task); 249 } 250 251 return true; 252 } 253 254 STATIC int 255 xlog_grant_head_wait( 256 struct xlog *log, 257 struct xlog_grant_head *head, 258 struct xlog_ticket *tic, 259 int need_bytes) __releases(&head->lock) 260 __acquires(&head->lock) 261 { 262 list_add_tail(&tic->t_queue, &head->waiters); 263 264 do { 265 if (XLOG_FORCED_SHUTDOWN(log)) 266 goto shutdown; 267 xlog_grant_push_ail(log, need_bytes); 268 269 __set_current_state(TASK_UNINTERRUPTIBLE); 270 spin_unlock(&head->lock); 271 272 XFS_STATS_INC(xs_sleep_logspace); 273 274 trace_xfs_log_grant_sleep(log, tic); 275 schedule(); 276 trace_xfs_log_grant_wake(log, tic); 277 278 spin_lock(&head->lock); 279 if (XLOG_FORCED_SHUTDOWN(log)) 280 goto shutdown; 281 } while (xlog_space_left(log, &head->grant) < need_bytes); 282 283 list_del_init(&tic->t_queue); 284 return 0; 285 shutdown: 286 list_del_init(&tic->t_queue); 287 return -EIO; 288 } 289 290 /* 291 * Atomically get the log space required for a log ticket. 292 * 293 * Once a ticket gets put onto head->waiters, it will only return after the 294 * needed reservation is satisfied. 295 * 296 * This function is structured so that it has a lock free fast path. This is 297 * necessary because every new transaction reservation will come through this 298 * path. Hence any lock will be globally hot if we take it unconditionally on 299 * every pass. 300 * 301 * As tickets are only ever moved on and off head->waiters under head->lock, we 302 * only need to take that lock if we are going to add the ticket to the queue 303 * and sleep. We can avoid taking the lock if the ticket was never added to 304 * head->waiters because the t_queue list head will be empty and we hold the 305 * only reference to it so it can safely be checked unlocked. 306 */ 307 STATIC int 308 xlog_grant_head_check( 309 struct xlog *log, 310 struct xlog_grant_head *head, 311 struct xlog_ticket *tic, 312 int *need_bytes) 313 { 314 int free_bytes; 315 int error = 0; 316 317 ASSERT(!(log->l_flags & XLOG_ACTIVE_RECOVERY)); 318 319 /* 320 * If there are other waiters on the queue then give them a chance at 321 * logspace before us. Wake up the first waiters, if we do not wake 322 * up all the waiters then go to sleep waiting for more free space, 323 * otherwise try to get some space for this transaction. 324 */ 325 *need_bytes = xlog_ticket_reservation(log, head, tic); 326 free_bytes = xlog_space_left(log, &head->grant); 327 if (!list_empty_careful(&head->waiters)) { 328 spin_lock(&head->lock); 329 if (!xlog_grant_head_wake(log, head, &free_bytes) || 330 free_bytes < *need_bytes) { 331 error = xlog_grant_head_wait(log, head, tic, 332 *need_bytes); 333 } 334 spin_unlock(&head->lock); 335 } else if (free_bytes < *need_bytes) { 336 spin_lock(&head->lock); 337 error = xlog_grant_head_wait(log, head, tic, *need_bytes); 338 spin_unlock(&head->lock); 339 } 340 341 return error; 342 } 343 344 static void 345 xlog_tic_reset_res(xlog_ticket_t *tic) 346 { 347 tic->t_res_num = 0; 348 tic->t_res_arr_sum = 0; 349 tic->t_res_num_ophdrs = 0; 350 } 351 352 static void 353 xlog_tic_add_region(xlog_ticket_t *tic, uint len, uint type) 354 { 355 if (tic->t_res_num == XLOG_TIC_LEN_MAX) { 356 /* add to overflow and start again */ 357 tic->t_res_o_flow += tic->t_res_arr_sum; 358 tic->t_res_num = 0; 359 tic->t_res_arr_sum = 0; 360 } 361 362 tic->t_res_arr[tic->t_res_num].r_len = len; 363 tic->t_res_arr[tic->t_res_num].r_type = type; 364 tic->t_res_arr_sum += len; 365 tic->t_res_num++; 366 } 367 368 /* 369 * Replenish the byte reservation required by moving the grant write head. 370 */ 371 int 372 xfs_log_regrant( 373 struct xfs_mount *mp, 374 struct xlog_ticket *tic) 375 { 376 struct xlog *log = mp->m_log; 377 int need_bytes; 378 int error = 0; 379 380 if (XLOG_FORCED_SHUTDOWN(log)) 381 return -EIO; 382 383 XFS_STATS_INC(xs_try_logspace); 384 385 /* 386 * This is a new transaction on the ticket, so we need to change the 387 * transaction ID so that the next transaction has a different TID in 388 * the log. Just add one to the existing tid so that we can see chains 389 * of rolling transactions in the log easily. 390 */ 391 tic->t_tid++; 392 393 xlog_grant_push_ail(log, tic->t_unit_res); 394 395 tic->t_curr_res = tic->t_unit_res; 396 xlog_tic_reset_res(tic); 397 398 if (tic->t_cnt > 0) 399 return 0; 400 401 trace_xfs_log_regrant(log, tic); 402 403 error = xlog_grant_head_check(log, &log->l_write_head, tic, 404 &need_bytes); 405 if (error) 406 goto out_error; 407 408 xlog_grant_add_space(log, &log->l_write_head.grant, need_bytes); 409 trace_xfs_log_regrant_exit(log, tic); 410 xlog_verify_grant_tail(log); 411 return 0; 412 413 out_error: 414 /* 415 * If we are failing, make sure the ticket doesn't have any current 416 * reservations. We don't want to add this back when the ticket/ 417 * transaction gets cancelled. 418 */ 419 tic->t_curr_res = 0; 420 tic->t_cnt = 0; /* ungrant will give back unit_res * t_cnt. */ 421 return error; 422 } 423 424 /* 425 * Reserve log space and return a ticket corresponding the reservation. 426 * 427 * Each reservation is going to reserve extra space for a log record header. 428 * When writes happen to the on-disk log, we don't subtract the length of the 429 * log record header from any reservation. By wasting space in each 430 * reservation, we prevent over allocation problems. 431 */ 432 int 433 xfs_log_reserve( 434 struct xfs_mount *mp, 435 int unit_bytes, 436 int cnt, 437 struct xlog_ticket **ticp, 438 __uint8_t client, 439 bool permanent, 440 uint t_type) 441 { 442 struct xlog *log = mp->m_log; 443 struct xlog_ticket *tic; 444 int need_bytes; 445 int error = 0; 446 447 ASSERT(client == XFS_TRANSACTION || client == XFS_LOG); 448 449 if (XLOG_FORCED_SHUTDOWN(log)) 450 return -EIO; 451 452 XFS_STATS_INC(xs_try_logspace); 453 454 ASSERT(*ticp == NULL); 455 tic = xlog_ticket_alloc(log, unit_bytes, cnt, client, permanent, 456 KM_SLEEP | KM_MAYFAIL); 457 if (!tic) 458 return -ENOMEM; 459 460 tic->t_trans_type = t_type; 461 *ticp = tic; 462 463 xlog_grant_push_ail(log, tic->t_cnt ? tic->t_unit_res * tic->t_cnt 464 : tic->t_unit_res); 465 466 trace_xfs_log_reserve(log, tic); 467 468 error = xlog_grant_head_check(log, &log->l_reserve_head, tic, 469 &need_bytes); 470 if (error) 471 goto out_error; 472 473 xlog_grant_add_space(log, &log->l_reserve_head.grant, need_bytes); 474 xlog_grant_add_space(log, &log->l_write_head.grant, need_bytes); 475 trace_xfs_log_reserve_exit(log, tic); 476 xlog_verify_grant_tail(log); 477 return 0; 478 479 out_error: 480 /* 481 * If we are failing, make sure the ticket doesn't have any current 482 * reservations. We don't want to add this back when the ticket/ 483 * transaction gets cancelled. 484 */ 485 tic->t_curr_res = 0; 486 tic->t_cnt = 0; /* ungrant will give back unit_res * t_cnt. */ 487 return error; 488 } 489 490 491 /* 492 * NOTES: 493 * 494 * 1. currblock field gets updated at startup and after in-core logs 495 * marked as with WANT_SYNC. 496 */ 497 498 /* 499 * This routine is called when a user of a log manager ticket is done with 500 * the reservation. If the ticket was ever used, then a commit record for 501 * the associated transaction is written out as a log operation header with 502 * no data. The flag XLOG_TIC_INITED is set when the first write occurs with 503 * a given ticket. If the ticket was one with a permanent reservation, then 504 * a few operations are done differently. Permanent reservation tickets by 505 * default don't release the reservation. They just commit the current 506 * transaction with the belief that the reservation is still needed. A flag 507 * must be passed in before permanent reservations are actually released. 508 * When these type of tickets are not released, they need to be set into 509 * the inited state again. By doing this, a start record will be written 510 * out when the next write occurs. 511 */ 512 xfs_lsn_t 513 xfs_log_done( 514 struct xfs_mount *mp, 515 struct xlog_ticket *ticket, 516 struct xlog_in_core **iclog, 517 uint flags) 518 { 519 struct xlog *log = mp->m_log; 520 xfs_lsn_t lsn = 0; 521 522 if (XLOG_FORCED_SHUTDOWN(log) || 523 /* 524 * If nothing was ever written, don't write out commit record. 525 * If we get an error, just continue and give back the log ticket. 526 */ 527 (((ticket->t_flags & XLOG_TIC_INITED) == 0) && 528 (xlog_commit_record(log, ticket, iclog, &lsn)))) { 529 lsn = (xfs_lsn_t) -1; 530 if (ticket->t_flags & XLOG_TIC_PERM_RESERV) { 531 flags |= XFS_LOG_REL_PERM_RESERV; 532 } 533 } 534 535 536 if ((ticket->t_flags & XLOG_TIC_PERM_RESERV) == 0 || 537 (flags & XFS_LOG_REL_PERM_RESERV)) { 538 trace_xfs_log_done_nonperm(log, ticket); 539 540 /* 541 * Release ticket if not permanent reservation or a specific 542 * request has been made to release a permanent reservation. 543 */ 544 xlog_ungrant_log_space(log, ticket); 545 xfs_log_ticket_put(ticket); 546 } else { 547 trace_xfs_log_done_perm(log, ticket); 548 549 xlog_regrant_reserve_log_space(log, ticket); 550 /* If this ticket was a permanent reservation and we aren't 551 * trying to release it, reset the inited flags; so next time 552 * we write, a start record will be written out. 553 */ 554 ticket->t_flags |= XLOG_TIC_INITED; 555 } 556 557 return lsn; 558 } 559 560 /* 561 * Attaches a new iclog I/O completion callback routine during 562 * transaction commit. If the log is in error state, a non-zero 563 * return code is handed back and the caller is responsible for 564 * executing the callback at an appropriate time. 565 */ 566 int 567 xfs_log_notify( 568 struct xfs_mount *mp, 569 struct xlog_in_core *iclog, 570 xfs_log_callback_t *cb) 571 { 572 int abortflg; 573 574 spin_lock(&iclog->ic_callback_lock); 575 abortflg = (iclog->ic_state & XLOG_STATE_IOERROR); 576 if (!abortflg) { 577 ASSERT_ALWAYS((iclog->ic_state == XLOG_STATE_ACTIVE) || 578 (iclog->ic_state == XLOG_STATE_WANT_SYNC)); 579 cb->cb_next = NULL; 580 *(iclog->ic_callback_tail) = cb; 581 iclog->ic_callback_tail = &(cb->cb_next); 582 } 583 spin_unlock(&iclog->ic_callback_lock); 584 return abortflg; 585 } 586 587 int 588 xfs_log_release_iclog( 589 struct xfs_mount *mp, 590 struct xlog_in_core *iclog) 591 { 592 if (xlog_state_release_iclog(mp->m_log, iclog)) { 593 xfs_force_shutdown(mp, SHUTDOWN_LOG_IO_ERROR); 594 return -EIO; 595 } 596 597 return 0; 598 } 599 600 /* 601 * Mount a log filesystem 602 * 603 * mp - ubiquitous xfs mount point structure 604 * log_target - buftarg of on-disk log device 605 * blk_offset - Start block # where block size is 512 bytes (BBSIZE) 606 * num_bblocks - Number of BBSIZE blocks in on-disk log 607 * 608 * Return error or zero. 609 */ 610 int 611 xfs_log_mount( 612 xfs_mount_t *mp, 613 xfs_buftarg_t *log_target, 614 xfs_daddr_t blk_offset, 615 int num_bblks) 616 { 617 int error = 0; 618 int min_logfsbs; 619 620 if (!(mp->m_flags & XFS_MOUNT_NORECOVERY)) { 621 xfs_notice(mp, "Mounting V%d Filesystem", 622 XFS_SB_VERSION_NUM(&mp->m_sb)); 623 } else { 624 xfs_notice(mp, 625 "Mounting V%d filesystem in no-recovery mode. Filesystem will be inconsistent.", 626 XFS_SB_VERSION_NUM(&mp->m_sb)); 627 ASSERT(mp->m_flags & XFS_MOUNT_RDONLY); 628 } 629 630 mp->m_log = xlog_alloc_log(mp, log_target, blk_offset, num_bblks); 631 if (IS_ERR(mp->m_log)) { 632 error = PTR_ERR(mp->m_log); 633 goto out; 634 } 635 636 /* 637 * Validate the given log space and drop a critical message via syslog 638 * if the log size is too small that would lead to some unexpected 639 * situations in transaction log space reservation stage. 640 * 641 * Note: we can't just reject the mount if the validation fails. This 642 * would mean that people would have to downgrade their kernel just to 643 * remedy the situation as there is no way to grow the log (short of 644 * black magic surgery with xfs_db). 645 * 646 * We can, however, reject mounts for CRC format filesystems, as the 647 * mkfs binary being used to make the filesystem should never create a 648 * filesystem with a log that is too small. 649 */ 650 min_logfsbs = xfs_log_calc_minimum_size(mp); 651 652 if (mp->m_sb.sb_logblocks < min_logfsbs) { 653 xfs_warn(mp, 654 "Log size %d blocks too small, minimum size is %d blocks", 655 mp->m_sb.sb_logblocks, min_logfsbs); 656 error = -EINVAL; 657 } else if (mp->m_sb.sb_logblocks > XFS_MAX_LOG_BLOCKS) { 658 xfs_warn(mp, 659 "Log size %d blocks too large, maximum size is %lld blocks", 660 mp->m_sb.sb_logblocks, XFS_MAX_LOG_BLOCKS); 661 error = -EINVAL; 662 } else if (XFS_FSB_TO_B(mp, mp->m_sb.sb_logblocks) > XFS_MAX_LOG_BYTES) { 663 xfs_warn(mp, 664 "log size %lld bytes too large, maximum size is %lld bytes", 665 XFS_FSB_TO_B(mp, mp->m_sb.sb_logblocks), 666 XFS_MAX_LOG_BYTES); 667 error = -EINVAL; 668 } 669 if (error) { 670 if (xfs_sb_version_hascrc(&mp->m_sb)) { 671 xfs_crit(mp, "AAIEEE! Log failed size checks. Abort!"); 672 ASSERT(0); 673 goto out_free_log; 674 } 675 xfs_crit(mp, 676 "Log size out of supported range. Continuing onwards, but if log hangs are\n" 677 "experienced then please report this message in the bug report."); 678 } 679 680 /* 681 * Initialize the AIL now we have a log. 682 */ 683 error = xfs_trans_ail_init(mp); 684 if (error) { 685 xfs_warn(mp, "AIL initialisation failed: error %d", error); 686 goto out_free_log; 687 } 688 mp->m_log->l_ailp = mp->m_ail; 689 690 /* 691 * skip log recovery on a norecovery mount. pretend it all 692 * just worked. 693 */ 694 if (!(mp->m_flags & XFS_MOUNT_NORECOVERY)) { 695 int readonly = (mp->m_flags & XFS_MOUNT_RDONLY); 696 697 if (readonly) 698 mp->m_flags &= ~XFS_MOUNT_RDONLY; 699 700 error = xlog_recover(mp->m_log); 701 702 if (readonly) 703 mp->m_flags |= XFS_MOUNT_RDONLY; 704 if (error) { 705 xfs_warn(mp, "log mount/recovery failed: error %d", 706 error); 707 goto out_destroy_ail; 708 } 709 } 710 711 error = xfs_sysfs_init(&mp->m_log->l_kobj, &xfs_log_ktype, &mp->m_kobj, 712 "log"); 713 if (error) 714 goto out_destroy_ail; 715 716 /* Normal transactions can now occur */ 717 mp->m_log->l_flags &= ~XLOG_ACTIVE_RECOVERY; 718 719 /* 720 * Now the log has been fully initialised and we know were our 721 * space grant counters are, we can initialise the permanent ticket 722 * needed for delayed logging to work. 723 */ 724 xlog_cil_init_post_recovery(mp->m_log); 725 726 return 0; 727 728 out_destroy_ail: 729 xfs_trans_ail_destroy(mp); 730 out_free_log: 731 xlog_dealloc_log(mp->m_log); 732 out: 733 return error; 734 } 735 736 /* 737 * Finish the recovery of the file system. This is separate from the 738 * xfs_log_mount() call, because it depends on the code in xfs_mountfs() to read 739 * in the root and real-time bitmap inodes between calling xfs_log_mount() and 740 * here. 741 * 742 * If we finish recovery successfully, start the background log work. If we are 743 * not doing recovery, then we have a RO filesystem and we don't need to start 744 * it. 745 */ 746 int 747 xfs_log_mount_finish(xfs_mount_t *mp) 748 { 749 int error = 0; 750 751 if (!