diff options
| author | Jan Kara <jack@suse.cz> | 2012-04-07 05:05:19 -0400 |
|---|---|---|
| committer | Jan Kara <jack@suse.cz> | 2012-05-15 17:34:37 -0400 |
| commit | fd2cbd4dfa3db477dd6226d387d3f1911d36a6a9 (patch) | |
| tree | b0ada946d14cdcf5db6da2d177be9590a3449e9a /fs/jbd/checkpoint.c | |
| parent | 1ce8486dcc00c1e095af8d155fa4451936b89013 (diff) | |
jbd: Write journal superblock with WRITE_FUA after checkpointing
If journal superblock is written only in disk's caches and other transaction
starts reusing space of the transaction cleaned from the log, it can happen
blocks of a new transaction reach the disk before journal superblock. When
power failure happens in such case, subsequent journal replay would still try
to replay the old transaction but some of it's blocks may be already
overwritten by the new transaction. For this reason we must use WRITE_FUA when
updating log tail and we must first write new log tail to disk and update
in-memory information only after that.
Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'fs/jbd/checkpoint.c')
| -rw-r--r-- | fs/jbd/checkpoint.c | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/fs/jbd/checkpoint.c b/fs/jbd/checkpoint.c index 80c85f3e087f..08c03044abdd 100644 --- a/fs/jbd/checkpoint.c +++ b/fs/jbd/checkpoint.c | |||
| @@ -508,20 +508,19 @@ int cleanup_journal_tail(journal_t *journal) | |||
| 508 | /* | 508 | /* |
| 509 | * We need to make sure that any blocks that were recently written out | 509 | * We need to make sure that any blocks that were recently written out |
| 510 | * --- perhaps by log_do_checkpoint() --- are flushed out before we | 510 | * --- perhaps by log_do_checkpoint() --- are flushed out before we |
| 511 | * drop the transactions from the journal. It's unlikely this will be | 511 | * drop the transactions from the journal. Similarly we need to be sure |
| 512 | * necessary, especially with an appropriately sized journal, but we | 512 | * superblock makes it to disk before next transaction starts reusing |
| 513 | * need this to guarantee correctness. Fortunately | 513 | * freed space (otherwise we could replay some blocks of the new |
| 514 | * cleanup_journal_tail() doesn't get called all that often. | 514 | * transaction thinking they belong to the old one). So we use |
| 515 | * WRITE_FLUSH_FUA. It's unlikely this will be necessary, especially | ||
| 516 | * with an appropriately sized journal, but we need this to guarantee | ||
| 517 | * correctness. Fortunately cleanup_journal_tail() doesn't get called | ||
| 518 | * all that often. | ||
| 515 | */ | 519 | */ |
| 516 | if (journal->j_flags & JFS_BARRIER) | 520 | journal_update_sb_log_tail(journal, first_tid, blocknr, |
| 517 | blkdev_issue_flush(journal->j_fs_dev, GFP_KERNEL, NULL); | 521 | WRITE_FLUSH_FUA); |
| 518 | 522 | ||
| 519 | spin_lock(&journal->j_state_lock); | 523 | spin_lock(&journal->j_state_lock); |
| 520 | if (!tid_gt(first_tid, journal->j_tail_sequence)) { | ||
| 521 | spin_unlock(&journal->j_state_lock); | ||
| 522 | /* Someone else cleaned up journal so return 0 */ | ||
| 523 | return 0; | ||
| 524 | } | ||
| 525 | /* OK, update the superblock to recover the freed space. | 524 | /* OK, update the superblock to recover the freed space. |
| 526 | * Physical blocks come first: have we wrapped beyond the end of | 525 | * Physical blocks come first: have we wrapped beyond the end of |
| 527 | * the log? */ | 526 | * the log? */ |
| @@ -539,8 +538,6 @@ int cleanup_journal_tail(journal_t *journal) | |||
| 539 | journal->j_tail_sequence = first_tid; | 538 | journal->j_tail_sequence = first_tid; |
| 540 | journal->j_tail = blocknr; | 539 | journal->j_tail = blocknr; |
| 541 | spin_unlock(&journal->j_state_lock); | 540 | spin_unlock(&journal->j_state_lock); |
| 542 | if (!(journal->j_flags & JFS_ABORT)) | ||
| 543 | journal_update_sb_log_tail(journal); | ||
| 544 | return 0; | 541 | return 0; |
| 545 | } | 542 | } |
| 546 | 543 | ||