1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6 #include "xfs.h"
7 #include "xfs_fs.h"
8 #include "xfs_format.h"
9 #include "xfs_log_format.h"
10 #include "xfs_trans_resv.h"
11 #include "xfs_bit.h"
12 #include "xfs_sb.h"
13 #include "xfs_mount.h"
14 #include "xfs_trans.h"
15 #include "xfs_buf_item.h"
16 #include "xfs_trans_priv.h"
17 #include "xfs_error.h"
18 #include "xfs_trace.h"
19 #include "xfs_log.h"
20 #include "xfs_inode.h"
21
22
23 kmem_zone_t *xfs_buf_item_zone;
24
BUF_ITEM(struct xfs_log_item * lip)25 static inline struct xfs_buf_log_item *BUF_ITEM(struct xfs_log_item *lip)
26 {
27 return container_of(lip, struct xfs_buf_log_item, bli_item);
28 }
29
30 STATIC void xfs_buf_do_callbacks(struct xfs_buf *bp);
31
32 static inline int
xfs_buf_log_format_size(struct xfs_buf_log_format * blfp)33 xfs_buf_log_format_size(
34 struct xfs_buf_log_format *blfp)
35 {
36 return offsetof(struct xfs_buf_log_format, blf_data_map) +
37 (blfp->blf_map_size * sizeof(blfp->blf_data_map[0]));
38 }
39
40 /*
41 * This returns the number of log iovecs needed to log the
42 * given buf log item.
43 *
44 * It calculates this as 1 iovec for the buf log format structure
45 * and 1 for each stretch of non-contiguous chunks to be logged.
46 * Contiguous chunks are logged in a single iovec.
47 *
48 * If the XFS_BLI_STALE flag has been set, then log nothing.
49 */
50 STATIC void
xfs_buf_item_size_segment(struct xfs_buf_log_item * bip,struct xfs_buf_log_format * blfp,int * nvecs,int * nbytes)51 xfs_buf_item_size_segment(
52 struct xfs_buf_log_item *bip,
53 struct xfs_buf_log_format *blfp,
54 int *nvecs,
55 int *nbytes)
56 {
57 struct xfs_buf *bp = bip->bli_buf;
58 int next_bit;
59 int last_bit;
60
61 last_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0);
62 if (last_bit == -1)
63 return;
64
65 /*
66 * initial count for a dirty buffer is 2 vectors - the format structure
67 * and the first dirty region.
68 */
69 *nvecs += 2;
70 *nbytes += xfs_buf_log_format_size(blfp) + XFS_BLF_CHUNK;
71
72 while (last_bit != -1) {
73 /*
74 * This takes the bit number to start looking from and
75 * returns the next set bit from there. It returns -1
76 * if there are no more bits set or the start bit is
77 * beyond the end of the bitmap.
78 */
79 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size,
80 last_bit + 1);
81 /*
82 * If we run out of bits, leave the loop,
83 * else if we find a new set of bits bump the number of vecs,
84 * else keep scanning the current set of bits.
85 */
86 if (next_bit == -1) {
87 break;
88 } else if (next_bit != last_bit + 1) {
89 last_bit = next_bit;
90 (*nvecs)++;
91 } else if (xfs_buf_offset(bp, next_bit * XFS_BLF_CHUNK) !=
92 (xfs_buf_offset(bp, last_bit * XFS_BLF_CHUNK) +
93 XFS_BLF_CHUNK)) {
94 last_bit = next_bit;
95 (*nvecs)++;
96 } else {
97 last_bit++;
98 }
99 *nbytes += XFS_BLF_CHUNK;
100 }
101 }
102
103 /*
104 * This returns the number of log iovecs needed to log the given buf log item.
105 *
106 * It calculates this as 1 iovec for the buf log format structure and 1 for each
107 * stretch of non-contiguous chunks to be logged. Contiguous chunks are logged
108 * in a single iovec.
109 *
110 * Discontiguous buffers need a format structure per region that that is being
111 * logged. This makes the changes in the buffer appear to log recovery as though
112 * they came from separate buffers, just like would occur if multiple buffers
113 * were used instead of a single discontiguous buffer. This enables
114 * discontiguous buffers to be in-memory constructs, completely transparent to
115 * what ends up on disk.
116 *
117 * If the XFS_BLI_STALE flag has been set, then log nothing but the buf log
118 * format structures.
119 */
120 STATIC void
xfs_buf_item_size(struct xfs_log_item * lip,int * nvecs,int * nbytes)121 xfs_buf_item_size(
122 struct xfs_log_item *lip,
123 int *nvecs,
124 int *nbytes)
125 {
126 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
127 int i;
128
129 ASSERT(atomic_read(&bip->bli_refcount) > 0);
130 if (bip->bli_flags & XFS_BLI_STALE) {
131 /*
132 * The buffer is stale, so all we need to log
133 * is the buf log format structure with the
134 * cancel flag in it.
135 */
136 trace_xfs_buf_item_size_stale(bip);
137 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL);
138 *nvecs += bip->bli_format_count;
139 for (i = 0; i < bip->bli_format_count; i++) {
140 *nbytes += xfs_buf_log_format_size(&bip->bli_formats[i]);
141 }
142 return;
143 }
144
145 ASSERT(bip->bli_flags & XFS_BLI_LOGGED);
146
147 if (bip->bli_flags & XFS_BLI_ORDERED) {
148 /*
149 * The buffer has been logged just to order it.
150 * It is not being included in the transaction
151 * commit, so no vectors are used at all.
152 */
153 trace_xfs_buf_item_size_ordered(bip);
154 *nvecs = XFS_LOG_VEC_ORDERED;
155 return;
156 }
157
158 /*
159 * the vector count is based on the number of buffer vectors we have
160 * dirty bits in. This will only be greater than one when we have a
161 * compound buffer with more than one segment dirty. Hence for compound
162 * buffers we need to track which segment the dirty bits correspond to,
163 * and when we move from one segment to the next increment the vector
164 * count for the extra buf log format structure that will need to be
165 * written.