(mp->m_flags & XFS_MOUNT_NORECOVERY)) { 752 error = xlog_recover_finish(mp->m_log); 753 if (!error) 754 xfs_log_work_queue(mp); 755 } else { 756 ASSERT(mp->m_flags & XFS_MOUNT_RDONLY); 757 } 758 759 760 return error; 761 } 762 763 /* 764 * Final log writes as part of unmount. 765 * 766 * Mark the filesystem clean as unmount happens. Note that during relocation 767 * this routine needs to be executed as part of source-bag while the 768 * deallocation must not be done until source-end. 769 */ 770 771 /* 772 * Unmount record used to have a string "Unmount filesystem--" in the 773 * data section where the "Un" was really a magic number (XLOG_UNMOUNT_TYPE). 774 * We just write the magic number now since that particular field isn't 775 * currently architecture converted and "Unmount" is a bit foo. 776 * As far as I know, there weren't any dependencies on the old behaviour. 777 */ 778 779 int 780 xfs_log_unmount_write(xfs_mount_t *mp) 781 { 782 struct xlog *log = mp->m_log; 783 xlog_in_core_t *iclog; 784 #ifdef DEBUG 785 xlog_in_core_t *first_iclog; 786 #endif 787 xlog_ticket_t *tic = NULL; 788 xfs_lsn_t lsn; 789 int error; 790 791 /* 792 * Don't write out unmount record on read-only mounts. 793 * Or, if we are doing a forced umount (typically because of IO errors). 794 */ 795 if (mp->m_flags & XFS_MOUNT_RDONLY) 796 return 0; 797 798 error = _xfs_log_force(mp, XFS_LOG_SYNC, NULL); 799 ASSERT(error || !(XLOG_FORCED_SHUTDOWN(log))); 800 801 #ifdef DEBUG 802 first_iclog = iclog = log->l_iclog; 803 do { 804 if (!(iclog->ic_state & XLOG_STATE_IOERROR)) { 805 ASSERT(iclog->ic_state & XLOG_STATE_ACTIVE); 806 ASSERT(iclog->ic_offset == 0); 807 } 808 iclog = iclog->ic_next; 809 } while (iclog != first_iclog); 810 #endif 811 if (! (XLOG_FORCED_SHUTDOWN(log))) { 812 error = xfs_log_reserve(mp, 600, 1, &tic, 813 XFS_LOG, 0, XLOG_UNMOUNT_REC_TYPE); 814 if (!error) { 815 /* the data section must be 32 bit size aligned */ 816 struct { 817 __uint16_t magic; 818 __uint16_t pad1; 819 __uint32_t pad2; /* may as well make it 64 bits */ 820 } magic = { 821 .magic = XLOG_UNMOUNT_TYPE, 822 }; 823 struct xfs_log_iovec reg = { 824 .i_addr = &magic, 825 .i_len = sizeof(magic), 826 .i_type = XLOG_REG_TYPE_UNMOUNT, 827 }; 828 struct xfs_log_vec vec = { 829 .lv_niovecs = 1, 830 .lv_iovecp = ®, 831 }; 832 833 /* remove inited flag, and account for space used */ 834 tic->t_flags = 0; 835 tic->t_curr_res -= sizeof(magic); 836 error = xlog_write(log, &vec, tic, &lsn, 837 NULL, XLOG_UNMOUNT_TRANS); 838 /* 839 * At this point, we're umounting anyway, 840 * so there's no point in transitioning log state 841 * to IOERROR. Just continue... 842 */ 843 } 844 845 if (error) 846 xfs_alert(mp, "%s: unmount record failed", __func__); 847 848 849 spin_lock(&log->l_icloglock); 850 iclog = log->l_iclog; 851 atomic_inc(&iclog->ic_refcnt); 852 xlog_state_want_sync(log, iclog); 853 spin_unlock(&log->l_icloglock); 854 error = xlog_state_release_iclog(log, iclog); 855 856 spin_lock(&log->l_icloglock); 857 if (!(iclog->ic_state == XLOG_STATE_ACTIVE || 858 iclog->ic_state == XLOG_STATE_DIRTY)) { 859 if (!XLOG_FORCED_SHUTDOWN(log)) { 860 xlog_wait(&iclog->ic_force_wait, 861 &log->l_icloglock); 862 } else { 863 spin_unlock(&log->l_icloglock); 864 } 865 } else { 866 spin_unlock(&log->l_icloglock); 867 } 868 if (tic) { 869 trace_xfs_log_umount_write(log, tic); 870 xlog_ungrant_log_space(log, tic); 871 xfs_log_ticket_put(tic); 872 } 873 } else { 874 /* 875 * We're already in forced_shutdown mode, couldn't 876 * even attempt to write out the unmount transaction. 877 * 878 * Go through the motions of sync'ing and releasing 879 * the iclog, even though no I/O will actually happen, 880 * we need to wait for other log I/Os that may already 881 * be in progress. Do this as a separate section of 882 * code so we'll know if we ever get stuck here that 883 * we're in this odd situation of trying to unmount 884 * a file system that went into forced_shutdown as 885 * the result of an unmount.. 886 */ 887 spin_lock(&log->l_icloglock); 888 iclog = log->l_iclog; 889 atomic_inc(&iclog->ic_refcnt); 890 891 xlog_state_want_sync(log, iclog); 892 spin_unlock(&log->l_icloglock); 893 error = xlog_state_release_iclog(log, iclog); 894 895 spin_lock(&log->l_icloglock); 896 897 if ( ! ( iclog->ic_state == XLOG_STATE_ACTIVE 898 || iclog->ic_state == XLOG_STATE_DIRTY 899 || iclog->ic_state == XLOG_STATE_IOERROR) ) { 900 901 xlog_wait(&iclog->ic_force_wait, 902 &log->l_icloglock); 903 } else { 904 spin_unlock(&log->l_icloglock); 905 } 906 } 907 908 return error; 909 } /* xfs_log_unmount_write */ 910 911 /* 912 * Empty the log for unmount/freeze. 913 * 914 * To do this, we first need to shut down the background log work so it is not 915 * trying to cover the log as we clean up. We then need to unpin all objects in 916 * the log so we can then flush them out. Once they have completed their IO and 917 * run the callbacks removing themselves from the AIL, we can write the unmount 918 * record. 919 */ 920 void 921 xfs_log_quiesce( 922 struct xfs_mount *mp) 923 { 924 cancel_delayed_work_sync(&mp->m_log->l_work); 925 xfs_log_force(mp, XFS_LOG_SYNC); 926 927 /* 928 * The superblock buffer is uncached and while xfs_ail_push_all_sync() 929 * will push it, xfs_wait_buftarg() will not wait for it. Further, 930 * xfs_buf_iowait() cannot be used because it was pushed with the 931 * XBF_ASYNC flag set, so we need to use a lock/unlock pair to wait for 932 * the IO to complete. 933 */ 934 xfs_ail_push_all_sync(mp->m_ail); 935 xfs_wait_buftarg(mp->m_ddev_targp); 936 xfs_buf_lock(mp->m_sb_bp); 937 xfs_buf_unlock(mp->m_sb_bp); 938 939 xfs_log_unmount_write(mp); 940 } 941 942 /* 943 * Shut down and release the AIL and Log. 944 * 945 * During unmount, we need to ensure we flush all the dirty metadata objects 946 * from the AIL so that the log is empty before we write the unmount record to 947 * the log. Once this is done, we can tear down the AIL and the log. 948 */ 949 void 950 xfs_log_unmount( 951 struct xfs_mount *mp) 952 { 953 xfs_log_quiesce(mp); 954 955 xfs_trans_ail_destroy(mp); 956 957 xfs_sysfs_del(&mp->m_log->l_kobj); 958 959 xlog_dealloc_log(mp->m_log); 960 } 961 962 void 963 xfs_log_item_init( 964 struct xfs_mount *mp, 965 struct xfs_log_item *item, 966 int type, 967 const struct xfs_item_ops *ops) 968 { 969 item->li_mountp = mp; 970 item->li_ailp = mp->m_ail; 971 item->li_type = type; 972 item->li_ops = ops; 973 item->li_lv = NULL; 974 975 INIT_LIST_HEAD(&item->li_ail); 976 INIT_LIST_HEAD(&item->li_cil); 977 } 978 979 /* 980 * Wake up processes waiting for log space after we have moved the log tail. 981 */ 982 void 983 xfs_log_space_wake( 984 struct xfs_mount *mp) 985 { 986 struct xlog *log = mp->m_log; 987 int free_bytes; 988 989 if (XLOG_FORCED_SHUTDOWN(log)) 990 return; 991 992 if (!list_empty_careful(&log->l_write_head.waiters)) { 993 ASSERT(!(log->l_flags & XLOG_ACTIVE_RECOVERY)); 994 995 spin_lock(&log->l_write_head.lock); 996 free_bytes = xlog_space_left(log, &log->l_write_head.grant); 997 xlog_grant_head_wake(log, &log->l_write_head, &free_bytes); 998 spin_unlock(&log->l_write_head.lock); 999 } 1000 1001 if (!list_empty_careful(&log->l_reserve_head.waiters)) { 1002 ASSERT(!(log->l_flags & XLOG_ACTIVE_RECOVERY)); 1003 1004 spin_lock(&log->l_reserve_head.lock); 1005 free_bytes = xlog_space_left(log, &log->l_reserve_head.grant); 1006 xlog_grant_head_wake(log, &log->l_reserve_head, &free_bytes); 1007 spin_unlock(&log->l_reserve_head.lock); 1008 } 1009 } 1010 1011 /* 1012 * Determine if we have a transaction that has gone to disk that needs to be 1013 * covered. To begin the transition to the idle state firstly the log needs to 1014 * be idle. That means the CIL, the AIL and the iclogs needs to be empty before 1015 * we start attempting to cover the log. 1016 * 1017 * Only if we are then in a state where covering is needed, the caller is 1018 * informed that dummy transactions are required to move the log into the idle 1019 * state. 1020 * 1021 * If there are any items in the AIl or CIL, then we do not want to attempt to 1022 * cover the log as we may be in a situation where there isn't log space 1023 * available to run a dummy transaction and this can lead to deadlocks when the 1024 * tail of the log is pinned by an item that is modified in the CIL. Hence 1025 * there's no point in running a dummy transaction at this point because we 1026 * can't start trying to idle the log until both the CIL and AIL are empty. 1027 */ 1028 int 1029 xfs_log_need_covered(xfs_mount_t *mp) 1030 { 1031 struct xlog *log = mp->m_log; 1032 int needed = 0; 1033 1034 if (!xfs_fs_writable(mp)) 1035 return 0; 1036 1037 if (!xlog_cil_empty(log)) 1038 return 0; 1039 1040 spin_lock(&log->l_icloglock); 1041 switch (log->l_covered_state) { 1042 case XLOG_STATE_COVER_DONE: 1043 case XLOG_STATE_COVER_DONE2: 1044 case XLOG_STATE_COVER_IDLE: 1045 break; 1046 case XLOG_STATE_COVER_NEED: 1047 case XLOG_STATE_COVER_NEED2: 1048 if (xfs_ail_min_lsn(log->l_ailp)) 1049 break; 1050 if (!xlog_iclogs_empty(log)) 1051 break; 1052 1053 needed = 1; 1054 if (log->l_covered_state == XLOG_STATE_COVER_NEED) 1055 log->l_covered_state = XLOG_STATE_COVER_DONE; 1056 else 1057 log->l_covered_state = XLOG_STATE_COVER_DONE2; 1058 break; 1059 default: 1060 needed = 1; 1061 break; 1062 } 1063 spin_unlock(&log->l_icloglock); 1064 return needed; 1065 } 1066 1067 /* 1068 * We may be holding the log iclog lock upon entering this routine. 1069 */ 1070 xfs_lsn_t 1071 xlog_assign_tail_lsn_locked( 1072 struct xfs_mount *mp) 1073 { 1074 struct xlog *log = mp->m_log; 1075 struct xfs_log_item *lip; 1076 xfs_lsn_t tail_lsn; 1077 1078 assert_spin_locked(&mp->m_ail->xa_lock); 1079 1080 /* 1081 * To make sure we always have a valid LSN for the log tail we keep 1082 * track of the last LSN which was committed in log->l_last_sync_lsn, 1083 * and use that when the AIL was empty. 1084 */ 1085 lip = xfs_ail_min(mp->m_ail); 1086 if (lip) 1087 tail_lsn = lip->li_lsn; 1088 else 1089 tail_lsn = atomic64_read(&log->l_last_sync_lsn); 1090 trace_xfs_log_assign_tail_lsn(log, tail_lsn); 1091 atomic64_set(&log->l_tail_lsn, tail_lsn); 1092 return tail_lsn; 1093 } 1094 1095 xfs_lsn_t 1096 xlog_assign_tail_lsn( 1097 struct xfs_mount *mp) 1098 { 1099 xfs_lsn_t tail_lsn; 1100 1101 spin_lock(&mp->m_ail->xa_lock); 1102 tail_lsn = xlog_assign_tail_lsn_locked(mp); 1103 spin_unlock(&mp->m_ail->xa_lock); 1104 1105 return tail_lsn; 1106 } 1107 1108 /* 1109 * Return the space in the log between the tail and the head. The head 1110 * is passed in the cycle/bytes formal parms. In the special case where 1111 * the reserve head has wrapped passed the tail, this calculation is no 1112 * longer valid. In this case, just return 0 which means there is no space 1113 * in the log. This works for all places where this function is called 1114 * with the reserve head. Of course, if the write head were to ever 1115 * wrap the tail, we should blow up. Rather than catch this case here, 1116 * we depend on other ASSERTions in other parts of the code. XXXmiken 1117 * 1118 * This code also handles the case where the reservation head is behind 1119 * the tail. The details of this case are described below, but the end 1120 * result is that we return the size of the log as the amount of space left. 1121 */ 1122 STATIC int 1123 xlog_space_left( 1124 struct xlog *log, 1125 atomic64_t *head) 1126 { 1127 int free_bytes; 1128 int tail_bytes; 1129 int tail_cycle; 1130 int head_cycle; 1131 int head_bytes; 1132 1133 xlog_crack_grant_head(head, &head_cycle, &head_bytes); 1134 xlog_crack_atomic_lsn(&log->l_tail_lsn, &tail_cycle, &tail_bytes); 1135 tail_bytes = BBTOB(tail_bytes); 1136 if (tail_cycle == head_cycle && head_bytes >= tail_bytes) 1137 free_bytes = log->l_logsize - (head_bytes - tail_bytes); 1138 else if (tail_cycle + 1 < head_cycle) 1139 return 0; 1140 else if (tail_cycle < head_cycle) { 1141 ASSERT(tail_cycle == (head_cycle - 1)); 1142 free_bytes = tail_bytes - head_bytes; 1143 } else { 1144 /* 1145 * The reservation head is behind the tail. 1146 * In this case we just want to return the size of the 1147 * log as the amount of space left. 1148 */ 1149 xfs_alert(log->l_mp, 1150 "xlog_space_left: head behind tail\n" 1151 " tail_cycle = %d, tail_bytes = %d\n" 1152 " GH cycle = %d, GH bytes = %d", 1153 tail_cycle, tail_bytes, head_cycle, head_bytes); 1154 ASSERT(0); 1155 free_bytes = log->l_logsize; 1156 } 1157 return free_bytes; 1158 } 1159 1160 1161 /* 1162 * Log function which is called when an io completes. 1163 * 1164 * The log manager needs its own routine, in order to control what 1165 * happens with the buffer after the write completes. 1166 */ 1167 void 1168 xlog_iodone(xfs_buf_t *bp) 1169 { 1170 struct xlog_in_core *iclog = bp->b_fspriv; 1171 struct xlog *l = iclog->ic_log; 1172 int aborted = 0; 1173 1174 /* 1175 * Race to shutdown the filesystem if we see an error. 1176 */ 1177 if (XFS_TEST_ERROR(bp->b_error, l->l_mp, 1178 XFS_ERRTAG_IODONE_IOERR, XFS_RANDOM_IODONE_IOERR)) { 1179 xfs_buf_ioerror_alert(bp, __func__); 1180 xfs_buf_stale(bp); 1181 xfs_force_shutdown(l->l_mp, SHUTDOWN_LOG_IO_ERROR); 1182 /* 1183 * This flag will be propagated to the trans-committed 1184 * callback routines to let them know that the log-commit 1185 * didn't succeed. 1186 */ 1187 aborted = XFS_LI_ABORTED; 1188 } else if (iclog->ic_state & XLOG_STATE_IOERROR) { 1189 aborted = XFS_LI_ABORTED; 1190 } 1191 1192 /* log I/O is always issued ASYNC */ 1193 ASSERT(XFS_BUF_ISASYNC(bp)); 1194 xlog_state_done_syncing(iclog, aborted); 1195 1196 /* 1197 * drop the buffer lock now that we are done. Nothing references 1198 * the buffer after this, so an unmount waiting on this lock can now 1199 * tear it down safely. As such, it is unsafe to reference the buffer 1200 * (bp) after the unlock as we could race with it being freed. 1201 */ 1202 xfs_buf_unlock(bp); 1203 } 1204 1205 /* 1206 * Return size of each in-core log record buffer. 1207 * 1208 * All machines get 8 x 32kB buffers by default, unless tuned otherwise. 1209 * 1210 * If the filesystem blocksize is too large, we may need to choose a 1211 * larger size since the directory code currently logs entire blocks. 