diff options
| author | Sunil Mushran <sunil.mushran@oracle.com> | 2008-07-14 20:31:10 -0400 |
|---|---|---|
| committer | Mark Fasheh <mfasheh@suse.com> | 2008-07-31 19:21:14 -0400 |
| commit | 539d8264093560b917ee3afe4c7f74e5da09d6a5 (patch) | |
| tree | 1fce83387272c0b2d61bd945769f4984aa5e79ce /fs/ocfs2/super.c | |
| parent | c69991aac71a8beb57c11d651c7fd4b24c32aa8b (diff) | |
[PATCH 2/2] ocfs2: Fix race between mount and recovery
As the fs recovery is asynchronous, there is a small chance that another
node can mount (and thus recover) the slot before the recovery thread
gets to it.
If this happens, the recovery thread will block indefinitely on the
journal/slot lock as that lock will be held for the duration of the mount
(by design) by the node assigned to that slot.
The solution implemented is to keep track of the journal replays using
a recovery generation in the journal inode, which will be incremented by the
thread replaying that journal. The recovery thread, before attempting the
blocking lock on the journal/slot lock, will compare the generation on disk
with what it has cached and skip recovery if it does not match.
This bug appears to have been inadvertently introduced during the mount/umount
vote removal by mainline commit 34d024f84345807bf44163fac84e921513dde323. In the
mount voting scheme, the messaging would indirectly indicate that the slot
was being recovered.
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
Diffstat (limited to 'fs/ocfs2/super.c')
| -rw-r--r-- | fs/ocfs2/super.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/fs/ocfs2/super.c b/fs/ocfs2/super.c index 2560b33889aa..88255d3f52b4 100644 --- a/fs/ocfs2/super.c +++ b/fs/ocfs2/super.c | |||
| @@ -1442,6 +1442,15 @@ static int ocfs2_initialize_super(struct super_block *sb, | |||
| 1442 | } | 1442 | } |
| 1443 | mlog(0, "max_slots for this device: %u\n", osb->max_slots); | 1443 | mlog(0, "max_slots for this device: %u\n", osb->max_slots); |
| 1444 | 1444 | ||
| 1445 | osb->slot_recovery_generations = | ||
| 1446 | kcalloc(osb->max_slots, sizeof(*osb->slot_recovery_generations), | ||
| 1447 | GFP_KERNEL); | ||
| 1448 | if (!osb->slot_recovery_generations) { | ||
| 1449 | status = -ENOMEM; | ||
| 1450 | mlog_errno(status); | ||
| 1451 | goto bail; | ||
| 1452 | } | ||
| 1453 | |||
| 1445 | init_waitqueue_head(&osb->osb_wipe_event); | 1454 | init_waitqueue_head(&osb->osb_wipe_event); |
| 1446 | osb->osb_orphan_wipes = kcalloc(osb->max_slots, | 1455 | osb->osb_orphan_wipes = kcalloc(osb->max_slots, |
| 1447 | sizeof(*osb->osb_orphan_wipes), | 1456 | sizeof(*osb->osb_orphan_wipes), |
| @@ -1703,7 +1712,7 @@ static int ocfs2_check_volume(struct ocfs2_super *osb) | |||
| 1703 | local = ocfs2_mount_local(osb); | 1712 | local = ocfs2_mount_local(osb); |
| 1704 | 1713 | ||
| 1705 | /* will play back anything left in the journal. */ | 1714 | /* will play back anything left in the journal. */ |
| 1706 | status = ocfs2_journal_load(osb->journal, local); | 1715 | status = ocfs2_journal_load(osb->journal, local, dirty); |
| 1707 | if (status < 0) { | 1716 | if (status < 0) { |
| 1708 | mlog(ML_ERROR, "ocfs2 journal load failed! %d\n", status); | 1717 | mlog(ML_ERROR, "ocfs2 journal load failed! %d\n", status); |
| 1709 | goto finally; | 1718 | goto finally; |
| @@ -1768,6 +1777,7 @@ static void ocfs2_delete_osb(struct ocfs2_super *osb) | |||
| 1768 | ocfs2_free_slot_info(osb); | 1777 | ocfs2_free_slot_info(osb); |
| 1769 | 1778 | ||
| 1770 | kfree(osb->osb_orphan_wipes); | 1779 | kfree(osb->osb_orphan_wipes); |
| 1780 | kfree(osb->slot_recovery_generations); | ||
| 1771 | /* FIXME | 1781 | /* FIXME |
| 1772 | * This belongs in journal shutdown, but because we have to | 1782 | * This belongs in journal shutdown, but because we have to |
| 1773 | * allocate osb->journal at the start of ocfs2_initalize_osb(), | 1783 | * allocate osb->journal at the start of ocfs2_initalize_osb(), |