166 */
167 for (i = 0; i < bip->bli_format_count; i++) {
168 xfs_buf_item_size_segment(bip, &bip->bli_formats[i],
169 nvecs, nbytes);
170 }
171 trace_xfs_buf_item_size(bip);
172 }
173
174 static inline void
xfs_buf_item_copy_iovec(struct xfs_log_vec * lv,struct xfs_log_iovec ** vecp,struct xfs_buf * bp,uint offset,int first_bit,uint nbits)175 xfs_buf_item_copy_iovec(
176 struct xfs_log_vec *lv,
177 struct xfs_log_iovec **vecp,
178 struct xfs_buf *bp,
179 uint offset,
180 int first_bit,
181 uint nbits)
182 {
183 offset += first_bit * XFS_BLF_CHUNK;
184 xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BCHUNK,
185 xfs_buf_offset(bp, offset),
186 nbits * XFS_BLF_CHUNK);
187 }
188
189 static inline bool
xfs_buf_item_straddle(struct xfs_buf * bp,uint offset,int next_bit,int last_bit)190 xfs_buf_item_straddle(
191 struct xfs_buf *bp,
192 uint offset,
193 int next_bit,
194 int last_bit)
195 {
196 return xfs_buf_offset(bp, offset + (next_bit << XFS_BLF_SHIFT)) !=
197 (xfs_buf_offset(bp, offset + (last_bit << XFS_BLF_SHIFT)) +
198 XFS_BLF_CHUNK);
199 }
200
201 static void
xfs_buf_item_format_segment(struct xfs_buf_log_item * bip,struct xfs_log_vec * lv,struct xfs_log_iovec ** vecp,uint offset,struct xfs_buf_log_format * blfp)202 xfs_buf_item_format_segment(
203 struct xfs_buf_log_item *bip,
204 struct xfs_log_vec *lv,
205 struct xfs_log_iovec **vecp,
206 uint offset,
207 struct xfs_buf_log_format *blfp)
208 {
209 struct xfs_buf *bp = bip->bli_buf;
210 uint base_size;
211 int first_bit;
212 int last_bit;
213 int next_bit;
214 uint nbits;
215
216 /* copy the flags across from the base format item */
217 blfp->blf_flags = bip->__bli_format.blf_flags;
218
219 /*
220 * Base size is the actual size of the ondisk structure - it reflects
221 * the actual size of the dirty bitmap rather than the size of the in
222 * memory structure.
223 */
224 base_size = xfs_buf_log_format_size(blfp);
225
226 first_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size, 0);
227 if (!(bip->bli_flags & XFS_BLI_STALE) && first_bit == -1) {
228 /*
229 * If the map is not be dirty in the transaction, mark
230 * the size as zero and do not advance the vector pointer.
231 */
232 return;
233 }
234
235 blfp = xlog_copy_iovec(lv, vecp, XLOG_REG_TYPE_BFORMAT, blfp, base_size);
236 blfp->blf_size = 1;
237
238 if (bip->bli_flags & XFS_BLI_STALE) {
239 /*
240 * The buffer is stale, so all we need to log
241 * is the buf log format structure with the
242 * cancel flag in it.
243 */
244 trace_xfs_buf_item_format_stale(bip);
245 ASSERT(blfp->blf_flags & XFS_BLF_CANCEL);
246 return;
247 }
248
249
250 /*
251 * Fill in an iovec for each set of contiguous chunks.
252 */
253 last_bit = first_bit;
254 nbits = 1;
255 for (;;) {
256 /*
257 * This takes the bit number to start looking from and
258 * returns the next set bit from there. It returns -1
259 * if there are no more bits set or the start bit is
260 * beyond the end of the bitmap.
261 */
262 next_bit = xfs_next_bit(blfp->blf_data_map, blfp->blf_map_size,
263 (uint)last_bit + 1);
264 /*
265 * If we run out of bits fill in the last iovec and get out of
266 * the loop. Else if we start a new set of bits then fill in
267 * the iovec for the series we were looking at and start
268 * counting the bits in the new one. Else we're still in the
269 * same set of bits so just keep counting and scanning.
270 */
271 if (next_bit == -1) {
272 xfs_buf_item_copy_iovec(lv, vecp, bp, offset,
273 first_bit, nbits);
274 blfp->blf_size++;
275 break;
276 } else if (next_bit != last_bit + 1 ||
277 xfs_buf_item_straddle(bp, offset, next_bit, last_bit)) {
278 xfs_buf_item_copy_iovec(lv, vecp, bp, offset,
279 first_bit, nbits);
280 blfp->blf_size++;
281 first_bit = next_bit;
282 last_bit = next_bit;
283 nbits = 1;
284 } else {
285 last_bit++;
286 nbits++;
287 }
288 }
289 }
290
291 /*
292 * This is called to fill in the vector of log iovecs for the
293 * given log buf item. It fills the first entry with a buf log
294 * format structure, and the rest point to contiguous chunks
295 * within the buffer.
296 */
297 STATIC void
xfs_buf_item_format(struct xfs_log_item * lip,struct xfs_log_vec * lv)298 xfs_buf_item_format(
299 struct xfs_log_item *lip,
300 struct xfs_log_vec *lv)
301 {
302 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
303 struct xfs_buf *bp = bip->bli_buf;
304 struct xfs_log_iovec *vecp = NULL;
305 uint offset = 0;
306 int i;
307
308 ASSERT(atomic_read(&bip->bli_refcount) > 0);
309 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) ||
310 (bip->bli_flags & XFS_BLI_STALE));
311 ASSERT((bip->bli_flags & XFS_BLI_STALE) ||
312 (xfs_blft_from_flags(&bip->__bli_format) > XFS_BLFT_UNKNOWN_BUF
313 && xfs_blft_from_flags(&bip->__bli_format) < XFS_BLFT_MAX_BUF));
314 ASSERT(!(bip->bli_flags & XFS_BLI_ORDERED) ||
315 (bip->bli_flags & XFS_BLI_STALE));
316
317
318 /*
319 * If it is an inode buffer, transfer the in-memory state to the
320 * format flags and clear the in-memory state.
321 *
322 * For buffer based inode allocation, we do not transfer
323 * this state if the inode buffer allocation has not yet been committed
324 * to the log as setting the XFS_BLI_INODE_BUF flag will prevent
325 * correct replay of the inode allocation.