1212 */ 1213 1214 STATIC void 1215 xlog_get_iclog_buffer_size( 1216 struct xfs_mount *mp, 1217 struct xlog *log) 1218 { 1219 int size; 1220 int xhdrs; 1221 1222 if (mp->m_logbufs <= 0) 1223 log->l_iclog_bufs = XLOG_MAX_ICLOGS; 1224 else 1225 log->l_iclog_bufs = mp->m_logbufs; 1226 1227 /* 1228 * Buffer size passed in from mount system call. 1229 */ 1230 if (mp->m_logbsize > 0) { 1231 size = log->l_iclog_size = mp->m_logbsize; 1232 log->l_iclog_size_log = 0; 1233 while (size != 1) { 1234 log->l_iclog_size_log++; 1235 size >>= 1; 1236 } 1237 1238 if (xfs_sb_version_haslogv2(&mp->m_sb)) { 1239 /* # headers = size / 32k 1240 * one header holds cycles from 32k of data 1241 */ 1242 1243 xhdrs = mp->m_logbsize / XLOG_HEADER_CYCLE_SIZE; 1244 if (mp->m_logbsize % XLOG_HEADER_CYCLE_SIZE) 1245 xhdrs++; 1246 log->l_iclog_hsize = xhdrs << BBSHIFT; 1247 log->l_iclog_heads = xhdrs; 1248 } else { 1249 ASSERT(mp->m_logbsize <= XLOG_BIG_RECORD_BSIZE); 1250 log->l_iclog_hsize = BBSIZE; 1251 log->l_iclog_heads = 1; 1252 } 1253 goto done; 1254 } 1255 1256 /* All machines use 32kB buffers by default. */ 1257 log->l_iclog_size = XLOG_BIG_RECORD_BSIZE; 1258 log->l_iclog_size_log = XLOG_BIG_RECORD_BSHIFT; 1259 1260 /* the default log size is 16k or 32k which is one header sector */ 1261 log->l_iclog_hsize = BBSIZE; 1262 log->l_iclog_heads = 1; 1263 1264 done: 1265 /* are we being asked to make the sizes selected above visible? */ 1266 if (mp->m_logbufs == 0) 1267 mp->m_logbufs = log->l_iclog_bufs; 1268 if (mp->m_logbsize == 0) 1269 mp->m_logbsize = log->l_iclog_size; 1270 } /* xlog_get_iclog_buffer_size */ 1271 1272 1273 void 1274 xfs_log_work_queue( 1275 struct xfs_mount *mp) 1276 { 1277 queue_delayed_work(mp->m_log_workqueue, &mp->m_log->l_work, 1278 msecs_to_jiffies(xfs_syncd_centisecs * 10)); 1279 } 1280 1281 /* 1282 * Every sync period we need to unpin all items in the AIL and push them to 1283 * disk. If there is nothing dirty, then we might need to cover the log to 1284 * indicate that the filesystem is idle. 1285 */ 1286 void 1287 xfs_log_worker( 1288 struct work_struct *work) 1289 { 1290 struct xlog *log = container_of(to_delayed_work(work), 1291 struct xlog, l_work); 1292 struct xfs_mount *mp = log->l_mp; 1293 1294 /* dgc: errors ignored - not fatal and nowhere to report them */ 1295 if (xfs_log_need_covered(mp)) 1296 xfs_fs_log_dummy(mp); 1297 else 1298 xfs_log_force(mp, 0); 1299 1300 /* start pushing all the metadata that is currently dirty */ 1301 xfs_ail_push_all(mp->m_ail); 1302 1303 /* queue us up again */ 1304 xfs_log_work_queue(mp); 1305 } 1306 1307 /* 1308 * This routine initializes some of the log structure for a given mount point. 1309 * Its primary purpose is to fill in enough, so recovery can occur. However, 1310 * some other stuff may be filled in too. 1311 */ 1312 STATIC struct xlog * 1313 xlog_alloc_log( 1314 struct xfs_mount *mp, 1315 struct xfs_buftarg *log_target, 1316 xfs_daddr_t blk_offset, 1317 int num_bblks) 1318 { 1319 struct xlog *log; 1320 xlog_rec_header_t *head; 1321 xlog_in_core_t **iclogp; 1322 xlog_in_core_t *iclog, *prev_iclog=NULL; 1323 xfs_buf_t *bp; 1324 int i; 1325 int error = -ENOMEM; 1326 uint log2_size = 0; 1327 1328 log = kmem_zalloc(sizeof(struct xlog), KM_MAYFAIL); 1329 if (!log) { 1330 xfs_warn(mp, "Log allocation failed: No memory!"); 1331 goto out; 1332 } 1333 1334 log->l_mp = mp; 1335 log->l_targ = log_target; 1336 log->l_logsize = BBTOB(num_bblks); 1337 log->l_logBBstart = blk_offset; 1338 log->l_logBBsize = num_bblks; 1339 log->l_covered_state = XLOG_STATE_COVER_IDLE; 1340 log->l_flags |= XLOG_ACTIVE_RECOVERY; 1341 INIT_DELAYED_WORK(&log->l_work, xfs_log_worker); 1342 1343 log->l_prev_block = -1; 1344 /* log->l_tail_lsn = 0x100000000LL; cycle = 1; current block = 0 */ 1345 xlog_assign_atomic_lsn(&log->l_tail_lsn, 1, 0); 1346 xlog_assign_atomic_lsn(&log->l_last_sync_lsn, 1, 0); 1347 log->l_curr_cycle = 1; /* 0 is bad since this is initial value */ 1348 1349 xlog_grant_head_init(&log->l_reserve_head); 1350 xlog_grant_head_init(&log->l_write_head); 1351 1352 error = -EFSCORRUPTED; 1353 if (xfs_sb_version_hassector(&mp->m_sb)) { 1354 log2_size = mp->m_sb.sb_logsectlog; 1355 if (log2_size < BBSHIFT) { 1356 xfs_warn(mp, "Log sector size too small (0x%x < 0x%x)", 1357 log2_size, BBSHIFT); 1358 goto out_free_log; 1359 } 1360 1361 log2_size -= BBSHIFT; 1362 if (log2_size > mp->m_sectbb_log) { 1363 xfs_warn(mp, "Log sector size too large (0x%x > 0x%x)", 1364 log2_size, mp->m_sectbb_log); 1365 goto out_free_log; 1366 } 1367 1368 /* for larger sector sizes, must have v2 or external log */ 1369 if (log2_size && log->l_logBBstart > 0 && 1370 !xfs_sb_version_haslogv2(&mp->m_sb)) { 1371 xfs_warn(mp, 1372 "log sector size (0x%x) invalid for configuration.", 1373 log2_size); 1374 goto out_free_log; 1375 } 1376 } 1377 log->l_sectBBsize = 1 << log2_size; 1378 1379 xlog_get_iclog_buffer_size(mp, log); 1380 1381 /* 1382 * Use a NULL block for the extra log buffer used during splits so that 1383 * it will trigger errors if we ever try to do IO on it without first 1384 * having set it up properly. 1385 */ 1386 error = -ENOMEM; 1387 bp = xfs_buf_alloc(mp->m_logdev_targp, XFS_BUF_DADDR_NULL, 1388 BTOBB(log->l_iclog_size), 0); 1389 if (!bp) 1390 goto out_free_log; 1391 1392 /* 1393 * The iclogbuf buffer locks are held over IO but we are not going to do 1394 * IO yet. Hence unlock the buffer so that the log IO path can grab it 1395 * when appropriately. 1396 */ 1397 ASSERT(xfs_buf_islocked(bp)); 1398 xfs_buf_unlock(bp); 1399 1400 bp->b_iodone = xlog_iodone; 1401 log->l_xbuf = bp; 1402 1403 spin_lock_init(&log->l_icloglock); 1404 init_waitqueue_head(&log->l_flush_wait); 1405 1406 iclogp = &log->l_iclog; 1407 /* 1408 * The amount of memory to allocate for the iclog structure is 1409 * rather funky due to the way the structure is defined. It is 1410 * done this way so that we can use different sizes for machines 1411 * with different amounts of memory. See the definition of 1412 * xlog_in_core_t in xfs_log_priv.h for details. 1413 */ 1414 ASSERT(log->l_iclog_size >= 4096); 1415 for (i=0; i < log->l_iclog_bufs; i++) { 1416 *iclogp = kmem_zalloc(sizeof(xlog_in_core_t), KM_MAYFAIL); 1417 if (!*iclogp) 1418 goto out_free_iclog; 1419 1420 iclog = *iclogp; 1421 iclog->ic_prev = prev_iclog; 1422 prev_iclog = iclog; 1423 1424 bp = xfs_buf_get_uncached(mp->m_logdev_targp, 1425 BTOBB(log->l_iclog_size), 0); 1426 if (!bp) 1427 goto out_free_iclog; 1428 1429 ASSERT(xfs_buf_islocked(bp)); 1430 xfs_buf_unlock(bp); 1431 1432 bp->b_iodone = xlog_iodone; 1433 iclog->ic_bp = bp; 1434 iclog->ic_data = bp->b_addr; 1435 #ifdef DEBUG 1436 log->l_iclog_bak[i] = (xfs_caddr_t)&(iclog->ic_header); 1437 #endif 1438 head = &iclog->ic_header; 1439 memset(head, 0, sizeof(xlog_rec_header_t)); 1440 head->h_magicno = cpu_to_be32(XLOG_HEADER_MAGIC_NUM); 1441 head->h_version = cpu_to_be32( 1442 xfs_sb_version_haslogv2(&log->l_mp->m_sb) ? 2 : 1); 1443 head->h_size = cpu_to_be32(log->l_iclog_size); 1444 /* new fields */ 1445 head->h_fmt = cpu_to_be32(XLOG_FMT); 1446 memcpy(&head->h_fs_uuid, &mp->m_sb.sb_uuid, sizeof(uuid_t)); 1447 1448 iclog->ic_size = BBTOB(bp->b_length) - log->l_iclog_hsize; 1449 iclog->ic_state = XLOG_STATE_ACTIVE; 1450 iclog->ic_log = log; 1451 atomic_set(&iclog->ic_refcnt, 0); 1452 spin_lock_init(&iclog->ic_callback_lock); 1453 iclog->ic_callback_tail = &(iclog->ic_callback); 1454 iclog->ic_datap = (char *)iclog->ic_data + log->l_iclog_hsize; 1455 1456 init_waitqueue_head(&iclog->ic_force_wait); 1457 init_waitqueue_head(&iclog->ic_write_wait); 1458 1459 iclogp = &iclog->ic_next; 1460 } 1461 *iclogp = log->l_iclog; /* complete ring */ 1462 log->l_iclog->ic_prev = prev_iclog; /* re-write 1st prev ptr */ 1463 1464 error = xlog_cil_init(log); 1465 if (error) 1466 goto out_free_iclog; 1467 return log; 1468 1469 out_free_iclog: 1470 for (iclog = log->l_iclog; iclog; iclog = prev_iclog) { 1471 prev_iclog = iclog->ic_next; 1472 if (iclog->ic_bp) 1473 xfs_buf_free(iclog->ic_bp); 1474 kmem_free(iclog); 1475 } 1476 spinlock_destroy(&log->l_icloglock); 1477 xfs_buf_free(log->l_xbuf); 1478 out_free_log: 1479 kmem_free(log); 1480 out: 1481 return ERR_PTR(error); 1482 } /* xlog_alloc_log */ 1483 1484 1485 /* 1486 * Write out the commit record of a transaction associated with the given 1487 * ticket. Return the lsn of the commit record. 1488 */ 1489 STATIC int 1490 xlog_commit_record( 1491 struct xlog *log, 1492 struct xlog_ticket *ticket, 1493 struct xlog_in_core **iclog, 1494 xfs_lsn_t *commitlsnp) 1495 { 1496 struct xfs_mount *mp = log->l_mp; 1497 int error; 1498 struct xfs_log_iovec reg = { 1499 .i_addr = NULL, 1500 .i_len = 0, 1501 .i_type = XLOG_REG_TYPE_COMMIT, 1502 }; 1503 struct xfs_log_vec vec = { 1504 .lv_niovecs = 1, 1505 .lv_iovecp = ®, 1506 }; 1507 1508 ASSERT_ALWAYS(iclog); 1509 error = xlog_write(log, &vec, ticket, commitlsnp, iclog, 1510 XLOG_COMMIT_TRANS); 1511 if (error) 1512 xfs_force_shutdown(mp, SHUTDOWN_LOG_IO_ERROR); 1513 return error; 1514 } 1515 1516 /* 1517 * Push on the buffer cache code if we ever use more than 75% of the on-disk 1518 * log space. This code pushes on the lsn which would supposedly free up 1519 * the 25% which we want to leave free. We may need to adopt a policy which 1520 * pushes on an lsn which is further along in the log once we reach the high 1521 * water mark. In this manner, we would be creating a low water mark. 1522 */ 1523 STATIC void 1524 xlog_grant_push_ail( 1525 struct xlog *log, 1526 int need_bytes) 1527 { 1528 xfs_lsn_t threshold_lsn = 0; 1529 xfs_lsn_t last_sync_lsn; 1530 int free_blocks; 1531 int free_bytes; 1532 int threshold_block; 1533 int threshold_cycle; 1534 int free_threshold; 1535 1536 ASSERT(BTOBB(need_bytes) < log->l_logBBsize); 1537 1538 free_bytes = xlog_space_left(log, &log->l_reserve_head.grant); 1539 free_blocks = BTOBBT(free_bytes); 1540 1541 /* 1542 * Set the threshold for the minimum number of free blocks in the 1543 * log to the maximum of what the caller needs, one quarter of the 1544 * log, and 256 blocks. 1545 */ 1546 free_threshold = BTOBB(need_bytes); 1547 free_threshold = MAX(free_threshold, (log->l_logBBsize >> 2)); 1548 free_threshold = MAX(free_threshold, 256); 1549 if (free_blocks >= free_threshold) 1550 return; 1551 1552 xlog_crack_atomic_lsn(&log->l_tail_lsn, &threshold_cycle, 1553 &threshold_block); 1554 threshold_block += free_threshold; 1555 if (threshold_block >= log->l_logBBsize) { 1556 threshold_block -= log->l_logBBsize; 1557 threshold_cycle += 1; 1558 } 1559 threshold_lsn = xlog_assign_lsn(threshold_cycle, 1560 threshold_block); 1561 /* 1562 * Don't pass in an lsn greater than the lsn of the last 1563 * log record known to be on disk. Use a snapshot of the last sync lsn 1564 * so that it doesn't change between the compare and the set. 1565 */ 1566 last_sync_lsn = atomic64_read(&log->l_last_sync_lsn); 1567 if (XFS_LSN_CMP(threshold_lsn, last_sync_lsn) > 0) 1568 threshold_lsn = last_sync_lsn; 1569 1570 /* 1571 * Get the transaction layer to kick the dirty buffers out to 1572 * disk asynchronously. No point in trying to do this if 1573 * the filesystem is shutting down. 1574 */ 1575 if (!XLOG_FORCED_SHUTDOWN(log)) 1576 xfs_ail_push(log->l_ailp, threshold_lsn); 1577 } 1578 1579 /* 1580 * Stamp cycle number in every block 1581 */ 1582 STATIC void 1583 xlog_pack_data( 1584 struct xlog *log, 1585 struct xlog_in_core *iclog, 1586 int roundoff) 1587 { 1588 int i, j, k; 1589 int size = iclog->ic_offset + roundoff; 1590 __be32 cycle_lsn; 1591 xfs_caddr_t dp; 1592 1593 cycle_lsn = CYCLE_LSN_DISK(iclog->ic_header.h_lsn); 1594 1595 dp = iclog->ic_datap; 1596 for (i = 0; i < BTOBB(size); i++) { 1597 if (i >= (XLOG_HEADER_CYCLE_SIZE / BBSIZE)) 1598 break; 1599 iclog->ic_header.h_cycle_data[i] = *(__be32 *)dp; 1600 *(__be32 *)dp = cycle_lsn; 1601 dp += BBSIZE; 1602 } 1603 1604 if (xfs_sb_version_haslogv2(&log->l_mp->m_sb)) { 1605 xlog_in_core_2_t *xhdr = iclog->ic_data; 1606 1607 for ( ; i < BTOBB(size); i++) { 1608 j = i / (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 1609 k = i % (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 1610 xhdr[j].hic_xheader.xh_cycle_data[k] = *(__be32 *)dp; 1611 *(__be32 *)dp = cycle_lsn; 1612 dp += BBSIZE; 1613 } 1614 1615 for (i = 1; i < log->l_iclog_heads; i++) 1616 xhdr[i].hic_xheader.xh_cycle = cycle_lsn; 1617 } 1618 } 1619 1620 /* 1621 * Calculate the checksum for a log buffer. 1622 * 1623 * This is a little more complicated than it should be because the various 1624 * headers and the actual data are non-contiguous. 1625 */ 1626 __le32 1627 xlog_cksum( 1628 struct xlog *log, 1629 struct xlog_rec_header *rhead, 1630 char *dp, 1631 int size) 1632 { 1633 __uint32_t crc; 1634 1635 /* first generate the crc for the record header ... */ 1636 crc = xfs_start_cksum((char *)rhead, 1637 sizeof(struct xlog_rec_header), 1638 offsetof(struct xlog_rec_header, h_crc)); 1639 1640 /* ... then for additional cycle data for v2 logs ... */ 1641 if (xfs_sb_version_haslogv2(&log->l_mp->m_sb)) { 1642 union xlog_in_core2 *xhdr = (union xlog_in_core2 *)rhead; 1643 int i; 1644 1645 for (i = 1; i < log->l_iclog_heads; i++) { 1646 crc = crc32c(crc, &xhdr[i].hic_xheader, 1647 sizeof(struct xlog_rec_ext_header)); 1648 } 1649 } 1650 1651 /* ... and finally for the payload */ 1652 crc = crc32c(crc, dp, size); 1653 1654 return xfs_end_cksum(crc); 1655 } 1656 1657 /* 1658 * The bdstrat callback function for log bufs. This gives us a central 1659 * place to trap bufs in case we get hit by a log I/O error and need to 1660 * shutdown. Actually, in practice, even when we didn't get a log error, 1661 * we transition the iclogs to IOERROR state *after* flushing all existing 1662 * iclogs to disk. This is because we don't want anymore new transactions to be 1663 * started or completed afterwards. 