diff options
author | Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> | 2008-10-10 20:29:31 -0400 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2008-10-10 20:29:31 -0400 |
commit | 7ad7445f60fe4d46c4c9d2a9463db180d2a3b270 (patch) | |
tree | cd4e0f69f90664e5ca4185271fbacbb7b4f59491 | |
parent | 7ffe1ea8949c75ecffb7a4d988bb881a9fa62fbe (diff) |
jbd2: don't dirty original metadata buffer on abort
Currently, original metadata buffers are dirtied when they are
unfiled whether the journal has aborted or not. Eventually these
buffers will be written-back to the filesystem by pdflush. This
means some metadata buffers are written to the filesystem without
journaling if the journal aborts. So if both journal abort and
system crash happen at the same time, the filesystem would become
inconsistent state. Additionally, replaying journaled metadata
can overwrite the latest metadata on the filesystem partly.
Because, if the journal gets aborted, journaled metadata are
preserved and replayed during the next mount not to lose
uncheckpointed metadata. This would also break the consistency
of the filesystem.
This patch prevents original metadata buffers from being dirtied
on abort by clearing BH_JBDDirty flag from those buffers. Thus,
no metadata buffers are written to the filesystem without journaling.
Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-rw-r--r-- | fs/jbd2/commit.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c index 78e4da934121..849f10496cea 100644 --- a/fs/jbd2/commit.c +++ b/fs/jbd2/commit.c | |||
@@ -504,9 +504,10 @@ void jbd2_journal_commit_transaction(journal_t *journal) | |||
504 | jh = commit_transaction->t_buffers; | 504 | jh = commit_transaction->t_buffers; |
505 | 505 | ||
506 | /* If we're in abort mode, we just un-journal the buffer and | 506 | /* If we're in abort mode, we just un-journal the buffer and |
507 | release it for background writing. */ | 507 | release it. */ |
508 | 508 | ||
509 | if (is_journal_aborted(journal)) { | 509 | if (is_journal_aborted(journal)) { |
510 | clear_buffer_jbddirty(jh2bh(jh)); | ||
510 | JBUFFER_TRACE(jh, "journal is aborting: refile"); | 511 | JBUFFER_TRACE(jh, "journal is aborting: refile"); |
511 | jbd2_journal_refile_buffer(journal, jh); | 512 | jbd2_journal_refile_buffer(journal, jh); |
512 | /* If that was the last one, we need to clean up | 513 | /* If that was the last one, we need to clean up |
@@ -884,6 +885,8 @@ restart_loop: | |||
884 | if (buffer_jbddirty(bh)) { | 885 | if (buffer_jbddirty(bh)) { |
885 | JBUFFER_TRACE(jh, "add to new checkpointing trans"); | 886 | JBUFFER_TRACE(jh, "add to new checkpointing trans"); |
886 | __jbd2_journal_insert_checkpoint(jh, commit_transaction); | 887 | __jbd2_journal_insert_checkpoint(jh, commit_transaction); |
888 | if (is_journal_aborted(journal)) | ||
889 | clear_buffer_jbddirty(bh); | ||
887 | JBUFFER_TRACE(jh, "refile for checkpoint writeback"); | 890 | JBUFFER_TRACE(jh, "refile for checkpoint writeback"); |
888 | __jbd2_journal_refile_buffer(jh); | 891 | __jbd2_journal_refile_buffer(jh); |
889 | jbd_unlock_bh_state(bh); | 892 | jbd_unlock_bh_state(bh); |