326 *
327 * For icreate item based inode allocation, the buffers aren't written
328 * to the journal during allocation, and hence we should always tag the
329 * buffer as an inode buffer so that the correct unlinked list replay
330 * occurs during recovery.
331 */
332 if (bip->bli_flags & XFS_BLI_INODE_BUF) {
333 if (xfs_sb_version_hascrc(&lip->li_mountp->m_sb) ||
334 !((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) &&
335 xfs_log_item_in_current_chkpt(lip)))
336 bip->__bli_format.blf_flags |= XFS_BLF_INODE_BUF;
337 bip->bli_flags &= ~XFS_BLI_INODE_BUF;
338 }
339
340 for (i = 0; i < bip->bli_format_count; i++) {
341 xfs_buf_item_format_segment(bip, lv, &vecp, offset,
342 &bip->bli_formats[i]);
343 offset += BBTOB(bp->b_maps[i].bm_len);
344 }
345
346 /*
347 * Check to make sure everything is consistent.
348 */
349 trace_xfs_buf_item_format(bip);
350 }
351
352 /*
353 * This is called to pin the buffer associated with the buf log item in memory
354 * so it cannot be written out.
355 *
356 * We also always take a reference to the buffer log item here so that the bli
357 * is held while the item is pinned in memory. This means that we can
358 * unconditionally drop the reference count a transaction holds when the
359 * transaction is completed.
360 */
361 STATIC void
xfs_buf_item_pin(struct xfs_log_item * lip)362 xfs_buf_item_pin(
363 struct xfs_log_item *lip)
364 {
365 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
366
367 ASSERT(atomic_read(&bip->bli_refcount) > 0);
368 ASSERT((bip->bli_flags & XFS_BLI_LOGGED) ||
369 (bip->bli_flags & XFS_BLI_ORDERED) ||
370 (bip->bli_flags & XFS_BLI_STALE));
371
372 trace_xfs_buf_item_pin(bip);
373
374 atomic_inc(&bip->bli_refcount);
375 atomic_inc(&bip->bli_buf->b_pin_count);
376 }
377
378 /*
379 * This is called to unpin the buffer associated with the buf log
380 * item which was previously pinned with a call to xfs_buf_item_pin().
381 *
382 * Also drop the reference to the buf item for the current transaction.
383 * If the XFS_BLI_STALE flag is set and we are the last reference,
384 * then free up the buf log item and unlock the buffer.
385 *
386 * If the remove flag is set we are called from uncommit in the
387 * forced-shutdown path. If that is true and the reference count on
388 * the log item is going to drop to zero we need to free the item's
389 * descriptor in the transaction.
390 */
391 STATIC void
xfs_buf_item_unpin(struct xfs_log_item * lip,int remove)392 xfs_buf_item_unpin(
393 struct xfs_log_item *lip,
394 int remove)
395 {
396 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
397 xfs_buf_t *bp = bip->bli_buf;
398 struct xfs_ail *ailp = lip->li_ailp;
399 int stale = bip->bli_flags & XFS_BLI_STALE;
400 int freed;
401
402 ASSERT(bp->b_log_item == bip);
403 ASSERT(atomic_read(&bip->bli_refcount) > 0);
404
405 trace_xfs_buf_item_unpin(bip);
406
407 freed = atomic_dec_and_test(&bip->bli_refcount);
408
409 if (atomic_dec_and_test(&bp->b_pin_count))
410 wake_up_all(&bp->b_waiters);
411
412 if (freed && stale) {
413 ASSERT(bip->bli_flags & XFS_BLI_STALE);
414 ASSERT(xfs_buf_islocked(bp));
415 ASSERT(bp->b_flags & XBF_STALE);
416 ASSERT(bip->__bli_format.blf_flags & XFS_BLF_CANCEL);
417
418 trace_xfs_buf_item_unpin_stale(bip);
419
420 if (remove) {
421 /*
422 * If we are in a transaction context, we have to
423 * remove the log item from the transaction as we are
424 * about to release our reference to the buffer. If we
425 * don't, the unlock that occurs later in
426 * xfs_trans_uncommit() will try to reference the
427 * buffer which we no longer have a hold on.
428 */
429 if (!list_empty(&lip->li_trans))
430 xfs_trans_del_item(lip);
431
432 /*
433 * Since the transaction no longer refers to the buffer,
434 * the buffer should no longer refer to the transaction.
435 */
436 bp->b_transp = NULL;
437 }
438
439 /*
440 * If we get called here because of an IO error, we may
441 * or may not have the item on the AIL. xfs_trans_ail_delete()
442 * will take care of that situation.
443 * xfs_trans_ail_delete() drops the AIL lock.
444 */
445 if (bip->bli_flags & XFS_BLI_STALE_INODE) {
446 xfs_buf_do_callbacks(bp);
447 bp->b_log_item = NULL;
448 list_del_init(&bp->b_li_list);
449 bp->b_iodone = NULL;
450 } else {
451 spin_lock(&ailp->ail_lock);
452 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_LOG_IO_ERROR);
453 xfs_buf_item_relse(bp);
454 ASSERT(bp->b_log_item == NULL);
455 }
456 xfs_buf_relse(bp);
457 } else if (freed && remove) {
458 /*
459 * There are currently two references to the buffer - the active
460 * LRU reference and the buf log item. What we are about to do
461 * here - simulate a failed IO completion - requires 3
462 * references.
463 *
464 * The LRU reference is removed by the xfs_buf_stale() call. The
465 * buf item reference is removed by the xfs_buf_iodone()
466 * callback that is run by xfs_buf_do_callbacks() during ioend
467 * processing (via the bp->b_iodone callback), and then finally
468 * the ioend processing will drop the IO reference if the buffer
469 * is marked XBF_ASYNC.
470 *
471 * Hence we need to take an additional reference here so that IO
472 * completion processing doesn't free the buffer prematurely.
473 */
474 xfs_buf_lock(bp);
475 xfs_buf_hold(bp);
476 bp->b_flags |= XBF_ASYNC;
477 xfs_buf_ioerror(bp, -EIO);
478 bp->b_flags &= ~XBF_DONE;
479 xfs_buf_stale(bp);
480 xfs_buf_ioend(bp);
481 }
482 }
483
484 /*
485 * Buffer IO error rate limiting. Limit it to no more than 10 messages per 30
486 * seconds so as to not spam logs too much on repeated detection of the same
487 * buffer being bad..