1664 * 1665 * We lock the iclogbufs here so that we can serialise against IO completion 1666 * during unmount. We might be processing a shutdown triggered during unmount, 1667 * and that can occur asynchronously to the unmount thread, and hence we need to 1668 * ensure that completes before tearing down the iclogbufs. Hence we need to 1669 * hold the buffer lock across the log IO to acheive that. 1670 */ 1671 STATIC int 1672 xlog_bdstrat( 1673 struct xfs_buf *bp) 1674 { 1675 struct xlog_in_core *iclog = bp->b_fspriv; 1676 1677 xfs_buf_lock(bp); 1678 if (iclog->ic_state & XLOG_STATE_IOERROR) { 1679 xfs_buf_ioerror(bp, -EIO); 1680 xfs_buf_stale(bp); 1681 xfs_buf_ioend(bp, 0); 1682 /* 1683 * It would seem logical to return EIO here, but we rely on 1684 * the log state machine to propagate I/O errors instead of 1685 * doing it here. Similarly, IO completion will unlock the 1686 * buffer, so we don't do it here. 1687 */ 1688 return 0; 1689 } 1690 1691 xfs_buf_iorequest(bp); 1692 return 0; 1693 } 1694 1695 /* 1696 * Flush out the in-core log (iclog) to the on-disk log in an asynchronous 1697 * fashion. Previously, we should have moved the current iclog 1698 * ptr in the log to point to the next available iclog. This allows further 1699 * write to continue while this code syncs out an iclog ready to go. 1700 * Before an in-core log can be written out, the data section must be scanned 1701 * to save away the 1st word of each BBSIZE block into the header. We replace 1702 * it with the current cycle count. Each BBSIZE block is tagged with the 1703 * cycle count because there in an implicit assumption that drives will 1704 * guarantee that entire 512 byte blocks get written at once. In other words, 1705 * we can't have part of a 512 byte block written and part not written. By 1706 * tagging each block, we will know which blocks are valid when recovering 1707 * after an unclean shutdown. 1708 * 1709 * This routine is single threaded on the iclog. No other thread can be in 1710 * this routine with the same iclog. Changing contents of iclog can there- 1711 * fore be done without grabbing the state machine lock. Updating the global 1712 * log will require grabbing the lock though. 1713 * 1714 * The entire log manager uses a logical block numbering scheme. Only 1715 * log_sync (and then only bwrite()) know about the fact that the log may 1716 * not start with block zero on a given device. The log block start offset 1717 * is added immediately before calling bwrite(). 1718 */ 1719 1720 STATIC int 1721 xlog_sync( 1722 struct xlog *log, 1723 struct xlog_in_core *iclog) 1724 { 1725 xfs_buf_t *bp; 1726 int i; 1727 uint count; /* byte count of bwrite */ 1728 uint count_init; /* initial count before roundup */ 1729 int roundoff; /* roundoff to BB or stripe */ 1730 int split = 0; /* split write into two regions */ 1731 int error; 1732 int v2 = xfs_sb_version_haslogv2(&log->l_mp->m_sb); 1733 int size; 1734 1735 XFS_STATS_INC(xs_log_writes); 1736 ASSERT(atomic_read(&iclog->ic_refcnt) == 0); 1737 1738 /* Add for LR header */ 1739 count_init = log->l_iclog_hsize + iclog->ic_offset; 1740 1741 /* Round out the log write size */ 1742 if (v2 && log->l_mp->m_sb.sb_logsunit > 1) { 1743 /* we have a v2 stripe unit to use */ 1744 count = XLOG_LSUNITTOB(log, XLOG_BTOLSUNIT(log, count_init)); 1745 } else { 1746 count = BBTOB(BTOBB(count_init)); 1747 } 1748 roundoff = count - count_init; 1749 ASSERT(roundoff >= 0); 1750 ASSERT((v2 && log->l_mp->m_sb.sb_logsunit > 1 && 1751 roundoff < log->l_mp->m_sb.sb_logsunit) 1752 || 1753 (log->l_mp->m_sb.sb_logsunit <= 1 && 1754 roundoff < BBTOB(1))); 1755 1756 /* move grant heads by roundoff in sync */ 1757 xlog_grant_add_space(log, &log->l_reserve_head.grant, roundoff); 1758 xlog_grant_add_space(log, &log->l_write_head.grant, roundoff); 1759 1760 /* put cycle number in every block */ 1761 xlog_pack_data(log, iclog, roundoff); 1762 1763 /* real byte length */ 1764 size = iclog->ic_offset; 1765 if (v2) 1766 size += roundoff; 1767 iclog->ic_header.h_len = cpu_to_be32(size); 1768 1769 bp = iclog->ic_bp; 1770 XFS_BUF_SET_ADDR(bp, BLOCK_LSN(be64_to_cpu(iclog->ic_header.h_lsn))); 1771 1772 XFS_STATS_ADD(xs_log_blocks, BTOBB(count)); 1773 1774 /* Do we need to split this write into 2 parts? */ 1775 if (XFS_BUF_ADDR(bp) + BTOBB(count) > log->l_logBBsize) { 1776 char *dptr; 1777 1778 split = count - (BBTOB(log->l_logBBsize - XFS_BUF_ADDR(bp))); 1779 count = BBTOB(log->l_logBBsize - XFS_BUF_ADDR(bp)); 1780 iclog->ic_bwritecnt = 2; 1781 1782 /* 1783 * Bump the cycle numbers at the start of each block in the 1784 * part of the iclog that ends up in the buffer that gets 1785 * written to the start of the log. 1786 * 1787 * Watch out for the header magic number case, though. 1788 */ 1789 dptr = (char *)&iclog->ic_header + count; 1790 for (i = 0; i < split; i += BBSIZE) { 1791 __uint32_t cycle = be32_to_cpu(*(__be32 *)dptr); 1792 if (++cycle == XLOG_HEADER_MAGIC_NUM) 1793 cycle++; 1794 *(__be32 *)dptr = cpu_to_be32(cycle); 1795 1796 dptr += BBSIZE; 1797 } 1798 } else { 1799 iclog->ic_bwritecnt = 1; 1800 } 1801 1802 /* calculcate the checksum */ 1803 iclog->ic_header.h_crc = xlog_cksum(log, &iclog->ic_header, 1804 iclog->ic_datap, size); 1805 1806 bp->b_io_length = BTOBB(count); 1807 bp->b_fspriv = iclog; 1808 XFS_BUF_ZEROFLAGS(bp); 1809 XFS_BUF_ASYNC(bp); 1810 bp->b_flags |= XBF_SYNCIO; 1811 1812 if (log->l_mp->m_flags & XFS_MOUNT_BARRIER) { 1813 bp->b_flags |= XBF_FUA; 1814 1815 /* 1816 * Flush the data device before flushing the log to make 1817 * sure all meta data written back from the AIL actually made 1818 * it to disk before stamping the new log tail LSN into the 1819 * log buffer. For an external log we need to issue the 1820 * flush explicitly, and unfortunately synchronously here; 1821 * for an internal log we can simply use the block layer 1822 * state machine for preflushes. 1823 */ 1824 if (log->l_mp->m_logdev_targp != log->l_mp->m_ddev_targp) 1825 xfs_blkdev_issue_flush(log->l_mp->m_ddev_targp); 1826 else 1827 bp->b_flags |= XBF_FLUSH; 1828 } 1829 1830 ASSERT(XFS_BUF_ADDR(bp) <= log->l_logBBsize-1); 1831 ASSERT(XFS_BUF_ADDR(bp) + BTOBB(count) <= log->l_logBBsize); 1832 1833 xlog_verify_iclog(log, iclog, count, true); 1834 1835 /* account for log which doesn't start at block #0 */ 1836 XFS_BUF_SET_ADDR(bp, XFS_BUF_ADDR(bp) + log->l_logBBstart); 1837 /* 1838 * Don't call xfs_bwrite here. We do log-syncs even when the filesystem 1839 * is shutting down. 1840 */ 1841 XFS_BUF_WRITE(bp); 1842 1843 error = xlog_bdstrat(bp); 1844 if (error) { 1845 xfs_buf_ioerror_alert(bp, "xlog_sync"); 1846 return error; 1847 } 1848 if (split) { 1849 bp = iclog->ic_log->l_xbuf; 1850 XFS_BUF_SET_ADDR(bp, 0); /* logical 0 */ 1851 xfs_buf_associate_memory(bp, 1852 (char *)&iclog->ic_header + count, split); 1853 bp->b_fspriv = iclog; 1854 XFS_BUF_ZEROFLAGS(bp); 1855 XFS_BUF_ASYNC(bp); 1856 bp->b_flags |= XBF_SYNCIO; 1857 if (log->l_mp->m_flags & XFS_MOUNT_BARRIER) 1858 bp->b_flags |= XBF_FUA; 1859 1860 ASSERT(XFS_BUF_ADDR(bp) <= log->l_logBBsize-1); 1861 ASSERT(XFS_BUF_ADDR(bp) + BTOBB(count) <= log->l_logBBsize); 1862 1863 /* account for internal log which doesn't start at block #0 */ 1864 XFS_BUF_SET_ADDR(bp, XFS_BUF_ADDR(bp) + log->l_logBBstart); 1865 XFS_BUF_WRITE(bp); 1866 error = xlog_bdstrat(bp); 1867 if (error) { 1868 xfs_buf_ioerror_alert(bp, "xlog_sync (split)"); 1869 return error; 1870 } 1871 } 1872 return 0; 1873 } /* xlog_sync */ 1874 1875 /* 1876 * Deallocate a log structure 1877 */ 1878 STATIC void 1879 xlog_dealloc_log( 1880 struct xlog *log) 1881 { 1882 xlog_in_core_t *iclog, *next_iclog; 1883 int i; 1884 1885 xlog_cil_destroy(log); 1886 1887 /* 1888 * Cycle all the iclogbuf locks to make sure all log IO completion 1889 * is done before we tear down these buffers. 1890 */ 1891 iclog = log->l_iclog; 1892 for (i = 0; i < log->l_iclog_bufs; i++) { 1893 xfs_buf_lock(iclog->ic_bp); 1894 xfs_buf_unlock(iclog->ic_bp); 1895 iclog = iclog->ic_next; 1896 } 1897 1898 /* 1899 * Always need to ensure that the extra buffer does not point to memory 1900 * owned by another log buffer before we free it. Also, cycle the lock 1901 * first to ensure we've completed IO on it. 1902 */ 1903 xfs_buf_lock(log->l_xbuf); 1904 xfs_buf_unlock(log->l_xbuf); 1905 xfs_buf_set_empty(log->l_xbuf, BTOBB(log->l_iclog_size)); 1906 xfs_buf_free(log->l_xbuf); 1907 1908 iclog = log->l_iclog; 1909 for (i = 0; i < log->l_iclog_bufs; i++) { 1910 xfs_buf_free(iclog->ic_bp); 1911 next_iclog = iclog->ic_next; 1912 kmem_free(iclog); 1913 iclog = next_iclog; 1914 } 1915 spinlock_destroy(&log->l_icloglock); 1916 1917 log->l_mp->m_log = NULL; 1918 kmem_free(log); 1919 } /* xlog_dealloc_log */ 1920 1921 /* 1922 * Update counters atomically now that memcpy is done. 1923 */ 1924 /* ARGSUSED */ 1925 static inline void 1926 xlog_state_finish_copy( 1927 struct xlog *log, 1928 struct xlog_in_core *iclog, 1929 int record_cnt, 1930 int copy_bytes) 1931 { 1932 spin_lock(&log->l_icloglock); 1933 1934 be32_add_cpu(&iclog->ic_header.h_num_logops, record_cnt); 1935 iclog->ic_offset += copy_bytes; 1936 1937 spin_unlock(&log->l_icloglock); 1938 } /* xlog_state_finish_copy */ 1939 1940 1941 1942 1943 /* 1944 * print out info relating to regions written which consume 1945 * the reservation 1946 */ 1947 void 1948 xlog_print_tic_res( 1949 struct xfs_mount *mp, 1950 struct xlog_ticket *ticket) 1951 { 1952 uint i; 1953 uint ophdr_spc = ticket->t_res_num_ophdrs * (uint)sizeof(xlog_op_header_t); 1954 1955 /* match with XLOG_REG_TYPE_* in xfs_log.h */ 1956 static char *res_type_str[XLOG_REG_TYPE_MAX] = { 1957 "bformat", 1958 "bchunk", 1959 "efi_format", 1960 "efd_format", 1961 "iformat", 1962 "icore", 1963 "iext", 1964 "ibroot", 1965 "ilocal", 1966 "iattr_ext", 1967 "iattr_broot", 1968 "iattr_local", 1969 "qformat", 1970 "dquot", 1971 "quotaoff", 1972 "LR header", 1973 "unmount", 1974 "commit", 1975 "trans header" 1976 }; 1977 static char *trans_type_str[XFS_TRANS_TYPE_MAX] = { 1978 "SETATTR_NOT_SIZE", 1979 "SETATTR_SIZE", 1980 "INACTIVE", 1981 "CREATE", 1982 "CREATE_TRUNC", 1983 "TRUNCATE_FILE", 1984 "REMOVE", 1985 "LINK", 1986 "RENAME", 1987 "MKDIR", 1988 "RMDIR", 1989 "SYMLINK", 1990 "SET_DMATTRS", 1991 "GROWFS", 1992 "STRAT_WRITE", 1993 "DIOSTRAT", 1994 "WRITE_SYNC", 1995 "WRITEID", 1996 "ADDAFORK", 1997 "ATTRINVAL", 1998 "ATRUNCATE", 1999 "ATTR_SET", 2000 "ATTR_RM", 2001 "ATTR_FLAG", 2002 "CLEAR_AGI_BUCKET", 2003 "QM_SBCHANGE", 2004 "DUMMY1", 2005 "DUMMY2", 2006 "QM_QUOTAOFF", 2007 "QM_DQALLOC", 2008 "QM_SETQLIM", 2009 "QM_DQCLUSTER", 2010 "QM_QINOCREATE", 2011 "QM_QUOTAOFF_END", 2012 "SB_UNIT", 2013 "FSYNC_TS", 2014 "GROWFSRT_ALLOC", 2015 "GROWFSRT_ZERO", 2016 "GROWFSRT_FREE", 2017 "SWAPEXT" 2018 }; 2019 2020 xfs_warn(mp, 2021 "xlog_write: reservation summary:\n" 2022 " trans type = %s (%u)\n" 2023 " unit res = %d bytes\n" 2024 " current res = %d bytes\n" 2025 " total reg = %u bytes (o/flow = %u bytes)\n" 2026 " ophdrs = %u (ophdr space = %u bytes)\n" 2027 " ophdr + reg = %u bytes\n" 2028 " num regions = %u\n", 2029 ((ticket->t_trans_type <= 0 || 2030 ticket->t_trans_type > XFS_TRANS_TYPE_MAX) ? 2031 "bad-trans-type" : trans_type_str[ticket->t_trans_type-1]), 2032 ticket->t_trans_type, 2033 ticket->t_unit_res, 2034 ticket->t_curr_res, 2035 ticket->t_res_arr_sum, ticket->t_res_o_flow, 2036 ticket->t_res_num_ophdrs, ophdr_spc, 2037 ticket->t_res_arr_sum + 2038 ticket->t_res_o_flow + ophdr_spc, 2039 ticket->t_res_num); 2040 2041 for (i = 0; i < ticket->t_res_num; i++) { 2042 uint r_type = ticket->t_res_arr[i].r_type; 2043 xfs_warn(mp, "region[%u]: %s - %u bytes", i, 2044 ((r_type <= 0 || r_type > XLOG_REG_TYPE_MAX) ? 2045 "bad-rtype" : res_type_str[r_type-1]), 2046 ticket->t_res_arr[i].r_len); 2047 } 2048 2049 xfs_alert_tag(mp, XFS_PTAG_LOGRES, 2050 "xlog_write: reservation ran out. Need to up reservation"); 2051 xfs_force_shutdown(mp, SHUTDOWN_LOG_IO_ERROR); 2052 } 2053 2054 /* 2055 * Calculate the potential space needed by the log vector. Each region gets 2056 * its own xlog_op_header_t and may need to be double word aligned. 2057 */ 2058 static int 2059 xlog_write_calc_vec_length( 2060 struct xlog_ticket *ticket, 2061 struct xfs_log_vec *log_vector) 2062 { 2063 struct xfs_log_vec *lv; 2064 int headers = 0; 2065 int len = 0; 2066 int i; 2067 2068 /* acct for start rec of xact */ 2069 if (ticket->t_flags & XLOG_TIC_INITED) 2070 headers++; 2071 2072 for (lv = log_vector; lv; lv = lv->lv_next) { 2073 /* we don't write ordered log vectors */ 2074 if (lv->lv_buf_len == XFS_LOG_VEC_ORDERED) 2075 continue; 2076 2077 headers += lv->lv_niovecs; 2078 2079 for (i = 0; i < lv->lv_niovecs; i++) { 2080 struct xfs_log_iovec *vecp = &lv->lv_iovecp[i]; 2081 2082 len += vecp->i_len; 2083 xlog_tic_add_region(ticket, vecp->i_len, vecp->i_type); 2084 } 2085 } 2086 2087 ticket->t_res_num_ophdrs += headers; 2088 len += headers * sizeof(struct xlog_op_header); 2089 2090 return len; 2091 } 2092 2093 /* 2094 * If first write for transaction, insert start record We can't be trying to 2095 * commit if we are inited. We can't have any "partial_copy" if we are inited. 2096 */ 2097 static int 2098 xlog_write_start_rec( 2099 struct xlog_op_header *ophdr, 2100 struct xlog_ticket *ticket) 2101 { 2102 if (!(ticket->t_flags & XLOG_TIC_INITED)) 2103 return 0; 2104 2105 ophdr->oh_tid = cpu_to_be32(ticket->t_tid); 2106 ophdr->oh_clientid = ticket->t_clientid; 2107 ophdr->oh_len = 0; 2108 ophdr->oh_flags = XLOG_START_TRANS; 2109 ophdr->oh_res2 = 0; 2110 2111 ticket->t_flags &= ~XLOG_TIC_INITED; 2112 2113 return sizeof(struct xlog_op_header); 2114 } 2115 2116 static xlog_op_header_t * 2117 xlog_write_setup_ophdr( 2118 struct xlog *log, 2119 struct xlog_op_header *ophdr, 2120 struct xlog_ticket *ticket, 2121 uint flags) 2122 { 2123 ophdr->oh_tid = cpu_to_be32(ticket->t_tid); 2124 ophdr->oh_clientid = ticket->t_clientid; 2125 ophdr->oh_res2 = 0; 2126 2127 /* are we copying a commit or unmount record? */ 2128 ophdr->oh_flags = flags; 2129 2130 /* 2131 * We've seen logs corrupted with bad transaction client ids. This 2132 * makes sure that XFS doesn't generate them on. Turn this into an EIO 2133 * and shut down the filesystem. 2134 */ 2135 switch (ophdr->oh_clientid) { 2136 case XFS_TRANSACTION: 2137 case XFS_VOLUME: 2138 case XFS_LOG: 2139 break; 2140 default: 2141 xfs_warn(log->l_mp, 2142 "Bad XFS transaction clientid 0x%x in ticket 0x%p", 2143 ophdr->oh_clientid, ticket); 2144 return NULL; 2145 } 2146 2147 return ophdr; 2148 } 2149 2150 /* 2151 * Set up the parameters of the region copy into the log. This has 2152 * to handle region write split across multiple log buffers - this 2153 * state is kept external to this function so that this code can 2154 * be written in an obvious, self documenting manner. 