From e893bffd4cf2f000f3058319eea5abeeb1755969 Mon Sep 17 00:00:00 2001 From: Lachlan McIlroy Date: Fri, 12 Oct 2007 11:13:35 +1000 Subject: [XFS] avoid race in sync_inodes() that can fail to write out all dirty data In xfs_fs_sync_super() treat a sync the same as a filesystem freeze. This is needed to force the log to disk for inodes which are not marked dirty in the Linux inode (the inodes are marked dirty on completion of the log I/O) and so sync_inodes() will not flush them. In xfs_fs_write_inode() a synchronous flush will not get an EAGAIN from xfs_inode_flush() and if an asynchronous flush returns EAGAIN we should pass it on to the caller. If we get an error while flushing the inode then re-dirty it so we can try again later. SGI-PV: 971670 SGI-Modid: xfs-linux-melb:xfs-kern:29860a Signed-off-by: Lachlan McIlroy Signed-off-by: David Chinner Signed-off-by: Tim Shimmin --- fs/xfs/linux-2.6/xfs_super.c | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'fs/xfs') diff --git a/fs/xfs/linux-2.6/xfs_super.c b/fs/xfs/linux-2.6/xfs_super.c index a1e3f3ea334..02ec14eeb0c 100644 --- a/fs/xfs/linux-2.6/xfs_super.c +++ b/fs/xfs/linux-2.6/xfs_super.c @@ -410,13 +410,12 @@ xfs_fs_write_inode( flags |= FLUSH_SYNC; } error = xfs_inode_flush(XFS_I(inode), flags); - if (error == EAGAIN) { - if (sync) - error = xfs_inode_flush(XFS_I(inode), - flags | FLUSH_LOG); - else - error = 0; - } + /* + * if we failed to write out the inode then mark + * it dirty again so we'll try again later. + */ + if (error) + mark_inode_dirty_sync(inode); return -error; } @@ -622,7 +621,19 @@ xfs_fs_sync_super( int error; int flags; - if (unlikely(sb->s_frozen == SB_FREEZE_WRITE)) { + /* + * Treat a sync operation like a freeze. This is to work + * around a race in sync_inodes() which works in two phases + * - an asynchronous flush, which can write out an inode + * without waiting for file size updates to complete, and a + * synchronous flush, which wont do anything because the + * async flush removed the inode's dirty flag. Also + * sync_inodes() will not see any files that just have + * outstanding transactions to be flushed because we don't + * dirty the Linux inode until after the transaction I/O + * completes. + */ + if (wait || unlikely(sb->s_frozen == SB_FREEZE_WRITE)) { /* * First stage of freeze - no more writers will make progress * now we are here, so we flush delwri and delalloc buffers @@ -633,7 +644,7 @@ xfs_fs_sync_super( */ flags = SYNC_DATA_QUIESCE; } else - flags = SYNC_FSDATA | (wait ? SYNC_WAIT : 0); + flags = SYNC_FSDATA; error = xfs_sync(mp, flags); sb->s_dirt = 0; -- cgit v1.2.3-70-g09d2