488 */
489
490 static DEFINE_RATELIMIT_STATE(xfs_buf_write_fail_rl_state, 30 * HZ, 10);
491
492 STATIC uint
xfs_buf_item_push(struct xfs_log_item * lip,struct list_head * buffer_list)493 xfs_buf_item_push(
494 struct xfs_log_item *lip,
495 struct list_head *buffer_list)
496 {
497 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
498 struct xfs_buf *bp = bip->bli_buf;
499 uint rval = XFS_ITEM_SUCCESS;
500
501 if (xfs_buf_ispinned(bp))
502 return XFS_ITEM_PINNED;
503 if (!xfs_buf_trylock(bp)) {
504 /*
505 * If we have just raced with a buffer being pinned and it has
506 * been marked stale, we could end up stalling until someone else
507 * issues a log force to unpin the stale buffer. Check for the
508 * race condition here so xfsaild recognizes the buffer is pinned
509 * and queues a log force to move it along.
510 */
511 if (xfs_buf_ispinned(bp))
512 return XFS_ITEM_PINNED;
513 return XFS_ITEM_LOCKED;
514 }
515
516 ASSERT(!(bip->bli_flags & XFS_BLI_STALE));
517
518 trace_xfs_buf_item_push(bip);
519
520 /* has a previous flush failed due to IO errors? */
521 if ((bp->b_flags & XBF_WRITE_FAIL) &&
522 ___ratelimit(&xfs_buf_write_fail_rl_state, "XFS: Failing async write")) {
523 xfs_warn(bp->b_target->bt_mount,
524 "Failing async write on buffer block 0x%llx. Retrying async write.",
525 (long long)bp->b_bn);
526 }
527
528 if (!xfs_buf_delwri_queue(bp, buffer_list))
529 rval = XFS_ITEM_FLUSHING;
530 xfs_buf_unlock(bp);
531 return rval;
532 }
533
534 /*
535 * Drop the buffer log item refcount and take appropriate action. This helper
536 * determines whether the bli must be freed or not, since a decrement to zero
537 * does not necessarily mean the bli is unused.
538 *
539 * Return true if the bli is freed, false otherwise.
540 */
541 bool
xfs_buf_item_put(struct xfs_buf_log_item * bip)542 xfs_buf_item_put(
543 struct xfs_buf_log_item *bip)
544 {
545 struct xfs_log_item *lip = &bip->bli_item;
546 bool aborted;
547 bool dirty;
548
549 /* drop the bli ref and return if it wasn't the last one */
550 if (!atomic_dec_and_test(&bip->bli_refcount))
551 return false;
552
553 /*
554 * We dropped the last ref and must free the item if clean or aborted.
555 * If the bli is dirty and non-aborted, the buffer was clean in the
556 * transaction but still awaiting writeback from previous changes. In
557 * that case, the bli is freed on buffer writeback completion.
558 */
559 aborted = test_bit(XFS_LI_ABORTED, &lip->li_flags) ||
560 XFS_FORCED_SHUTDOWN(lip->li_mountp);
561 dirty = bip->bli_flags & XFS_BLI_DIRTY;
562 if (dirty && !aborted)
563 return false;
564
565 /*
566 * The bli is aborted or clean. An aborted item may be in the AIL
567 * regardless of dirty state. For example, consider an aborted
568 * transaction that invalidated a dirty bli and cleared the dirty
569 * state.
570 */
571 if (aborted)
572 xfs_trans_ail_remove(lip, SHUTDOWN_LOG_IO_ERROR);
573 xfs_buf_item_relse(bip->bli_buf);
574 return true;
575 }
576
577 /*
578 * Release the buffer associated with the buf log item. If there is no dirty
579 * logged data associated with the buffer recorded in the buf log item, then
580 * free the buf log item and remove the reference to it in the buffer.
581 *
582 * This call ignores the recursion count. It is only called when the buffer
583 * should REALLY be unlocked, regardless of the recursion count.
584 *
585 * We unconditionally drop the transaction's reference to the log item. If the
586 * item was logged, then another reference was taken when it was pinned, so we
587 * can safely drop the transaction reference now. This also allows us to avoid
588 * potential races with the unpin code freeing the bli by not referencing the
589 * bli after we've dropped the reference count.
590 *
591 * If the XFS_BLI_HOLD flag is set in the buf log item, then free the log item
592 * if necessary but do not unlock the buffer. This is for support of
593 * xfs_trans_bhold(). Make sure the XFS_BLI_HOLD field is cleared if we don't
594 * free the item.
595 */
596 STATIC void
xfs_buf_item_unlock(struct xfs_log_item * lip)597 xfs_buf_item_unlock(
598 struct xfs_log_item *lip)
599 {
600 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
601 struct xfs_buf *bp = bip->bli_buf;
602 bool released;
603 bool hold = bip->bli_flags & XFS_BLI_HOLD;
604 bool stale = bip->bli_flags & XFS_BLI_STALE;
605 #if defined(DEBUG) || defined(XFS_WARN)
606 bool ordered = bip->bli_flags & XFS_BLI_ORDERED;
607 bool dirty = bip->bli_flags & XFS_BLI_DIRTY;
608 #endif
609
610 trace_xfs_buf_item_unlock(bip);
611
612 /*
613 * The bli dirty state should match whether the blf has logged segments
614 * except for ordered buffers, where only the bli should be dirty.
615 */
616 ASSERT((!ordered && dirty == xfs_buf_item_dirty_format(bip)) ||
617 (ordered && dirty && !xfs_buf_item_dirty_format(bip)));
618 ASSERT(!stale || (bip->__bli_format.blf_flags & XFS_BLF_CANCEL));
619
620 /*
621 * Clear the buffer's association with this transaction and
622 * per-transaction state from the bli, which has been copied above.