2155 */ 2156 static int 2157 xlog_write_setup_copy( 2158 struct xlog_ticket *ticket, 2159 struct xlog_op_header *ophdr, 2160 int space_available, 2161 int space_required, 2162 int *copy_off, 2163 int *copy_len, 2164 int *last_was_partial_copy, 2165 int *bytes_consumed) 2166 { 2167 int still_to_copy; 2168 2169 still_to_copy = space_required - *bytes_consumed; 2170 *copy_off = *bytes_consumed; 2171 2172 if (still_to_copy <= space_available) { 2173 /* write of region completes here */ 2174 *copy_len = still_to_copy; 2175 ophdr->oh_len = cpu_to_be32(*copy_len); 2176 if (*last_was_partial_copy) 2177 ophdr->oh_flags |= (XLOG_END_TRANS|XLOG_WAS_CONT_TRANS); 2178 *last_was_partial_copy = 0; 2179 *bytes_consumed = 0; 2180 return 0; 2181 } 2182 2183 /* partial write of region, needs extra log op header reservation */ 2184 *copy_len = space_available; 2185 ophdr->oh_len = cpu_to_be32(*copy_len); 2186 ophdr->oh_flags |= XLOG_CONTINUE_TRANS; 2187 if (*last_was_partial_copy) 2188 ophdr->oh_flags |= XLOG_WAS_CONT_TRANS; 2189 *bytes_consumed += *copy_len; 2190 (*last_was_partial_copy)++; 2191 2192 /* account for new log op header */ 2193 ticket->t_curr_res -= sizeof(struct xlog_op_header); 2194 ticket->t_res_num_ophdrs++; 2195 2196 return sizeof(struct xlog_op_header); 2197 } 2198 2199 static int 2200 xlog_write_copy_finish( 2201 struct xlog *log, 2202 struct xlog_in_core *iclog, 2203 uint flags, 2204 int *record_cnt, 2205 int *data_cnt, 2206 int *partial_copy, 2207 int *partial_copy_len, 2208 int log_offset, 2209 struct xlog_in_core **commit_iclog) 2210 { 2211 if (*partial_copy) { 2212 /* 2213 * This iclog has already been marked WANT_SYNC by 2214 * xlog_state_get_iclog_space. 2215 */ 2216 xlog_state_finish_copy(log, iclog, *record_cnt, *data_cnt); 2217 *record_cnt = 0; 2218 *data_cnt = 0; 2219 return xlog_state_release_iclog(log, iclog); 2220 } 2221 2222 *partial_copy = 0; 2223 *partial_copy_len = 0; 2224 2225 if (iclog->ic_size - log_offset <= sizeof(xlog_op_header_t)) { 2226 /* no more space in this iclog - push it. */ 2227 xlog_state_finish_copy(log, iclog, *record_cnt, *data_cnt); 2228 *record_cnt = 0; 2229 *data_cnt = 0; 2230 2231 spin_lock(&log->l_icloglock); 2232 xlog_state_want_sync(log, iclog); 2233 spin_unlock(&log->l_icloglock); 2234 2235 if (!commit_iclog) 2236 return xlog_state_release_iclog(log, iclog); 2237 ASSERT(flags & XLOG_COMMIT_TRANS); 2238 *commit_iclog = iclog; 2239 } 2240 2241 return 0; 2242 } 2243 2244 /* 2245 * Write some region out to in-core log 2246 * 2247 * This will be called when writing externally provided regions or when 2248 * writing out a commit record for a given transaction. 2249 * 2250 * General algorithm: 2251 * 1. Find total length of this write. This may include adding to the 2252 * lengths passed in. 2253 * 2. Check whether we violate the tickets reservation. 2254 * 3. While writing to this iclog 2255 * A. Reserve as much space in this iclog as can get 2256 * B. If this is first write, save away start lsn 2257 * C. While writing this region: 2258 * 1. If first write of transaction, write start record 2259 * 2. Write log operation header (header per region) 2260 * 3. Find out if we can fit entire region into this iclog 2261 * 4. Potentially, verify destination memcpy ptr 2262 * 5. Memcpy (partial) region 2263 * 6. If partial copy, release iclog; otherwise, continue 2264 * copying more regions into current iclog 2265 * 4. Mark want sync bit (in simulation mode) 2266 * 5. Release iclog for potential flush to on-disk log. 2267 * 2268 * ERRORS: 2269 * 1. Panic if reservation is overrun. This should never happen since 2270 * reservation amounts are generated internal to the filesystem. 2271 * NOTES: 2272 * 1. Tickets are single threaded data structures. 2273 * 2. The XLOG_END_TRANS & XLOG_CONTINUE_TRANS flags are passed down to the 2274 * syncing routine. When a single log_write region needs to span 2275 * multiple in-core logs, the XLOG_CONTINUE_TRANS bit should be set 2276 * on all log operation writes which don't contain the end of the 2277 * region. The XLOG_END_TRANS bit is used for the in-core log 2278 * operation which contains the end of the continued log_write region. 2279 * 3. When xlog_state_get_iclog_space() grabs the rest of the current iclog, 2280 * we don't really know exactly how much space will be used. As a result, 2281 * we don't update ic_offset until the end when we know exactly how many 2282 * bytes have been written out. 2283 */ 2284 int 2285 xlog_write( 2286 struct xlog *log, 2287 struct xfs_log_vec *log_vector, 2288 struct xlog_ticket *ticket, 2289 xfs_lsn_t *start_lsn, 2290 struct xlog_in_core **commit_iclog, 2291 uint flags) 2292 { 2293 struct xlog_in_core *iclog = NULL; 2294 struct xfs_log_iovec *vecp; 2295 struct xfs_log_vec *lv; 2296 int len; 2297 int index; 2298 int partial_copy = 0; 2299 int partial_copy_len = 0; 2300 int contwr = 0; 2301 int record_cnt = 0; 2302 int data_cnt = 0; 2303 int error; 2304 2305 *start_lsn = 0; 2306 2307 len = xlog_write_calc_vec_length(ticket, log_vector); 2308 2309 /* 2310 * Region headers and bytes are already accounted for. 2311 * We only need to take into account start records and 2312 * split regions in this function. 2313 */ 2314 if (ticket->t_flags & XLOG_TIC_INITED) 2315 ticket->t_curr_res -= sizeof(xlog_op_header_t); 2316 2317 /* 2318 * Commit record headers need to be accounted for. These 2319 * come in as separate writes so are easy to detect. 2320 */ 2321 if (flags & (XLOG_COMMIT_TRANS | XLOG_UNMOUNT_TRANS)) 2322 ticket->t_curr_res -= sizeof(xlog_op_header_t); 2323 2324 if (ticket->t_curr_res < 0) 2325 xlog_print_tic_res(log->l_mp, ticket); 2326 2327 index = 0; 2328 lv = log_vector; 2329 vecp = lv->lv_iovecp; 2330 while (lv && (!lv->lv_niovecs || index < lv->lv_niovecs)) { 2331 void *ptr; 2332 int log_offset; 2333 2334 error = xlog_state_get_iclog_space(log, len, &iclog, ticket, 2335 &contwr, &log_offset); 2336 if (error) 2337 return error; 2338 2339 ASSERT(log_offset <= iclog->ic_size - 1); 2340 ptr = iclog->ic_datap + log_offset; 2341 2342 /* start_lsn is the first lsn written to. That's all we need. */ 2343 if (!*start_lsn) 2344 *start_lsn = be64_to_cpu(iclog->ic_header.h_lsn); 2345 2346 /* 2347 * This loop writes out as many regions as can fit in the amount 2348 * of space which was allocated by xlog_state_get_iclog_space(). 2349 */ 2350 while (lv && (!lv->lv_niovecs || index < lv->lv_niovecs)) { 2351 struct xfs_log_iovec *reg; 2352 struct xlog_op_header *ophdr; 2353 int start_rec_copy; 2354 int copy_len; 2355 int copy_off; 2356 bool ordered = false; 2357 2358 /* ordered log vectors have no regions to write */ 2359 if (lv->lv_buf_len == XFS_LOG_VEC_ORDERED) { 2360 ASSERT(lv->lv_niovecs == 0); 2361 ordered = true; 2362 goto next_lv; 2363 } 2364 2365 reg = &vecp[index]; 2366 ASSERT(reg->i_len % sizeof(__int32_t) == 0); 2367 ASSERT((unsigned long)ptr % sizeof(__int32_t) == 0); 2368 2369 start_rec_copy = xlog_write_start_rec(ptr, ticket); 2370 if (start_rec_copy) { 2371 record_cnt++; 2372 xlog_write_adv_cnt(&ptr, &len, &log_offset, 2373 start_rec_copy); 2374 } 2375 2376 ophdr = xlog_write_setup_ophdr(log, ptr, ticket, flags); 2377 if (!ophdr) 2378 return -EIO; 2379 2380 xlog_write_adv_cnt(&ptr, &len, &log_offset, 2381 sizeof(struct xlog_op_header)); 2382 2383 len += xlog_write_setup_copy(ticket, ophdr, 2384 iclog->ic_size-log_offset, 2385 reg->i_len, 2386 ©_off, ©_len, 2387 &partial_copy, 2388 &partial_copy_len); 2389 xlog_verify_dest_ptr(log, ptr); 2390 2391 /* copy region */ 2392 ASSERT(copy_len >= 0); 2393 memcpy(ptr, reg->i_addr + copy_off, copy_len); 2394 xlog_write_adv_cnt(&ptr, &len, &log_offset, copy_len); 2395 2396 copy_len += start_rec_copy + sizeof(xlog_op_header_t); 2397 record_cnt++; 2398 data_cnt += contwr ? copy_len : 0; 2399 2400 error = xlog_write_copy_finish(log, iclog, flags, 2401 &record_cnt, &data_cnt, 2402 &partial_copy, 2403 &partial_copy_len, 2404 log_offset, 2405 commit_iclog); 2406 if (error) 2407 return error; 2408 2409 /* 2410 * if we had a partial copy, we need to get more iclog 2411 * space but we don't want to increment the region 2412 * index because there is still more is this region to 2413 * write. 2414 * 2415 * If we completed writing this region, and we flushed 2416 * the iclog (indicated by resetting of the record 2417 * count), then we also need to get more log space. If 2418 * this was the last record, though, we are done and 2419 * can just return. 2420 */ 2421 if (partial_copy) 2422 break; 2423 2424 if (++index == lv->lv_niovecs) { 2425 next_lv: 2426 lv = lv->lv_next; 2427 index = 0; 2428 if (lv) 2429 vecp = lv->lv_iovecp; 2430 } 2431 if (record_cnt == 0 && ordered == false) { 2432 if (!lv) 2433 return 0; 2434 break; 2435 } 2436 } 2437 } 2438 2439 ASSERT(len == 0); 2440 2441 xlog_state_finish_copy(log, iclog, record_cnt, data_cnt); 2442 if (!commit_iclog) 2443 return xlog_state_release_iclog(log, iclog); 2444 2445 ASSERT(flags & XLOG_COMMIT_TRANS); 2446 *commit_iclog = iclog; 2447 return 0; 2448 } 2449 2450 2451 /***************************************************************************** 2452 * 2453 * State Machine functions 2454 * 2455 ***************************************************************************** 2456 */ 2457 2458 /* Clean iclogs starting from the head. This ordering must be 2459 * maintained, so an iclog doesn't become ACTIVE beyond one that 2460 * is SYNCING. This is also required to maintain the notion that we use 2461 * a ordered wait queue to hold off would be writers to the log when every 2462 * iclog is trying to sync to disk. 2463 * 2464 * State Change: DIRTY -> ACTIVE 2465 */ 2466 STATIC void 2467 xlog_state_clean_log( 2468 struct xlog *log) 2469 { 2470 xlog_in_core_t *iclog; 2471 int changed = 0; 2472 2473 iclog = log->l_iclog; 2474 do { 2475 if (iclog->ic_state == XLOG_STATE_DIRTY) { 2476 iclog->ic_state = XLOG_STATE_ACTIVE; 2477 iclog->ic_offset = 0; 2478 ASSERT(iclog->ic_callback == NULL); 2479 /* 2480 * If the number of ops in this iclog indicate it just 2481 * contains the dummy transaction, we can 2482 * change state into IDLE (the second time around). 2483 * Otherwise we should change the state into 2484 * NEED a dummy. 2485 * We don't need to cover the dummy. 2486 */ 2487 if (!changed && 2488 (be32_to_cpu(iclog->ic_header.h_num_logops) == 2489 XLOG_COVER_OPS)) { 2490 changed = 1; 2491 } else { 2492 /* 2493 * We have two dirty iclogs so start over 2494 * This could also be num of ops indicates 2495 * this is not the dummy going out. 2496 */ 2497 changed = 2; 2498 } 2499 iclog->ic_header.h_num_logops = 0; 2500 memset(iclog->ic_header.h_cycle_data, 0, 2501 sizeof(iclog->ic_header.h_cycle_data)); 2502 iclog->ic_header.h_lsn = 0; 2503 } else if (iclog->ic_state == XLOG_STATE_ACTIVE) 2504 /* do nothing */; 2505 else 2506 break; /* stop cleaning */ 2507 iclog = iclog->ic_next; 2508 } while (iclog != log->l_iclog); 2509 2510 /* log is locked when we are called */ 2511 /* 2512 * Change state for the dummy log recording. 2513 * We usually go to NEED. But we go to NEED2 if the changed indicates 2514 * we are done writing the dummy record. 2515 * If we are done with the second dummy recored (DONE2), then 2516 * we go to IDLE. 2517 */ 2518 if (changed) { 2519 switch (log->l_covered_state) { 2520 case XLOG_STATE_COVER_IDLE: 2521 case XLOG_STATE_COVER_NEED: 2522 case XLOG_STATE_COVER_NEED2: 2523 log->l_covered_state = XLOG_STATE_COVER_NEED; 2524 break; 2525 2526 case XLOG_STATE_COVER_DONE: 2527 if (changed == 1) 2528 log->l_covered_state = XLOG_STATE_COVER_NEED2; 2529 else 2530 log->l_covered_state = XLOG_STATE_COVER_NEED; 2531 break; 2532 2533 case XLOG_STATE_COVER_DONE2: 2534 if (changed == 1) 2535 log->l_covered_state = XLOG_STATE_COVER_IDLE; 2536 else 2537 log->l_covered_state = XLOG_STATE_COVER_NEED; 2538 break; 2539 2540 default: 2541 ASSERT(0); 2542 } 2543 } 2544 } /* xlog_state_clean_log */ 2545 2546 STATIC xfs_lsn_t 2547 xlog_get_lowest_lsn( 2548 struct xlog *log) 2549 { 2550 xlog_in_core_t *lsn_log; 2551 xfs_lsn_t lowest_lsn, lsn; 2552 2553 lsn_log = log->l_iclog; 2554 lowest_lsn = 0; 2555 do { 2556 if (!(lsn_log->ic_state & (XLOG_STATE_ACTIVE|XLOG_STATE_DIRTY))) { 2557 lsn = be64_to_cpu(lsn_log->ic_header.h_lsn); 2558 if ((lsn && !lowest_lsn) || 2559 (XFS_LSN_CMP(lsn, lowest_lsn) < 0)) { 2560 lowest_lsn = lsn; 2561 } 2562 } 2563 lsn_log = lsn_log->ic_next; 2564 } while (lsn_log != log->l_iclog); 2565 return lowest_lsn; 2566 } 2567 2568 2569 STATIC void 2570 xlog_state_do_callback( 2571 struct xlog *log, 2572 int aborted, 2573 struct xlog_in_core *ciclog) 2574 { 2575 xlog_in_core_t *iclog; 2576 xlog_in_core_t *first_iclog; /* used to know when we've 2577 * processed all iclogs once */ 2578 xfs_log_callback_t *cb, *cb_next; 2579 int flushcnt = 0; 2580 xfs_lsn_t lowest_lsn; 2581 int ioerrors; /* counter: iclogs with errors */ 2582 int loopdidcallbacks; /* flag: inner loop did callbacks*/ 2583 int funcdidcallbacks; /* flag: function did callbacks */ 2584 int repeats; /* for issuing console warnings if 2585 * looping too many times */ 2586 int wake = 0; 2587 2588 spin_lock(&log->l_icloglock); 2589 first_iclog = iclog = log->l_iclog; 2590 ioerrors = 0; 2591 funcdidcallbacks = 0; 2592 repeats = 0; 2593 2594 do { 2595 /* 2596 * Scan all iclogs starting with the one pointed to by the 2597 * log. Reset this starting point each time the log is 2598 * unlocked (during callbacks). 2599 * 2600 * Keep looping through iclogs until one full pass is made 2601 * without running any callbacks. 2602 */ 2603 first_iclog = log->l_iclog; 2604 iclog = log->l_iclog; 2605 loopdidcallbacks = 0; 2606 repeats++; 2607 2608 do { 2609 2610 /* skip all iclogs in the ACTIVE & DIRTY states */ 2611 if (iclog->ic_state & 2612 (XLOG_STATE_ACTIVE|XLOG_STATE_DIRTY)) { 2613 iclog = iclog->ic_next; 2614 continue; 2615 } 2616 2617 /* 2618 * Between marking a filesystem SHUTDOWN and stopping 2619 * the log, we do flush all iclogs to disk (if there 2620 * wasn't a log I/O error). So, we do want things to 2621 * go smoothly in case of just a SHUTDOWN w/o a 2622 * LOG_IO_ERROR. 2623 */ 2624 if (!(iclog->ic_state & XLOG_STATE_IOERROR)) { 2625 /* 2626 * Can only perform callbacks in order. Since 2627 * this iclog is not in the DONE_SYNC/ 2628 * DO_CALLBACK state, we skip the rest and 2629 * just try to clean up. If we set our iclog 2630 * to DO_CALLBACK, we will not process it when 2631 * we retry since a previous iclog is in the 2632 * CALLBACK and the state cannot change since 2633 * we are holding the l_icloglock. 2634 */ 2635 if (!(iclog->ic_state & 2636 (XLOG_STATE_DONE_SYNC | 2637 XLOG_STATE_DO_CALLBACK))) { 2638 if (ciclog && (ciclog->ic_state == 2639 XLOG_STATE_DONE_SYNC)) { 2640 ciclog->ic_state = XLOG_STATE_DO_CALLBACK; 2641 } 2642 break; 2643 } 2644 /* 2645 * We now have an iclog that is in either the 2646 * DO_CALLBACK or DONE_SYNC states. The other 2647 * states (WANT_SYNC, SYNCING, or CALLBACK were 2648 * caught by the above if and are going to 2649 * clean (i.e. we aren't doing their callbacks) 2650 * see the above if. 2651 */ 2652 2653 /* 2654 * We will do one more check here to see if we 2655 * have chased our tail around. 2656 */ 2657 2658 lowest_lsn = xlog_get_lowest_lsn(log); 2659 if (lowest_lsn && 2660 XFS_LSN_CMP(lowest_lsn, 2661 be64_to_cpu(iclog->ic_header.h_lsn)) < 0) { 2662 iclog = iclog->ic_next; 2663 continue; /* Leave this iclog for 2664 * another thread */ 2665 } 2666 2667 iclog->ic_state = XLOG_STATE_CALLBACK; 2668 2669 2670 /* 2671 * Completion of a iclog IO does not imply that 2672 * a transaction has completed, as transactions 2673 * can be large enough to span many iclogs. We 2674 * cannot change the tail of the log half way 2675 * through a transaction as this may be the only 2676 * transaction in the log and moving th etail to 2677 * point to the middle of it will prevent 2678 * recovery from finding the start of the 2679 * transaction. Hence we should only update the 2680 * last_sync_lsn if this iclog contains 2681 * transaction completion callbacks on it. 2682 * 2683 * We have to do this before we drop the 2684 * icloglock to ensure we are the only one that 2685 * can update it. 2686 */ 2687 ASSERT(XFS_LSN_CMP(atomic64_read(&log->l_last_sync_lsn), 2688 be64_to_cpu(iclog->ic_header.h_lsn)) <= 0); 2689 if (iclog->ic_callback) 2690 atomic64_set(&log->l_last_sync_lsn, 2691 be64_to_cpu(iclog->ic_header.h_lsn)); 2692 2693 } else 2694 ioerrors++; 2695 2696 spin_unlock(&log->l_icloglock); 2697 2698 /* 2699 * Keep processing entries in the callback list until 2700 * we come around and it is empty. We need to 2701 * atomically see that the list is empty and change the 2702 * state to DIRTY so that we don't miss any more 2703 * callbacks being added. 2704 */ 2705 spin_lock(&iclog->ic_callback_lock); 2706 cb = iclog->ic_callback; 2707 while (cb) { 2708 iclog->ic_callback_tail = &(iclog->ic_callback); 2709 iclog->ic_callback = NULL; 2710 spin_unlock(&iclog->ic_callback_lock); 2711 2712 /* perform callbacks in the order given */ 2713 for (; cb; cb = cb_next) { 2714 cb_next = cb->cb_next; 2715 cb->cb_func(cb->cb_arg, aborted); 2716 } 2717 spin_lock(&iclog->ic_callback_lock); 2718 cb = iclog->ic_callback; 2719 } 2720 2721 loopdidcallbacks++; 2722 funcdidcallbacks++; 2723 2724 spin_lock(&log->l_icloglock); 2725 ASSERT(iclog->ic_callback == NULL); 2726 spin_unlock(&iclog->ic_callback_lock); 2727 if (!(iclog->ic_state & XLOG_STATE_IOERROR)) 2728 iclog->ic_state = XLOG_STATE_DIRTY; 2729 2730 /* 2731 * Transition from DIRTY to ACTIVE if applicable. 2732 * NOP if STATE_IOERROR. 2733 */ 2734 xlog_state_clean_log(log); 2735 2736 /* wake up threads waiting in xfs_log_force() */ 2737 wake_up_all(&iclog->ic_force_wait); 2738 2739 iclog = iclog->ic_next; 2740 } while (first_iclog != iclog); 2741 2742 if (repeats > 5000) { 2743 flushcnt += repeats; 2744 repeats = 0; 2745 xfs_warn(log->l_mp, 2746 "%s: possible infinite loop (%d iterations)", 2747 __func__, flushcnt); 2748 } 2749 } while (!ioerrors && loopdidcallbacks); 2750 2751 /* 2752 * make one last gasp attempt to see if iclogs are being left in 2753 * limbo.. 2754 */ 2755 #ifdef DEBUG 2756 if (funcdidcallbacks) { 2757 first_iclog = iclog = log->l_iclog; 2758 do { 2759 ASSERT(iclog->ic_state != XLOG_STATE_DO_CALLBACK); 2760 /* 2761 * Terminate the loop if iclogs are found in states 2762 * which will cause other threads to clean up iclogs. 2763 * 2764 * SYNCING - i/o completion will go through logs 2765 * DONE_SYNC - interrupt thread should be waiting for 2766 * l_icloglock 2767 * IOERROR - give up hope all ye who enter here 2768 */ 2769 if (iclog->ic_state == XLOG_STATE_WANT_SYNC || 2770 iclog->ic_state == XLOG_STATE_SYNCING || 2771 iclog->ic_state == XLOG_STATE_DONE_SYNC || 2772 iclog->ic_state == XLOG_STATE_IOERROR ) 2773 break; 2774 iclog = iclog->ic_next; 2775 } while (first_iclog != iclog); 2776 } 2777 #endif 2778 2779 if (log->l_iclog->ic_state & (XLOG_STATE_ACTIVE|XLOG_STATE_IOERROR)) 2780 wake = 1; 2781 spin_unlock(&log->l_icloglock); 2782 2783 if (wake) 2784 wake_up_all(&log->l_flush_wait); 2785 } 2786 2787 2788 /* 2789 * Finish transitioning this iclog to the dirty state. 2790 * 2791 * Make sure that we completely execute this routine only when this is 2792 * the last call to the iclog. There is a good chance that iclog flushes, 2793 * when we reach the end of the physical log, get turned into 2 separate 2794 * calls to bwrite. Hence, one iclog flush could generate two calls to this 2795 * routine. By using the reference count bwritecnt, we guarantee that only 2796 * the second completion goes through. 2797 * 2798 * Callbacks could take time, so they are done outside the scope of the 2799 * global state machine log lock. 2800 */ 2801 STATIC void 2802 xlog_state_done_syncing( 2803 xlog_in_core_t *iclog, 2804 int aborted) 2805 { 2806 struct xlog *log = iclog->ic_log; 2807 2808 spin_lock(&log->l_icloglock); 2809 2810 ASSERT(iclog->ic_state == XLOG_STATE_SYNCING || 2811 iclog->ic_state == XLOG_STATE_IOERROR); 2812 ASSERT(atomic_read(&iclog->ic_refcnt) == 0); 2813 ASSERT(iclog->ic_bwritecnt == 1 || iclog->ic_bwritecnt == 2); 2814 2815 2816 /* 2817 * If we got an error, either on the first buffer, or in the case of 2818 * split log writes, on the second, we mark ALL iclogs STATE_IOERROR, 2819 * and none should ever be attempted to be written to disk 2820 * again. 2821 */ 2822 if (iclog->ic_state != XLOG_STATE_IOERROR) { 2823 if (--iclog->ic_bwritecnt == 1) { 2824 spin_unlock(&log->l_icloglock); 2825 return; 2826 } 2827 iclog->ic_state = XLOG_STATE_DONE_SYNC; 2828 } 2829 2830 /* 2831 * Someone could be sleeping prior to writing out the next 2832 * iclog buffer, we wake them all, one will get to do the 2833 * I/O, the others get to wait for the result. 2834 */ 2835 wake_up_all(&iclog->ic_write_wait); 2836 spin_unlock(&log->l_icloglock); 2837 xlog_state_do_callback(log, aborted, iclog); /* also cleans log */ 2838 } /* xlog_state_done_syncing */ 2839 2840 2841 /* 2842 * If the head of the in-core log ring is not (ACTIVE or DIRTY), then we must 2843 * sleep. We wait on the flush queue on the head iclog as that should be 2844 * the first iclog to complete flushing. Hence if all iclogs are syncing, 2845 * we will wait here and all new writes will sleep until a sync completes. 2846 * 2847 * The in-core logs are used in a circular fashion. They are not used 2848 * out-of-order even when an iclog past the head is free. 2849 * 2850 * return: 2851 * * log_offset where xlog_write() can start writing into the in-core 2852 * log's data space. 2853 * * in-core log pointer to which xlog_write() should write. 2854 * * boolean indicating this is a continued write to an in-core log. 2855 * If this is the last write, then the in-core log's offset field 2856 * needs to be incremented, depending on the amount of data which 2857 * is copied. 2858 */ 2859 STATIC int 2860 xlog_state_get_iclog_space( 2861 struct xlog *log, 2862 int len, 2863 struct xlog_in_core **iclogp, 2864 struct xlog_ticket *ticket, 2865 int *continued_write, 2866 int *logoffsetp) 2867 { 2868 int log_offset; 2869 xlog_rec_header_t *head; 2870 xlog_in_core_t *iclog; 2871 int error; 2872 2873 restart: 2874 spin_lock(&log->l_icloglock); 2875 if (XLOG_FORCED_SHUTDOWN(log)) { 2876 spin_unlock(&log->l_icloglock); 2877 return -EIO; 2878 } 2879 2880 iclog = log->l_iclog; 2881 if (iclog->ic_state != XLOG_STATE_ACTIVE) { 2882 XFS_STATS_INC(xs_log_noiclogs); 2883 2884 /* Wait for log writes to have flushed */ 2885 xlog_wait(&log->l_flush_wait, &log->l_icloglock); 2886 goto restart; 2887 } 2888 2889 head = &iclog->ic_header; 2890 2891 atomic_inc(&iclog->ic_refcnt); /* prevents sync */ 2892 log_offset = iclog->ic_offset; 2893 2894 /* On the 1st write to an iclog, figure out lsn. This works 2895 * if iclogs marked XLOG_STATE_WANT_SYNC always write out what they are 2896 * committing to. If the offset is set, that's how many blocks 2897 * must be written. 2898 */ 2899 if (log_offset == 0) { 2900 ticket->t_curr_res -= log->l_iclog_hsize; 2901 xlog_tic_add_region(ticket, 2902 log->l_iclog_hsize, 2903 XLOG_REG_TYPE_LRHEADER); 2904 head->h_cycle = cpu_to_be32(log->l_curr_cycle); 2905 head->h_lsn = cpu_to_be64( 2906 xlog_assign_lsn(log->l_curr_cycle, log->l_curr_block)); 2907 ASSERT(log->l_curr_block >= 0); 2908 } 2909 2910 /* If there is enough room to write everything, then do it. Otherwise, 2911 * claim the rest of the region and make sure the XLOG_STATE_WANT_SYNC 2912 * bit is on, so this will get flushed out. Don't update ic_offset 2913 * until you know exactly how many bytes get copied. Therefore, wait 2914 * until later to update ic_offset. 2915 * 2916 * xlog_write() algorithm assumes that at least 2 xlog_op_header_t's 2917 * can fit into remaining data section. 2918 */ 2919 if (iclog->ic_size - iclog->ic_offset < 2*sizeof(xlog_op_header_t)) { 2920 xlog_state_switch_iclogs(log, iclog, iclog->ic_size); 2921 2922 /* 2923 * If I'm the only one writing to this iclog, sync it to disk. 2924 * We need to do an atomic compare and decrement here to avoid 2925 * racing with concurrent atomic_dec_and_lock() calls in 2926 * xlog_state_release_iclog() when there is more than one 2927 * reference to the iclog. 2928 */ 2929 if (!atomic_add_unless(&iclog->ic_refcnt, -1, 1)) { 2930 /* we are the only one */ 2931 spin_unlock(&log->l_icloglock); 2932 error = xlog_state_release_iclog(log, iclog); 2933 if (error) 2934 return error; 2935 } else { 2936 spin_unlock(&log->l_icloglock); 2937 } 2938 goto restart; 2939 } 2940 2941 /* Do we have enough room to write the full amount in the remainder 2942 * of this iclog? Or must we continue a write on the next iclog and 2943 * mark this iclog as completely taken? In the case where we switch 2944 * iclogs (to mark it taken), this particular iclog will release/sync 2945 * to disk in xlog_write(). 2946 */ 2947 if (len <= iclog->ic_size - iclog->ic_offset) { 2948 *continued_write = 0; 2949 iclog->ic_offset += len; 2950 } else { 2951 *continued_write = 1; 2952 xlog_state_switch_iclogs(log, iclog, iclog->ic_size); 2953 } 2954 *iclogp = iclog; 2955 2956 ASSERT(iclog->ic_offset <= iclog->ic_size); 2957 spin_unlock(&log->l_icloglock); 2958 2959 *logoffsetp = log_offset; 2960 return 0; 2961 } /* xlog_state_get_iclog_space */ 2962 2963 /* The first cnt-1 times through here we don't need to 2964 * move the grant write head because the permanent 2965 * reservation has reserved cnt times the unit amount. 2966 * Release part of current permanent unit reservation and 2967 * reset current reservation to be one units worth. Also 2968 * move grant reservation head forward. 2969 */ 2970 STATIC void 2971 xlog_regrant_reserve_log_space( 2972 struct xlog *log, 2973 struct xlog_ticket *ticket) 2974 { 2975 trace_xfs_log_regrant_reserve_enter(log, ticket); 2976 2977 if (ticket->t_cnt > 0) 2978 ticket->t_cnt--; 2979 2980 xlog_grant_sub_space(log, &log->l_reserve_head.grant, 2981 ticket->t_curr_res); 2982 xlog_grant_sub_space(log, &log->l_write_head.grant, 2983 ticket->t_curr_res); 2984 ticket->t_curr_res = ticket->t_unit_res; 2985 xlog_tic_reset_res(ticket); 2986 2987 trace_xfs_log_regrant_reserve_sub(log, ticket); 2988 2989 /* just return if we still have some of the pre-reserved space */ 2990 if (ticket->t_cnt > 0) 2991 return; 2992 2993 xlog_grant_add_space(log, &log->l_reserve_head.grant, 2994 ticket->t_unit_res); 2995 2996 trace_xfs_log_regrant_reserve_exit(log, ticket); 2997 2998 ticket->t_curr_res = ticket->t_unit_res; 2999 xlog_tic_reset_res(ticket); 3000 } /* xlog_regrant_reserve_log_space */ 3001 3002 3003 /* 3004 * Give back the space left from a reservation. 3005 * 3006 * All the information we need to make a correct determination of space left 3007 * is present. For non-permanent reservations, things are quite easy. The 3008 * count should have been decremented to zero. We only need to deal with the 3009 * space remaining in the current reservation part of the ticket. If the 3010 * ticket contains a permanent reservation, there may be left over space which 3011 * needs to be released. A count of N means that N-1 refills of the current 3012 * reservation can be done before we need to ask for more space. The first 3013 * one goes to fill up the first current reservation. Once we run out of 3014 * space, the count will stay at zero and the only space remaining will be 3015 * in the current reservation field. 3016 */ 3017 STATIC void 3018 xlog_ungrant_log_space( 3019 struct xlog *log, 3020 struct xlog_ticket *ticket) 3021 { 3022 int bytes; 3023 3024 if (ticket->t_cnt > 0) 3025 ticket->t_cnt--; 3026 3027 trace_xfs_log_ungrant_enter(log, ticket); 3028 trace_xfs_log_ungrant_sub(log, ticket); 3029 3030 /* 3031 * If this is a permanent reservation ticket, we may be able to free 3032 * up more space based on the remaining count. 3033 */ 3034 bytes = ticket->t_curr_res; 3035 if (ticket->t_cnt > 0) { 3036 ASSERT(ticket->t_flags & XLOG_TIC_PERM_RESERV); 3037 bytes += ticket->t_unit_res*ticket->t_cnt; 3038 } 3039 3040 xlog_grant_sub_space(log, &log->l_reserve_head.grant, bytes); 3041 xlog_grant_sub_space(log, &log->l_write_head.grant, bytes); 3042 3043 trace_xfs_log_ungrant_exit(log, ticket); 3044 3045 xfs_log_space_wake(log->l_mp); 3046 } 3047 3048 /* 3049 * Flush iclog to disk if this is the last reference to the given iclog and 3050 * the WANT_SYNC bit is set. 3051 * 3052 * When this function is entered, the iclog is not necessarily in the 3053 * WANT_SYNC state. It may be sitting around waiting to get filled. 3054 * 3055 * 3056 */ 3057 STATIC int 3058 xlog_state_release_iclog( 3059 struct xlog *log, 3060 struct xlog_in_core *iclog) 3061 { 3062 int sync = 0; /* do we sync? */ 3063 3064 if (iclog->ic_state & XLOG_STATE_IOERROR) 3065 return -EIO; 3066 3067 ASSERT(atomic_read(&iclog->ic_refcnt) > 0); 3068 if (!atomic_dec_and_lock(&iclog->ic_refcnt, &log->l_icloglock)) 3069 return 0; 3070 3071 if (iclog->ic_state & XLOG_STATE_IOERROR) { 3072 spin_unlock(&log->l_icloglock); 3073 return -EIO; 3074 } 3075 ASSERT(iclog->ic_state == XLOG_STATE_ACTIVE || 3076 iclog->ic_state == XLOG_STATE_WANT_SYNC); 3077 3078 if (iclog->ic_state == XLOG_STATE_WANT_SYNC) { 3079 /* update tail before writing to iclog */ 3080 xfs_lsn_t tail_lsn = xlog_assign_tail_lsn(log->l_mp); 3081 sync++; 3082 iclog->ic_state = XLOG_STATE_SYNCING; 3083 iclog->ic_header.h_tail_lsn = cpu_to_be64(tail_lsn); 3084 xlog_verify_tail_lsn(log, iclog, tail_lsn); 3085 /* cycle incremented when incrementing curr_block */ 3086 } 3087 spin_unlock(&log->l_icloglock); 3088 3089 /* 3090 * We let the log lock go, so it's possible that we hit a log I/O 3091 * error or some other SHUTDOWN condition that marks the iclog 3092 * as XLOG_STATE_IOERROR before the bwrite. However, we know that 3093 * this iclog has consistent data, so we ignore IOERROR 3094 * flags after this point. 