623 */
624 bp->b_transp = NULL;
625 bip->bli_flags &= ~(XFS_BLI_LOGGED | XFS_BLI_HOLD | XFS_BLI_ORDERED);
626
627 /*
628 * Unref the item and unlock the buffer unless held or stale. Stale
629 * buffers remain locked until final unpin unless the bli is freed by
630 * the unref call. The latter implies shutdown because buffer
631 * invalidation dirties the bli and transaction.
632 */
633 released = xfs_buf_item_put(bip);
634 if (hold || (stale && !released))
635 return;
636 ASSERT(!stale || test_bit(XFS_LI_ABORTED, &lip->li_flags));
637 xfs_buf_relse(bp);
638 }
639
640 /*
641 * This is called to find out where the oldest active copy of the
642 * buf log item in the on disk log resides now that the last log
643 * write of it completed at the given lsn.
644 * We always re-log all the dirty data in a buffer, so usually the
645 * latest copy in the on disk log is the only one that matters. For
646 * those cases we simply return the given lsn.
647 *
648 * The one exception to this is for buffers full of newly allocated
649 * inodes. These buffers are only relogged with the XFS_BLI_INODE_BUF
650 * flag set, indicating that only the di_next_unlinked fields from the
651 * inodes in the buffers will be replayed during recovery. If the
652 * original newly allocated inode images have not yet been flushed
653 * when the buffer is so relogged, then we need to make sure that we
654 * keep the old images in the 'active' portion of the log. We do this
655 * by returning the original lsn of that transaction here rather than
656 * the current one.
657 */
658 STATIC xfs_lsn_t
xfs_buf_item_committed(struct xfs_log_item * lip,xfs_lsn_t lsn)659 xfs_buf_item_committed(
660 struct xfs_log_item *lip,
661 xfs_lsn_t lsn)
662 {
663 struct xfs_buf_log_item *bip = BUF_ITEM(lip);
664
665 trace_xfs_buf_item_committed(bip);
666
667 if ((bip->bli_flags & XFS_BLI_INODE_ALLOC_BUF) && lip->li_lsn != 0)
668 return lip->li_lsn;
669 return lsn;
670 }
671
672 STATIC void
xfs_buf_item_committing(struct xfs_log_item * lip,xfs_lsn_t commit_lsn)673 xfs_buf_item_committing(
674 struct xfs_log_item *lip,
675 xfs_lsn_t commit_lsn)
676 {
677 }
678
679 /*
680 * This is the ops vector shared by all buf log items.
681 */
682 static const struct xfs_item_ops xfs_buf_item_ops = {
683 .iop_size = xfs_buf_item_size,
684 .iop_format = xfs_buf_item_format,
685 .iop_pin = xfs_buf_item_pin,
686 .iop_unpin = xfs_buf_item_unpin,
687 .iop_unlock = xfs_buf_item_unlock,
688 .iop_committed = xfs_buf_item_committed,
689 .iop_push = xfs_buf_item_push,
690 .iop_committing = xfs_buf_item_committing
691 };
692
693 STATIC int
xfs_buf_item_get_format(struct xfs_buf_log_item * bip,int count)694 xfs_buf_item_get_format(
695 struct xfs_buf_log_item *bip,
696 int count)
697 {
698 ASSERT(bip->bli_formats == NULL);
699 bip->bli_format_count = count;
700
701 if (count == 1) {
702 bip->bli_formats = &bip->__bli_format;
703 return 0;
704 }
705
706 bip->bli_formats = kmem_zalloc(count * sizeof(struct xfs_buf_log_format),
707 KM_SLEEP);
708 if (!bip->bli_formats)
709 return -ENOMEM;
710 return 0;
711 }
712
713 STATIC void
xfs_buf_item_free_format(struct xfs_buf_log_item * bip)714 xfs_buf_item_free_format(
715 struct xfs_buf_log_item *bip)
716 {
717 if (bip->bli_formats != &bip->__bli_format) {
718 kmem_free(bip->bli_formats);
719 bip->bli_formats = NULL;
720 }
721 }
722
723 /*
724 * Allocate a new buf log item to go with the given buffer.
725 * Set the buffer's b_log_item field to point to the new
726 * buf log item.
727 */
728 int
xfs_buf_item_init(struct xfs_buf * bp,struct xfs_mount * mp)729 xfs_buf_item_init(
730 struct xfs_buf *bp,
731 struct xfs_mount *mp)
732 {
733 struct xfs_buf_log_item *bip = bp->b_log_item;
734 int chunks;
735 int map_size;
736 int error;
737 int i;
738
739 /*
740 * Check to see if there is already a buf log item for
741 * this buffer. If we do already have one, there is
742 * nothing to do here so return.
743 */
744 ASSERT(bp->b_target->bt_mount == mp);
745 if (bip) {
746 ASSERT(bip->bli_item.li_type == XFS_LI_BUF);
747 ASSERT(!bp->b_transp);
748 ASSERT(bip->bli_buf == bp);
749 return 0;
750 }
751
752 bip = kmem_zone_zalloc(xfs_buf_item_zone, KM_SLEEP);
753 xfs_log_item_init(mp, &bip->bli_item, XFS_LI_BUF, &xfs_buf_item_ops);
754 bip->bli_buf = bp;
755
756 /*
757 * chunks is the number of XFS_BLF_CHUNK size pieces the buffer
758 * can be divided into. Make sure not to truncate any pieces.
759 * map_size is the size of the bitmap needed to describe the
760 * chunks of the buffer.
761 *
762 * Discontiguous buffer support follows the layout of the underlying
763 * buffer. This makes the implementation as simple as possible.
764 */
765 error = xfs_buf_item_get_format(bip, bp->b_map_count);
766 ASSERT(error == 0);
767 if (error) { /* to stop gcc throwing set-but-unused warnings */
768 kmem_zone_free(xfs_buf_item_zone, bip);
769 return error;
770 }
771
772
773 for (i = 0; i < bip->bli_format_count; i++) {
774 chunks = DIV_ROUND_UP(BBTOB(bp->b_maps[i].bm_len),
775 XFS_BLF_CHUNK);
776 map_size = DIV_ROUND_UP(chunks, NBWORD);
777
778 bip->bli_formats[i].blf_type = XFS_LI_BUF;
779 bip->bli_formats[i].blf_blkno = bp->b_maps[i].bm_bn;
780 bip->bli_formats[i].blf_len = bp->b_maps[i].bm_len;
781 bip->bli_formats[i].blf_map_size = map_size;
782 }
783
784 bp->b_log_item = bip;
785 xfs_buf_hold(bp);
786 return 0;
787 }
788
789
790 /*
791 * Mark bytes first through last inclusive as dirty in the buf
792 * item's bitmap.