3095 */ 3096 if (sync) 3097 return xlog_sync(log, iclog); 3098 return 0; 3099 } /* xlog_state_release_iclog */ 3100 3101 3102 /* 3103 * This routine will mark the current iclog in the ring as WANT_SYNC 3104 * and move the current iclog pointer to the next iclog in the ring. 3105 * When this routine is called from xlog_state_get_iclog_space(), the 3106 * exact size of the iclog has not yet been determined. All we know is 3107 * that every data block. We have run out of space in this log record. 3108 */ 3109 STATIC void 3110 xlog_state_switch_iclogs( 3111 struct xlog *log, 3112 struct xlog_in_core *iclog, 3113 int eventual_size) 3114 { 3115 ASSERT(iclog->ic_state == XLOG_STATE_ACTIVE); 3116 if (!eventual_size) 3117 eventual_size = iclog->ic_offset; 3118 iclog->ic_state = XLOG_STATE_WANT_SYNC; 3119 iclog->ic_header.h_prev_block = cpu_to_be32(log->l_prev_block); 3120 log->l_prev_block = log->l_curr_block; 3121 log->l_prev_cycle = log->l_curr_cycle; 3122 3123 /* roll log?: ic_offset changed later */ 3124 log->l_curr_block += BTOBB(eventual_size)+BTOBB(log->l_iclog_hsize); 3125 3126 /* Round up to next log-sunit */ 3127 if (xfs_sb_version_haslogv2(&log->l_mp->m_sb) && 3128 log->l_mp->m_sb.sb_logsunit > 1) { 3129 __uint32_t sunit_bb = BTOBB(log->l_mp->m_sb.sb_logsunit); 3130 log->l_curr_block = roundup(log->l_curr_block, sunit_bb); 3131 } 3132 3133 if (log->l_curr_block >= log->l_logBBsize) { 3134 log->l_curr_cycle++; 3135 if (log->l_curr_cycle == XLOG_HEADER_MAGIC_NUM) 3136 log->l_curr_cycle++; 3137 log->l_curr_block -= log->l_logBBsize; 3138 ASSERT(log->l_curr_block >= 0); 3139 } 3140 ASSERT(iclog == log->l_iclog); 3141 log->l_iclog = iclog->ic_next; 3142 } /* xlog_state_switch_iclogs */ 3143 3144 /* 3145 * Write out all data in the in-core log as of this exact moment in time. 3146 * 3147 * Data may be written to the in-core log during this call. However, 3148 * we don't guarantee this data will be written out. A change from past 3149 * implementation means this routine will *not* write out zero length LRs. 3150 * 3151 * Basically, we try and perform an intelligent scan of the in-core logs. 3152 * If we determine there is no flushable data, we just return. There is no 3153 * flushable data if: 3154 * 3155 * 1. the current iclog is active and has no data; the previous iclog 3156 * is in the active or dirty state. 3157 * 2. the current iclog is drity, and the previous iclog is in the 3158 * active or dirty state. 3159 * 3160 * We may sleep if: 3161 * 3162 * 1. the current iclog is not in the active nor dirty state. 3163 * 2. the current iclog dirty, and the previous iclog is not in the 3164 * active nor dirty state. 3165 * 3. the current iclog is active, and there is another thread writing 3166 * to this particular iclog. 3167 * 4. a) the current iclog is active and has no other writers 3168 * b) when we return from flushing out this iclog, it is still 3169 * not in the active nor dirty state. 3170 */ 3171 int 3172 _xfs_log_force( 3173 struct xfs_mount *mp, 3174 uint flags, 3175 int *log_flushed) 3176 { 3177 struct xlog *log = mp->m_log; 3178 struct xlog_in_core *iclog; 3179 xfs_lsn_t lsn; 3180 3181 XFS_STATS_INC(xs_log_force); 3182 3183 xlog_cil_force(log); 3184 3185 spin_lock(&log->l_icloglock); 3186 3187 iclog = log->l_iclog; 3188 if (iclog->ic_state & XLOG_STATE_IOERROR) { 3189 spin_unlock(&log->l_icloglock); 3190 return -EIO; 3191 } 3192 3193 /* If the head iclog is not active nor dirty, we just attach 3194 * ourselves to the head and go to sleep. 3195 */ 3196 if (iclog->ic_state == XLOG_STATE_ACTIVE || 3197 iclog->ic_state == XLOG_STATE_DIRTY) { 3198 /* 3199 * If the head is dirty or (active and empty), then 3200 * we need to look at the previous iclog. If the previous 3201 * iclog is active or dirty we are done. There is nothing 3202 * to sync out. Otherwise, we attach ourselves to the 3203 * previous iclog and go to sleep. 3204 */ 3205 if (iclog->ic_state == XLOG_STATE_DIRTY || 3206 (atomic_read(&iclog->ic_refcnt) == 0 3207 && iclog->ic_offset == 0)) { 3208 iclog = iclog->ic_prev; 3209 if (iclog->ic_state == XLOG_STATE_ACTIVE || 3210 iclog->ic_state == XLOG_STATE_DIRTY) 3211 goto no_sleep; 3212 else 3213 goto maybe_sleep; 3214 } else { 3215 if (atomic_read(&iclog->ic_refcnt) == 0) { 3216 /* We are the only one with access to this 3217 * iclog. Flush it out now. There should 3218 * be a roundoff of zero to show that someone 3219 * has already taken care of the roundoff from 3220 * the previous sync. 3221 */ 3222 atomic_inc(&iclog->ic_refcnt); 3223 lsn = be64_to_cpu(iclog->ic_header.h_lsn); 3224 xlog_state_switch_iclogs(log, iclog, 0); 3225 spin_unlock(&log->l_icloglock); 3226 3227 if (xlog_state_release_iclog(log, iclog)) 3228 return -EIO; 3229 3230 if (log_flushed) 3231 *log_flushed = 1; 3232 spin_lock(&log->l_icloglock); 3233 if (be64_to_cpu(iclog->ic_header.h_lsn) == lsn && 3234 iclog->ic_state != XLOG_STATE_DIRTY) 3235 goto maybe_sleep; 3236 else 3237 goto no_sleep; 3238 } else { 3239 /* Someone else is writing to this iclog. 3240 * Use its call to flush out the data. However, 3241 * the other thread may not force out this LR, 3242 * so we mark it WANT_SYNC. 3243 */ 3244 xlog_state_switch_iclogs(log, iclog, 0); 3245 goto maybe_sleep; 3246 } 3247 } 3248 } 3249 3250 /* By the time we come around again, the iclog could've been filled 3251 * which would give it another lsn. If we have a new lsn, just 3252 * return because the relevant data has been flushed. 3253 */ 3254 maybe_sleep: 3255 if (flags & XFS_LOG_SYNC) { 3256 /* 3257 * We must check if we're shutting down here, before 3258 * we wait, while we're holding the l_icloglock. 3259 * Then we check again after waking up, in case our 3260 * sleep was disturbed by a bad news. 3261 */ 3262 if (iclog->ic_state & XLOG_STATE_IOERROR) { 3263 spin_unlock(&log->l_icloglock); 3264 return -EIO; 3265 } 3266 XFS_STATS_INC(xs_log_force_sleep); 3267 xlog_wait(&iclog->ic_force_wait, &log->l_icloglock); 3268 /* 3269 * No need to grab the log lock here since we're 3270 * only deciding whether or not to return EIO 3271 * and the memory read should be atomic. 3272 */ 3273 if (iclog->ic_state & XLOG_STATE_IOERROR) 3274 return -EIO; 3275 if (log_flushed) 3276 *log_flushed = 1; 3277 } else { 3278 3279 no_sleep: 3280 spin_unlock(&log->l_icloglock); 3281 } 3282 return 0; 3283 } 3284 3285 /* 3286 * Wrapper for _xfs_log_force(), to be used when caller doesn't care 3287 * about errors or whether the log was flushed or not. This is the normal 3288 * interface to use when trying to unpin items or move the log forward. 3289 */ 3290 void 3291 xfs_log_force( 3292 xfs_mount_t *mp, 3293 uint flags) 3294 { 3295 int error; 3296 3297 trace_xfs_log_force(mp, 0); 3298 error = _xfs_log_force(mp, flags, NULL); 3299 if (error) 3300 xfs_warn(mp, "%s: error %d returned.", __func__, error); 3301 } 3302 3303 /* 3304 * Force the in-core log to disk for a specific LSN. 3305 * 3306 * Find in-core log with lsn. 3307 * If it is in the DIRTY state, just return. 3308 * If it is in the ACTIVE state, move the in-core log into the WANT_SYNC 3309 * state and go to sleep or return. 3310 * If it is in any other state, go to sleep or return. 3311 * 3312 * Synchronous forces are implemented with a signal variable. All callers 3313 * to force a given lsn to disk will wait on a the sv attached to the 3314 * specific in-core log. When given in-core log finally completes its 3315 * write to disk, that thread will wake up all threads waiting on the 3316 * sv. 3317 */ 3318 int 3319 _xfs_log_force_lsn( 3320 struct xfs_mount *mp, 3321 xfs_lsn_t lsn, 3322 uint flags, 3323 int *log_flushed) 3324 { 3325 struct xlog *log = mp->m_log; 3326 struct xlog_in_core *iclog; 3327 int already_slept = 0; 3328 3329 ASSERT(lsn != 0); 3330 3331 XFS_STATS_INC(xs_log_force); 3332 3333 lsn = xlog_cil_force_lsn(log, lsn); 3334 if (lsn == NULLCOMMITLSN) 3335 return 0; 3336 3337 try_again: 3338 spin_lock(&log->l_icloglock); 3339 iclog = log->l_iclog; 3340 if (iclog->ic_state & XLOG_STATE_IOERROR) { 3341 spin_unlock(&log->l_icloglock); 3342 return -EIO; 3343 } 3344 3345 do { 3346 if (be64_to_cpu(iclog->ic_header.h_lsn) != lsn) { 3347 iclog = iclog->ic_next; 3348 continue; 3349 } 3350 3351 if (iclog->ic_state == XLOG_STATE_DIRTY) { 3352 spin_unlock(&log->l_icloglock); 3353 return 0; 3354 } 3355 3356 if (iclog->ic_state == XLOG_STATE_ACTIVE) { 3357 /* 3358 * We sleep here if we haven't already slept (e.g. 3359 * this is the first time we've looked at the correct 3360 * iclog buf) and the buffer before us is going to 3361 * be sync'ed. The reason for this is that if we 3362 * are doing sync transactions here, by waiting for 3363 * the previous I/O to complete, we can allow a few 3364 * more transactions into this iclog before we close 3365 * it down. 3366 * 3367 * Otherwise, we mark the buffer WANT_SYNC, and bump 3368 * up the refcnt so we can release the log (which 3369 * drops the ref count). The state switch keeps new 3370 * transaction commits from using this buffer. When 3371 * the current commits finish writing into the buffer, 3372 * the refcount will drop to zero and the buffer will 3373 * go out then. 3374 */ 3375 if (!already_slept && 3376 (iclog->ic_prev->ic_state & 3377 (XLOG_STATE_WANT_SYNC | XLOG_STATE_SYNCING))) { 3378 ASSERT(!(iclog->ic_state & XLOG_STATE_IOERROR)); 3379 3380 XFS_STATS_INC(xs_log_force_sleep); 3381 3382 xlog_wait(&iclog->ic_prev->ic_write_wait, 3383 &log->l_icloglock); 3384 if (log_flushed) 3385 *log_flushed = 1; 3386 already_slept = 1; 3387 goto try_again; 3388 } 3389 atomic_inc(&iclog->ic_refcnt); 3390 xlog_state_switch_iclogs(log, iclog, 0); 3391 spin_unlock(&log->l_icloglock); 3392 if (xlog_state_release_iclog(log, iclog)) 3393 return -EIO; 3394 if (log_flushed) 3395 *log_flushed = 1; 3396 spin_lock(&log->l_icloglock); 3397 } 3398 3399 if ((flags & XFS_LOG_SYNC) && /* sleep */ 3400 !(iclog->ic_state & 3401 (XLOG_STATE_ACTIVE | XLOG_STATE_DIRTY))) { 3402 /* 3403 * Don't wait on completion if we know that we've 3404 * gotten a log write error. 3405 */ 3406 if (iclog->ic_state & XLOG_STATE_IOERROR) { 3407 spin_unlock(&log->l_icloglock); 3408 return -EIO; 3409 } 3410 XFS_STATS_INC(xs_log_force_sleep); 3411 xlog_wait(&iclog->ic_force_wait, &log->l_icloglock); 3412 /* 3413 * No need to grab the log lock here since we're 3414 * only deciding whether or not to return EIO 3415 * and the memory read should be atomic. 3416 */ 3417 if (iclog->ic_state & XLOG_STATE_IOERROR) 3418 return -EIO; 3419 3420 if (log_flushed) 3421 *log_flushed = 1; 3422 } else { /* just return */ 3423 spin_unlock(&log->l_icloglock); 3424 } 3425 3426 return 0; 3427 } while (iclog != log->l_iclog); 3428 3429 spin_unlock(&log->l_icloglock); 3430 return 0; 3431 } 3432 3433 /* 3434 * Wrapper for _xfs_log_force_lsn(), to be used when caller doesn't care 3435 * about errors or whether the log was flushed or not. This is the normal 3436 * interface to use when trying to unpin items or move the log forward. 3437 */ 3438 void 3439 xfs_log_force_lsn( 3440 xfs_mount_t *mp, 3441 xfs_lsn_t lsn, 3442 uint flags) 3443 { 3444 int error; 3445 3446 trace_xfs_log_force(mp, lsn); 3447 error = _xfs_log_force_lsn(mp, lsn, flags, NULL); 3448 if (error) 3449 xfs_warn(mp, "%s: error %d returned.", __func__, error); 3450 } 3451 3452 /* 3453 * Called when we want to mark the current iclog as being ready to sync to 3454 * disk. 3455 */ 3456 STATIC void 3457 xlog_state_want_sync( 3458 struct xlog *log, 3459 struct xlog_in_core *iclog) 3460 { 3461 assert_spin_locked(&log->l_icloglock); 3462 3463 if (iclog->ic_state == XLOG_STATE_ACTIVE) { 3464 xlog_state_switch_iclogs(log, iclog, 0); 3465 } else { 3466 ASSERT(iclog->ic_state & 3467 (XLOG_STATE_WANT_SYNC|XLOG_STATE_IOERROR)); 3468 } 3469 } 3470 3471 3472 /***************************************************************************** 3473 * 3474 * TICKET functions 3475 * 3476 ***************************************************************************** 3477 */ 3478 3479 /* 3480 * Free a used ticket when its refcount falls to zero. 3481 */ 3482 void 3483 xfs_log_ticket_put( 3484 xlog_ticket_t *ticket) 3485 { 3486 ASSERT(atomic_read(&ticket->t_ref) > 0); 3487 if (atomic_dec_and_test(&ticket->t_ref)) 3488 kmem_zone_free(xfs_log_ticket_zone, ticket); 3489 } 3490 3491 xlog_ticket_t * 3492 xfs_log_ticket_get( 3493 xlog_ticket_t *ticket) 3494 { 3495 ASSERT(atomic_read(&ticket->t_ref) > 0); 3496 atomic_inc(&ticket->t_ref); 3497 return ticket; 3498 } 3499 3500 /* 3501 * Figure out the total log space unit (in bytes) that would be 3502 * required for a log ticket. 3503 */ 3504 int 3505 xfs_log_calc_unit_res( 3506 struct xfs_mount *mp, 3507 int unit_bytes) 3508 { 3509 struct xlog *log = mp->m_log; 3510 int iclog_space; 3511 uint num_headers; 3512 3513 /* 3514 * Permanent reservations have up to 'cnt'-1 active log operations 3515 * in the log. A unit in this case is the amount of space for one 3516 * of these log operations. Normal reservations have a cnt of 1 3517 * and their unit amount is the total amount of space required. 3518 * 3519 * The following lines of code account for non-transaction data 3520 * which occupy space in the on-disk log. 3521 * 3522 * Normal form of a transaction is: 3523 * <oph><trans-hdr><start-oph><reg1-oph><reg1><reg2-oph>...<commit-oph> 3524 * and then there are LR hdrs, split-recs and roundoff at end of syncs. 3525 * 3526 * We need to account for all the leadup data and trailer data 3527 * around the transaction data. 3528 * And then we need to account for the worst case in terms of using 3529 * more space. 3530 * The worst case will happen if: 3531 * - the placement of the transaction happens to be such that the 3532 * roundoff is at its maximum 3533 * - the transaction data is synced before the commit record is synced 3534 * i.e. <transaction-data><roundoff> | <commit-rec><roundoff> 3535 * Therefore the commit record is in its own Log Record. 3536 * This can happen as the commit record is called with its 3537 * own region to xlog_write(). 3538 * This then means that in the worst case, roundoff can happen for 3539 * the commit-rec as well. 3540 * The commit-rec is smaller than padding in this scenario and so it is 3541 * not added separately. 3542 */ 3543 3544 /* for trans header */ 3545 unit_bytes += sizeof(xlog_op_header_t); 3546 unit_bytes += sizeof(xfs_trans_header_t); 3547 3548 /* for start-rec */ 3549 unit_bytes += sizeof(xlog_op_header_t); 3550 3551 /* 3552 * for LR headers - the space for data in an iclog is the size minus 3553 * the space used for the headers. If we use the iclog size, then we 3554 * undercalculate the number of headers required. 