793 */
794 static void
xfs_buf_item_log_segment(uint first,uint last,uint * map)795 xfs_buf_item_log_segment(
796 uint first,
797 uint last,
798 uint *map)
799 {
800 uint first_bit;
801 uint last_bit;
802 uint bits_to_set;
803 uint bits_set;
804 uint word_num;
805 uint *wordp;
806 uint bit;
807 uint end_bit;
808 uint mask;
809
810 /*
811 * Convert byte offsets to bit numbers.
812 */
813 first_bit = first >> XFS_BLF_SHIFT;
814 last_bit = last >> XFS_BLF_SHIFT;
815
816 /*
817 * Calculate the total number of bits to be set.
818 */
819 bits_to_set = last_bit - first_bit + 1;
820
821 /*
822 * Get a pointer to the first word in the bitmap
823 * to set a bit in.
824 */
825 word_num = first_bit >> BIT_TO_WORD_SHIFT;
826 wordp = &map[word_num];
827
828 /*
829 * Calculate the starting bit in the first word.
830 */
831 bit = first_bit & (uint)(NBWORD - 1);
832
833 /*
834 * First set any bits in the first word of our range.
835 * If it starts at bit 0 of the word, it will be
836 * set below rather than here. That is what the variable
837 * bit tells us. The variable bits_set tracks the number
838 * of bits that have been set so far. End_bit is the number
839 * of the last bit to be set in this word plus one.
840 */
841 if (bit) {
842 end_bit = min(bit + bits_to_set, (uint)NBWORD);
843 mask = ((1U << (end_bit - bit)) - 1) << bit;
844 *wordp |= mask;
845 wordp++;
846 bits_set = end_bit - bit;
847 } else {
848 bits_set = 0;
849 }
850
851 /*
852 * Now set bits a whole word at a time that are between
853 * first_bit and last_bit.
854 */
855 while ((bits_to_set - bits_set) >= NBWORD) {
856 *wordp |= 0xffffffff;
857 bits_set += NBWORD;
858 wordp++;
859 }
860
861 /*
862 * Finally, set any bits left to be set in one last partial word.
863 */
864 end_bit = bits_to_set - bits_set;
865 if (end_bit) {
866 mask = (1U << end_bit) - 1;
867 *wordp |= mask;
868 }
869 }
870
871 /*
872 * Mark bytes first through last inclusive as dirty in the buf
873 * item's bitmap.
874 */
875 void
xfs_buf_item_log(struct xfs_buf_log_item * bip,uint first,uint last)876 xfs_buf_item_log(
877 struct xfs_buf_log_item *bip,
878 uint first,
879 uint last)
880 {
881 int i;
882 uint start;
883 uint end;
884 struct xfs_buf *bp = bip->bli_buf;
885
886 /*
887 * walk each buffer segment and mark them dirty appropriately.
888 */
889 start = 0;
890 for (i = 0; i < bip->bli_format_count; i++) {
891 if (start > last)
892 break;
893 end = start + BBTOB(bp->b_maps[i].bm_len) - 1;
894
895 /* skip to the map that includes the first byte to log */
896 if (first > end) {
897 start += BBTOB(bp->b_maps[i].bm_len);
898 continue;
899 }
900
901 /*
902 * Trim the range to this segment and mark it in the bitmap.
903 * Note that we must convert buffer offsets to segment relative
904 * offsets (e.g., the first byte of each segment is byte 0 of
905 * that segment).
906 */
907 if (first < start)
908 first = start;
909 if (end > last)
910 end = last;
911 xfs_buf_item_log_segment(first - start, end - start,
912 &bip->bli_formats[i].blf_data_map[0]);
913
914 start += BBTOB(bp->b_maps[i].bm_len);
915 }
916 }
917
918
919 /*
920 * Return true if the buffer has any ranges logged/dirtied by a transaction,
921 * false otherwise.
922 */
923 bool
xfs_buf_item_dirty_format(struct xfs_buf_log_item * bip)924 xfs_buf_item_dirty_format(
925 struct xfs_buf_log_item *bip)
926 {
927 int i;
928
929 for (i = 0; i < bip->bli_format_count; i++) {
930 if (!xfs_bitmap_empty(bip->bli_formats[i].blf_data_map,
931 bip->bli_formats[i].blf_map_size))
932 return true;
933 }
934
935 return false;
936 }
937
938 STATIC void
xfs_buf_item_free(struct xfs_buf_log_item * bip)939 xfs_buf_item_free(
940 struct xfs_buf_log_item *bip)
941 {
942 xfs_buf_item_free_format(bip);
943 kmem_free(bip->bli_item.li_lv_shadow);
944 kmem_zone_free(xfs_buf_item_zone, bip);
945 }
946
947 /*
948 * This is called when the buf log item is no longer needed. It should
949 * free the buf log item associated with the given buffer and clear
950 * the buffer's pointer to the buf log item. If there are no more
951 * items in the list, clear the b_iodone field of the buffer (see
952 * xfs_buf_attach_iodone() below).
953 */
954 void
xfs_buf_item_relse(xfs_buf_t * bp)955 xfs_buf_item_relse(
956 xfs_buf_t *bp)
957 {
958 struct xfs_buf_log_item *bip = bp->b_log_item;
959
960 trace_xfs_buf_item_relse(bp, _RET_IP_);
961 ASSERT(!(bip->bli_item.li_flags & XFS_LI_IN_AIL));
962
963 bp->b_log_item = NULL;
964 if (list_empty(&bp->b_li_list))
965 bp->b_iodone = NULL;
966
967 xfs_buf_rele(bp);
968 xfs_buf_item_free(bip);
969 }
970
971
972 /*
973 * Add the given log item with its callback to the list of callbacks
974 * to be called when the buffer's I/O completes. If it is not set
975 * already, set the buffer's b_iodone() routine to be
976 * xfs_buf_iodone_callbacks() and link the log item into the list of
977 * items rooted at b_li_list.
978 */
979 void
xfs_buf_attach_iodone(xfs_buf_t * bp,void (* cb)(xfs_buf_t *,xfs_log_item_t *),xfs_log_item_t * lip)980 xfs_buf_attach_iodone(
981 xfs_buf_t *bp,
982 void (*cb)(xfs_buf_t *, xfs_log_item_t *),
983 xfs_log_item_t *lip)
984 {
985 ASSERT(xfs_buf_islocked(bp));
986
987 lip->li_cb = cb;
988 list_add_tail(&lip->li_bio_list, &bp->b_li_list);
989
990 ASSERT(bp->b_iodone == NULL ||
991 bp->b_iodone == xfs_buf_iodone_callbacks);
992 bp->b_iodone = xfs_buf_iodone_callbacks;
993 }
994
995 /*
996 * We can have many callbacks on a buffer. Running the callbacks individually
997 * can cause a lot of contention on the AIL lock, so we allow for a single
998 * callback to be able to scan the remaining items in bp->b_li_list for other
999 * items of the same type and callback to be processed in the first call.
1000 *
1001 * As a result, the loop walking the callback list below will also modify the
1002 * list. it removes the first item from the list and then runs the callback.
1003 * The loop then restarts from the new first item int the list. This allows the
1004 * callback to scan and modify the list attached to the buffer and we don't
1005 * have to care about maintaining a next item pointer.
1006 */
1007 STATIC void
xfs_buf_do_callbacks(struct xfs_buf * bp)1008 xfs_buf_do_callbacks(
1009 struct xfs_buf *bp)
1010 {
1011 struct xfs_buf_log_item *blip = bp->b_log_item;
1012 struct xfs_log_item *lip;
1013
1014 /* If there is a buf_log_item attached, run its callback */
1015 if (blip) {
1016 lip = &blip->bli_item;
1017 lip->li_cb(bp, lip);
1018 }
1019
1020 while (!list_empty(&bp->b_li_list)) {
1021 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item,
1022 li_bio_list);
1023
1024 /*
1025 * Remove the item from the list, so we don't have any
1026 * confusion if the item is added to another buf.
1027 * Don't touch the log item after calling its
1028 * callback, because it could have freed itself.
1029 */
1030 list_del_init(&lip->li_bio_list);
1031 lip->li_cb(bp, lip);
1032 }
1033 }
1034
1035 /*
1036 * Invoke the error state callback for each log item affected by the failed I/O.
1037 *
1038 * If a metadata buffer write fails with a non-permanent error, the buffer is
1039 * eventually resubmitted and so the completion callbacks are not run. The error
1040 * state may need to be propagated to the log items attached to the buffer,
1041 * however, so the next AIL push of the item knows hot to handle it correctly.
1042 */
1043 STATIC void
xfs_buf_do_callbacks_fail(struct xfs_buf * bp)1044 xfs_buf_do_callbacks_fail(
1045 struct xfs_buf *bp)
1046 {
1047 struct xfs_log_item *lip;
1048 struct xfs_ail *ailp;
1049
1050 /*
1051 * Buffer log item errors are handled directly by xfs_buf_item_push()
1052 * and xfs_buf_iodone_callback_error, and they have no IO error
1053 * callbacks. Check only for items in b_li_list.
1054 */
1055 if (list_empty(&bp->b_li_list))
1056 return;
1057
1058 lip = list_first_entry(&bp->b_li_list, struct xfs_log_item,
1059 li_bio_list);
1060 ailp = lip->li_ailp;
1061 spin_lock(&ailp->ail_lock);
1062 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) {
1063 if (lip->li_ops->iop_error)
1064 lip->li_ops->iop_error(lip, bp);
1065 }
1066 spin_unlock(&ailp->ail_lock);
1067 }
1068
1069 static bool
xfs_buf_iodone_callback_error(struct xfs_buf * bp)1070 xfs_buf_iodone_callback_error(
1071 struct xfs_buf *bp)
1072 {
1073 struct xfs_buf_log_item *bip = bp->b_log_item;
1074 struct xfs_log_item *lip;
1075 struct xfs_mount *mp;
1076 static ulong lasttime;
1077 static xfs_buftarg_t *lasttarg;
1078 struct xfs_error_cfg *cfg;
1079
1080 /*
1081 * The failed buffer might not have a buf_log_item attached or the
1082 * log_item list might be empty. Get the mp from the available
1083 * xfs_log_item
1084 */
1085 lip = list_first_entry_or_null(&bp->b_li_list, struct xfs_log_item,
1086 li_bio_list);
1087 mp = lip ? lip->li_mountp : bip->bli_item.li_mountp;
1088
1089 /*
1090 * If we've already decided to shutdown the filesystem because of
1091 * I/O errors, there's no point in giving this a retry.
1092 */
1093 if (XFS_FORCED_SHUTDOWN(mp))
1094 goto out_stale;
1095
1096 if (bp->b_target != lasttarg ||
1097 time_after(jiffies, (lasttime + 5*HZ))) {
1098 lasttime = jiffies;
1099 xfs_buf_ioerror_alert(bp, __func__);
1100 }
1101 lasttarg = bp->b_target;
1102
1103 /* synchronous writes will have callers process the error */
1104 if (!(bp->b_flags & XBF_ASYNC))
1105 goto out_stale;
1106
1107 trace_xfs_buf_item_iodone_async(bp, _RET_IP_);
1108 ASSERT(bp->b_iodone != NULL);
1109
1110 cfg = xfs_error_get_cfg(mp, XFS_ERR_METADATA, bp->b_error);
1111
1112 /*
1113 * If the write was asynchronous then no one will be looking for the
1114 * error. If this is the first failure of this type, clear the error
1115 * state and write the buffer out again. This means we always retry an
1116 * async write failure at least once, but we also need to set the buffer
1117 * up to behave correctly now for repeated failures.