3555 * 3556 * Furthermore - the addition of op headers for split-recs might 3557 * increase the space required enough to require more log and op 3558 * headers, so take that into account too. 3559 * 3560 * IMPORTANT: This reservation makes the assumption that if this 3561 * transaction is the first in an iclog and hence has the LR headers 3562 * accounted to it, then the remaining space in the iclog is 3563 * exclusively for this transaction. i.e. if the transaction is larger 3564 * than the iclog, it will be the only thing in that iclog. 3565 * Fundamentally, this means we must pass the entire log vector to 3566 * xlog_write to guarantee this. 3567 */ 3568 iclog_space = log->l_iclog_size - log->l_iclog_hsize; 3569 num_headers = howmany(unit_bytes, iclog_space); 3570 3571 /* for split-recs - ophdrs added when data split over LRs */ 3572 unit_bytes += sizeof(xlog_op_header_t) * num_headers; 3573 3574 /* add extra header reservations if we overrun */ 3575 while (!num_headers || 3576 howmany(unit_bytes, iclog_space) > num_headers) { 3577 unit_bytes += sizeof(xlog_op_header_t); 3578 num_headers++; 3579 } 3580 unit_bytes += log->l_iclog_hsize * num_headers; 3581 3582 /* for commit-rec LR header - note: padding will subsume the ophdr */ 3583 unit_bytes += log->l_iclog_hsize; 3584 3585 /* for roundoff padding for transaction data and one for commit record */ 3586 if (xfs_sb_version_haslogv2(&mp->m_sb) && mp->m_sb.sb_logsunit > 1) { 3587 /* log su roundoff */ 3588 unit_bytes += 2 * mp->m_sb.sb_logsunit; 3589 } else { 3590 /* BB roundoff */ 3591 unit_bytes += 2 * BBSIZE; 3592 } 3593 3594 return unit_bytes; 3595 } 3596 3597 /* 3598 * Allocate and initialise a new log ticket. 3599 */ 3600 struct xlog_ticket * 3601 xlog_ticket_alloc( 3602 struct xlog *log, 3603 int unit_bytes, 3604 int cnt, 3605 char client, 3606 bool permanent, 3607 xfs_km_flags_t alloc_flags) 3608 { 3609 struct xlog_ticket *tic; 3610 int unit_res; 3611 3612 tic = kmem_zone_zalloc(xfs_log_ticket_zone, alloc_flags); 3613 if (!tic) 3614 return NULL; 3615 3616 unit_res = xfs_log_calc_unit_res(log->l_mp, unit_bytes); 3617 3618 atomic_set(&tic->t_ref, 1); 3619 tic->t_task = current; 3620 INIT_LIST_HEAD(&tic->t_queue); 3621 tic->t_unit_res = unit_res; 3622 tic->t_curr_res = unit_res; 3623 tic->t_cnt = cnt; 3624 tic->t_ocnt = cnt; 3625 tic->t_tid = prandom_u32(); 3626 tic->t_clientid = client; 3627 tic->t_flags = XLOG_TIC_INITED; 3628 tic->t_trans_type = 0; 3629 if (permanent) 3630 tic->t_flags |= XLOG_TIC_PERM_RESERV; 3631 3632 xlog_tic_reset_res(tic); 3633 3634 return tic; 3635 } 3636 3637 3638 /****************************************************************************** 3639 * 3640 * Log debug routines 3641 * 3642 ****************************************************************************** 3643 */ 3644 #if defined(DEBUG) 3645 /* 3646 * Make sure that the destination ptr is within the valid data region of 3647 * one of the iclogs. This uses backup pointers stored in a different 3648 * part of the log in case we trash the log structure. 3649 */ 3650 void 3651 xlog_verify_dest_ptr( 3652 struct xlog *log, 3653 char *ptr) 3654 { 3655 int i; 3656 int good_ptr = 0; 3657 3658 for (i = 0; i < log->l_iclog_bufs; i++) { 3659 if (ptr >= log->l_iclog_bak[i] && 3660 ptr <= log->l_iclog_bak[i] + log->l_iclog_size) 3661 good_ptr++; 3662 } 3663 3664 if (!good_ptr) 3665 xfs_emerg(log->l_mp, "%s: invalid ptr", __func__); 3666 } 3667 3668 /* 3669 * Check to make sure the grant write head didn't just over lap the tail. If 3670 * the cycles are the same, we can't be overlapping. Otherwise, make sure that 3671 * the cycles differ by exactly one and check the byte count. 3672 * 3673 * This check is run unlocked, so can give false positives. Rather than assert 3674 * on failures, use a warn-once flag and a panic tag to allow the admin to 3675 * determine if they want to panic the machine when such an error occurs. For 3676 * debug kernels this will have the same effect as using an assert but, unlinke 3677 * an assert, it can be turned off at runtime. 3678 */ 3679 STATIC void 3680 xlog_verify_grant_tail( 3681 struct xlog *log) 3682 { 3683 int tail_cycle, tail_blocks; 3684 int cycle, space; 3685 3686 xlog_crack_grant_head(&log->l_write_head.grant, &cycle, &space); 3687 xlog_crack_atomic_lsn(&log->l_tail_lsn, &tail_cycle, &tail_blocks); 3688 if (tail_cycle != cycle) { 3689 if (cycle - 1 != tail_cycle && 3690 !(log->l_flags & XLOG_TAIL_WARN)) { 3691 xfs_alert_tag(log->l_mp, XFS_PTAG_LOGRES, 3692 "%s: cycle - 1 != tail_cycle", __func__); 3693 log->l_flags |= XLOG_TAIL_WARN; 3694 } 3695 3696 if (space > BBTOB(tail_blocks) && 3697 !(log->l_flags & XLOG_TAIL_WARN)) { 3698 xfs_alert_tag(log->l_mp, XFS_PTAG_LOGRES, 3699 "%s: space > BBTOB(tail_blocks)", __func__); 3700 log->l_flags |= XLOG_TAIL_WARN; 3701 } 3702 } 3703 } 3704 3705 /* check if it will fit */ 3706 STATIC void 3707 xlog_verify_tail_lsn( 3708 struct xlog *log, 3709 struct xlog_in_core *iclog, 3710 xfs_lsn_t tail_lsn) 3711 { 3712 int blocks; 3713 3714 if (CYCLE_LSN(tail_lsn) == log->l_prev_cycle) { 3715 blocks = 3716 log->l_logBBsize - (log->l_prev_block - BLOCK_LSN(tail_lsn)); 3717 if (blocks < BTOBB(iclog->ic_offset)+BTOBB(log->l_iclog_hsize)) 3718 xfs_emerg(log->l_mp, "%s: ran out of log space", __func__); 3719 } else { 3720 ASSERT(CYCLE_LSN(tail_lsn)+1 == log->l_prev_cycle); 3721 3722 if (BLOCK_LSN(tail_lsn) == log->l_prev_block) 3723 xfs_emerg(log->l_mp, "%s: tail wrapped", __func__); 3724 3725 blocks = BLOCK_LSN(tail_lsn) - log->l_prev_block; 3726 if (blocks < BTOBB(iclog->ic_offset) + 1) 3727 xfs_emerg(log->l_mp, "%s: ran out of log space", __func__); 3728 } 3729 } /* xlog_verify_tail_lsn */ 3730 3731 /* 3732 * Perform a number of checks on the iclog before writing to disk. 3733 * 3734 * 1. Make sure the iclogs are still circular 3735 * 2. Make sure we have a good magic number 3736 * 3. Make sure we don't have magic numbers in the data 3737 * 4. Check fields of each log operation header for: 3738 * A. Valid client identifier 3739 * B. tid ptr value falls in valid ptr space (user space code) 3740 * C. Length in log record header is correct according to the 3741 * individual operation headers within record. 3742 * 5. When a bwrite will occur within 5 blocks of the front of the physical 3743 * log, check the preceding blocks of the physical log to make sure all 3744 * the cycle numbers agree with the current cycle number. 3745 */ 3746 STATIC void 3747 xlog_verify_iclog( 3748 struct xlog *log, 3749 struct xlog_in_core *iclog, 3750 int count, 3751 bool syncing) 3752 { 3753 xlog_op_header_t *ophead; 3754 xlog_in_core_t *icptr; 3755 xlog_in_core_2_t *xhdr; 3756 xfs_caddr_t ptr; 3757 xfs_caddr_t base_ptr; 3758 __psint_t field_offset; 3759 __uint8_t clientid; 3760 int len, i, j, k, op_len; 3761 int idx; 3762 3763 /* check validity of iclog pointers */ 3764 spin_lock(&log->l_icloglock); 3765 icptr = log->l_iclog; 3766 for (i = 0; i < log->l_iclog_bufs; i++, icptr = icptr->ic_next) 3767 ASSERT(icptr); 3768 3769 if (icptr != log->l_iclog) 3770 xfs_emerg(log->l_mp, "%s: corrupt iclog ring", __func__); 3771 spin_unlock(&log->l_icloglock); 3772 3773 /* check log magic numbers */ 3774 if (iclog->ic_header.h_magicno != cpu_to_be32(XLOG_HEADER_MAGIC_NUM)) 3775 xfs_emerg(log->l_mp, "%s: invalid magic num", __func__); 3776 3777 ptr = (xfs_caddr_t) &iclog->ic_header; 3778 for (ptr += BBSIZE; ptr < ((xfs_caddr_t)&iclog->ic_header) + count; 3779 ptr += BBSIZE) { 3780 if (*(__be32 *)ptr == cpu_to_be32(XLOG_HEADER_MAGIC_NUM)) 3781 xfs_emerg(log->l_mp, "%s: unexpected magic num", 3782 __func__); 3783 } 3784 3785 /* check fields */ 3786 len = be32_to_cpu(iclog->ic_header.h_num_logops); 3787 ptr = iclog->ic_datap; 3788 base_ptr = ptr; 3789 ophead = (xlog_op_header_t *)ptr; 3790 xhdr = iclog->ic_data; 3791 for (i = 0; i < len; i++) { 3792 ophead = (xlog_op_header_t *)ptr; 3793 3794 /* clientid is only 1 byte */ 3795 field_offset = (__psint_t) 3796 ((xfs_caddr_t)&(ophead->oh_clientid) - base_ptr); 3797 if (!syncing || (field_offset & 0x1ff)) { 3798 clientid = ophead->oh_clientid; 3799 } else { 3800 idx = BTOBBT((xfs_caddr_t)&(ophead->oh_clientid) - iclog->ic_datap); 3801 if (idx >= (XLOG_HEADER_CYCLE_SIZE / BBSIZE)) { 3802 j = idx / (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 3803 k = idx % (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 3804 clientid = xlog_get_client_id( 3805 xhdr[j].hic_xheader.xh_cycle_data[k]); 3806 } else { 3807 clientid = xlog_get_client_id( 3808 iclog->ic_header.h_cycle_data[idx]); 3809 } 3810 } 3811 if (clientid != XFS_TRANSACTION && clientid != XFS_LOG) 3812 xfs_warn(log->l_mp, 3813 "%s: invalid clientid %d op 0x%p offset 0x%lx", 3814 __func__, clientid, ophead, 3815 (unsigned long)field_offset); 3816 3817 /* check length */ 3818 field_offset = (__psint_t) 3819 ((xfs_caddr_t)&(ophead->oh_len) - base_ptr); 3820 if (!syncing || (field_offset & 0x1ff)) { 3821 op_len = be32_to_cpu(ophead->oh_len); 3822 } else { 3823 idx = BTOBBT((__psint_t)&ophead->oh_len - 3824 (__psint_t)iclog->ic_datap); 3825 if (idx >= (XLOG_HEADER_CYCLE_SIZE / BBSIZE)) { 3826 j = idx / (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 3827 k = idx % (XLOG_HEADER_CYCLE_SIZE / BBSIZE); 3828 op_len = be32_to_cpu(xhdr[j].hic_xheader.xh_cycle_data[k]); 3829 } else { 3830 op_len = be32_to_cpu(iclog->ic_header.h_cycle_data[idx]); 3831 } 3832 } 3833 ptr += sizeof(xlog_op_header_t) + op_len; 3834 } 3835 } /* xlog_verify_iclog */ 3836 #endif 3837 3838 /* 3839 * Mark all iclogs IOERROR. l_icloglock is held by the caller. 3840 */ 3841 STATIC int 3842 xlog_state_ioerror( 3843 struct xlog *log) 3844 { 3845 xlog_in_core_t *iclog, *ic; 3846 3847 iclog = log->l_iclog; 3848 if (! (iclog->ic_state & XLOG_STATE_IOERROR)) { 3849 /* 3850 * Mark all the incore logs IOERROR. 3851 * From now on, no log flushes will result. 3852 */ 3853 ic = iclog; 3854 do { 3855 ic->ic_state = XLOG_STATE_IOERROR; 3856 ic = ic->ic_next; 3857 } while (ic != iclog); 3858 return 0; 3859 } 3860 /* 3861 * Return non-zero, if state transition has already happened. 3862 */ 3863 return 1; 3864 } 3865 3866 /* 3867 * This is called from xfs_force_shutdown, when we're forcibly 3868 * shutting down the filesystem, typically because of an IO error. 3869 * Our main objectives here are to make sure that: 3870 * a. the filesystem gets marked 'SHUTDOWN' for all interested 3871 * parties to find out, 'atomically'. 3872 * b. those who're sleeping on log reservations, pinned objects and 3873 * other resources get woken up, and be told the bad news. 3874 * c. nothing new gets queued up after (a) and (b) are done. 3875 * d. if !logerror, flush the iclogs to disk, then seal them off 3876 * for business. 3877 * 3878 * Note: for delayed logging the !logerror case needs to flush the regions 3879 * held in memory out to the iclogs before flushing them to disk. This needs 3880 * to be done before the log is marked as shutdown, otherwise the flush to the 3881 * iclogs will fail. 3882 */ 3883 int 3884 xfs_log_force_umount( 3885 struct xfs_mount *mp, 3886 int logerror) 3887 { 3888 struct xlog *log; 3889 int retval; 3890 3891 log = mp->m_log; 3892 3893 /* 3894 * If this happens during log recovery, don't worry about 3895 * locking; the log isn't open for business yet. 3896 */ 3897 if (!log || 3898 log->l_flags & XLOG_ACTIVE_RECOVERY) { 3899 mp->m_flags |= XFS_MOUNT_FS_SHUTDOWN; 3900 if (mp->m_sb_bp) 3901 XFS_BUF_DONE(mp->m_sb_bp); 3902 return 0; 3903 } 3904 3905 /* 3906 * Somebody could've already done the hard work for us. 3907 * No need to get locks for this. 3908 */ 3909 if (logerror && log->l_iclog->ic_state & XLOG_STATE_IOERROR) { 3910 ASSERT(XLOG_FORCED_SHUTDOWN(log)); 3911 return 1; 3912 } 3913 retval = 0; 3914 3915 /* 3916 * Flush the in memory commit item list before marking the log as 3917 * being shut down. We need to do it in this order to ensure all the 3918 * completed transactions are flushed to disk with the xfs_log_force() 3919 * call below. 3920 */ 3921 if (!logerror) 3922 xlog_cil_force(log); 3923 3924 /* 3925 * mark the filesystem and the as in a shutdown state and wake 3926 * everybody up to tell them the bad news. 3927 */ 3928 spin_lock(&log->l_icloglock); 3929 mp->m_flags |= XFS_MOUNT_FS_SHUTDOWN; 3930 if (mp->m_sb_bp) 3931 XFS_BUF_DONE(mp->m_sb_bp); 3932 3933 /* 3934 * This flag is sort of redundant because of the mount flag, but 3935 * it's good to maintain the separation between the log and the rest 3936 * of XFS. 3937 */ 3938 log->l_flags |= XLOG_IO_ERROR; 3939 3940 /* 3941 * If we hit a log error, we want to mark all the iclogs IOERROR 3942 * while we're still holding the loglock. 3943 */ 3944 if (logerror) 3945 retval = xlog_state_ioerror(log); 3946 spin_unlock(&log->l_icloglock); 3947 3948 /* 3949 * We don't want anybody waiting for log reservations after this. That 3950 * means we have to wake up everybody queued up on reserveq as well as 3951 * writeq. In addition, we make sure in xlog_{re}grant_log_space that 3952 * we don't enqueue anything once the SHUTDOWN flag is set, and this 3953 * action is protected by the grant locks. 3954 */ 3955 xlog_grant_head_wake_all(&log->l_reserve_head); 3956 xlog_grant_head_wake_all(&log->l_write_head); 3957 3958 if (!(log->l_iclog->ic_state & XLOG_STATE_IOERROR)) { 3959 ASSERT(!logerror); 3960 /* 3961 * Force the incore logs to disk before shutting the 3962 * log down completely. 3963 */ 3964 _xfs_log_force(mp, XFS_LOG_SYNC, NULL); 3965 3966 spin_lock(&log->l_icloglock); 3967 retval = xlog_state_ioerror(log); 3968 spin_unlock(&log->l_icloglock); 3969 } 3970 3971 /* 3972 * Wake up everybody waiting on xfs_log_force. Wake the CIL push first 3973 * as if the log writes were completed. The abort handling in the log 3974 * item committed callback functions will do this again under lock to 3975 * avoid races. 3976 */ 3977 wake_up_all(&log->l_cilp->xc_commit_wait); 3978 xlog_state_do_callback(log, XFS_LI_ABORTED, NULL); 3979 3980 #ifdef XFSERRORDEBUG 3981 { 3982 xlog_in_core_t *iclog; 3983 3984 spin_lock(&log->l_icloglock); 3985 iclog = log->l_iclog; 3986 do { 3987 ASSERT(iclog->ic_callback == 0); 3988 iclog = iclog->ic_next; 3989 } while (iclog != log->l_iclog); 3990 spin_unlock(&log->l_icloglock); 3991 } 3992 #endif 3993 /* return non-zero if log IOERROR transition had already happened */ 3994 return retval; 3995 } 3996 3997 STATIC int 3998 xlog_iclogs_empty( 3999 struct xlog *log) 4000 { 4001 xlog_in_core_t *iclog; 4002 4003 iclog = log->l_iclog; 4004 do { 4005 /* endianness does not matter here, zero is zero in 4006 * any language. 4007 */ 4008 if (iclog->ic_header.h_num_logops) 4009 return 0; 4010 iclog = iclog->ic_next; 4011 } while (iclog != log->l_iclog); 4012 return 1; 4013 } 4014 4015