1118 */
1119 if (!(bp->b_flags & (XBF_STALE | XBF_WRITE_FAIL)) ||
1120 bp->b_last_error != bp->b_error) {
1121 bp->b_flags |= (XBF_WRITE | XBF_DONE | XBF_WRITE_FAIL);
1122 bp->b_last_error = bp->b_error;
1123 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1124 !bp->b_first_retry_time)
1125 bp->b_first_retry_time = jiffies;
1126
1127 xfs_buf_ioerror(bp, 0);
1128 xfs_buf_submit(bp);
1129 return true;
1130 }
1131
1132 /*
1133 * Repeated failure on an async write. Take action according to the
1134 * error configuration we have been set up to use.
1135 */
1136
1137 if (cfg->max_retries != XFS_ERR_RETRY_FOREVER &&
1138 ++bp->b_retries > cfg->max_retries)
1139 goto permanent_error;
1140 if (cfg->retry_timeout != XFS_ERR_RETRY_FOREVER &&
1141 time_after(jiffies, cfg->retry_timeout + bp->b_first_retry_time))
1142 goto permanent_error;
1143
1144 /* At unmount we may treat errors differently */
1145 if ((mp->m_flags & XFS_MOUNT_UNMOUNTING) && mp->m_fail_unmount)
1146 goto permanent_error;
1147
1148 /*
1149 * Still a transient error, run IO completion failure callbacks and let
1150 * the higher layers retry the buffer.
1151 */
1152 xfs_buf_do_callbacks_fail(bp);
1153 xfs_buf_ioerror(bp, 0);
1154 xfs_buf_relse(bp);
1155 return true;
1156
1157 /*
1158 * Permanent error - we need to trigger a shutdown if we haven't already
1159 * to indicate that inconsistency will result from this action.
1160 */
1161 permanent_error:
1162 xfs_force_shutdown(mp, SHUTDOWN_META_IO_ERROR);
1163 out_stale:
1164 xfs_buf_stale(bp);
1165 bp->b_flags |= XBF_DONE;
1166 trace_xfs_buf_error_relse(bp, _RET_IP_);
1167 return false;
1168 }
1169
1170 /*
1171 * This is the iodone() function for buffers which have had callbacks attached
1172 * to them by xfs_buf_attach_iodone(). We need to iterate the items on the
1173 * callback list, mark the buffer as having no more callbacks and then push the
1174 * buffer through IO completion processing.
1175 */
1176 void
xfs_buf_iodone_callbacks(struct xfs_buf * bp)1177 xfs_buf_iodone_callbacks(
1178 struct xfs_buf *bp)
1179 {
1180 /*
1181 * If there is an error, process it. Some errors require us
1182 * to run callbacks after failure processing is done so we
1183 * detect that and take appropriate action.
1184 */
1185 if (bp->b_error && xfs_buf_iodone_callback_error(bp))
1186 return;
1187
1188 /*
1189 * Successful IO or permanent error. Either way, we can clear the
1190 * retry state here in preparation for the next error that may occur.
1191 */
1192 bp->b_last_error = 0;
1193 bp->b_retries = 0;
1194 bp->b_first_retry_time = 0;
1195
1196 xfs_buf_do_callbacks(bp);
1197 bp->b_log_item = NULL;
1198 list_del_init(&bp->b_li_list);
1199 bp->b_iodone = NULL;
1200 xfs_buf_ioend(bp);
1201 }
1202
1203 /*
1204 * This is the iodone() function for buffers which have been
1205 * logged. It is called when they are eventually flushed out.
1206 * It should remove the buf item from the AIL, and free the buf item.
1207 * It is called by xfs_buf_iodone_callbacks() above which will take
1208 * care of cleaning up the buffer itself.
1209 */
1210 void
xfs_buf_iodone(struct xfs_buf * bp,struct xfs_log_item * lip)1211 xfs_buf_iodone(
1212 struct xfs_buf *bp,
1213 struct xfs_log_item *lip)
1214 {
1215 struct xfs_ail *ailp = lip->li_ailp;
1216
1217 ASSERT(BUF_ITEM(lip)->bli_buf == bp);
1218
1219 xfs_buf_rele(bp);
1220
1221 /*
1222 * If we are forcibly shutting down, this may well be
1223 * off the AIL already. That's because we simulate the
1224 * log-committed callbacks to unpin these buffers. Or we may never
1225 * have put this item on AIL because of the transaction was
1226 * aborted forcibly. xfs_trans_ail_delete() takes care of these.
1227 *
1228 * Either way, AIL is useless if we're forcing a shutdown.
1229 */
1230 spin_lock(&ailp->ail_lock);
1231 xfs_trans_ail_delete(ailp, lip, SHUTDOWN_CORRUPT_INCORE);
1232 xfs_buf_item_free(BUF_ITEM(lip));
1233 }
1234
1235 /*
1236 * Requeue a failed buffer for writeback.
1237 *
1238 * We clear the log item failed state here as well, but we have to be careful
1239 * about reference counts because the only active reference counts on the buffer
1240 * may be the failed log items. Hence if we clear the log item failed state
1241 * before queuing the buffer for IO we can release all active references to
1242 * the buffer and free it, leading to use after free problems in
1243 * xfs_buf_delwri_queue. It makes no difference to the buffer or log items which
1244 * order we process them in - the buffer is locked, and we own the buffer list
1245 * so nothing on them is going to change while we are performing this action.
1246 *
1247 * Hence we can safely queue the buffer for IO before we clear the failed log
1248 * item state, therefore always having an active reference to the buffer and
1249 * avoiding the transient zero-reference state that leads to use-after-free.
1250 *
1251 * Return true if the buffer was added to the buffer list, false if it was
1252 * already on the buffer list.
1253 */
1254 bool
xfs_buf_resubmit_failed_buffers(struct xfs_buf * bp,struct list_head * buffer_list)1255 xfs_buf_resubmit_failed_buffers(
1256 struct xfs_buf *bp,
1257 struct list_head *buffer_list)
1258 {
1259 struct xfs_log_item *lip;
1260 bool ret;
1261
1262 ret = xfs_buf_delwri_queue(bp, buffer_list);
1263
1264 /*
1265 * XFS_LI_FAILED set/clear is protected by ail_lock, caller of this
1266 * function already have it acquired
1267 */
1268 list_for_each_entry(lip, &bp->b_li_list, li_bio_list)
1269 xfs_clear_li_failed(lip);
1270
1271 return ret;
1272 }
1273