* [PATCH 0/2] Fix sys_sync() bug and slightly cleanup the code @ 2009-04-22 15:56 Jan Kara 2009-04-22 15:56 ` [PATCH] vfs: Fix sys_sync() and fsync_super() reliability Jan Kara 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara 0 siblings, 2 replies; 11+ messages in thread From: Jan Kara @ 2009-04-22 15:56 UTC (permalink / raw) To: LKML; +Cc: linux-fsdevel, Andrew Morton, Jens Axboe Hi, this series of two patches fixes a bug in sys_sync() which could result in not all data being safely on disk after this function returns. It also fixes the same issue in fsync_super() which leads to assertion failure in JBD with Jens's per-BDI writeback patches. The first patch fixes those two bugs, the second patch just simplifies the code afterwards. Honza ^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-22 15:56 [PATCH 0/2] Fix sys_sync() bug and slightly cleanup the code Jan Kara @ 2009-04-22 15:56 ` Jan Kara 2009-04-22 17:16 ` Trond Myklebust 2009-04-23 11:10 ` Christoph Hellwig 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara 1 sibling, 2 replies; 11+ messages in thread From: Jan Kara @ 2009-04-22 15:56 UTC (permalink / raw) To: LKML; +Cc: linux-fsdevel, Andrew Morton, Jens Axboe, Jan Kara So far, do_sync() called: sync_inodes(0); sync_supers(); sync_filesystems(0); sync_filesystems(1); sync_inodes(1); This ordering makes it kind of hard for filesystems as sync_inodes(0) need not submit all the IO (for example it skips inodes with I_SYNC set) so e.g. forcing transaction to disk in ->sync_fs() is not really enough. Therefore sys_sync has not been completely reliable on some filesystems (ext3, ext4, reiserfs, ocfs2 and others are hit by this) when racing e.g. with background writeback. A similar problem hits also other filesystems (e.g. ext2) because of write_supers() being called before the sync_inodes(1). Change the ordering of calls in do_sync() - this requires a new function sync_blkdevs() to preserve the property that block devices are always synced after write_super() / sync_fs() call. The same issue is fixed in __fsync_super() function used on umount / remount read-only. Signed-off-by: Jan Kara <jack@suse.cz> --- fs/super.c | 25 ++++++++++++++++++++++++- fs/sync.c | 3 ++- include/linux/fs.h | 2 ++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/fs/super.c b/fs/super.c index 786fe7d..4f56333 100644 --- a/fs/super.c +++ b/fs/super.c @@ -267,6 +267,7 @@ void __fsync_super(struct super_block *sb) { sync_inodes_sb(sb, 0); vfs_dq_sync(sb); + sync_inodes_sb(sb, 1); lock_super(sb); if (sb->s_dirt && sb->s_op->write_super) sb->s_op->write_super(sb); @@ -274,7 +275,6 @@ void __fsync_super(struct super_block *sb) if (sb->s_op->sync_fs) sb->s_op->sync_fs(sb, 1); sync_blockdev(sb->s_bdev); - sync_inodes_sb(sb, 1); } /* @@ -502,6 +502,29 @@ restart: mutex_unlock(&mutex); } +/* + * Sync all block devices underlying some superblock + */ +void sync_blockdevs(void) +{ + struct super_block *sb; + + spin_lock(&sb_lock); +restart: + list_for_each_entry(sb, &super_blocks, s_list) { + sb->s_count++; + spin_unlock(&sb_lock); + down_read(&sb->s_umount); + if (sb->s_root) + sync_blockdev(sb->s_bdev); + up_read(&sb->s_umount); + spin_lock(&sb_lock); + if (__put_super_and_need_restart(sb)) + goto restart; + } + spin_unlock(&sb_lock); +} + /** * get_super - get the superblock of a device * @bdev: device to get the superblock for diff --git a/fs/sync.c b/fs/sync.c index 7abc65f..fa14e42 100644 --- a/fs/sync.c +++ b/fs/sync.c @@ -26,10 +26,11 @@ static void do_sync(unsigned long wait) wakeup_pdflush(0); sync_inodes(0); /* All mappings, inodes and their blockdevs */ vfs_dq_sync(NULL); + sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ sync_supers(); /* Write the superblocks */ sync_filesystems(0); /* Start syncing the filesystems */ sync_filesystems(wait); /* Waitingly sync the filesystems */ - sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ + sync_blockdevs(); if (!wait) printk("Emergency Sync complete\n"); if (unlikely(laptop_mode)) diff --git a/include/linux/fs.h b/include/linux/fs.h index 5bed436..4bad02e 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1942,6 +1942,7 @@ extern void bdput(struct block_device *); extern struct block_device *open_by_devnum(dev_t, fmode_t); extern void invalidate_bdev(struct block_device *); extern int sync_blockdev(struct block_device *bdev); +extern void sync_blockdevs(void); extern struct super_block *freeze_bdev(struct block_device *); extern void emergency_thaw_all(void); extern int thaw_bdev(struct block_device *bdev, struct super_block *sb); @@ -1951,6 +1952,7 @@ extern int fsync_no_super(struct block_device *); #else static inline void bd_forget(struct inode *inode) {} static inline int sync_blockdev(struct block_device *bdev) { return 0; } +static inline void sync_blockdevs(void) { } static inline void invalidate_bdev(struct block_device *bdev) {} static inline struct super_block *freeze_bdev(struct block_device *sb) -- 1.6.0.2 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-22 15:56 ` [PATCH] vfs: Fix sys_sync() and fsync_super() reliability Jan Kara @ 2009-04-22 17:16 ` Trond Myklebust 2009-04-22 17:23 ` Jan Kara 2009-04-23 11:10 ` Christoph Hellwig 1 sibling, 1 reply; 11+ messages in thread From: Trond Myklebust @ 2009-04-22 17:16 UTC (permalink / raw) To: Jan Kara; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed, 2009-04-22 at 17:56 +0200, Jan Kara wrote: > So far, do_sync() called: > sync_inodes(0); > sync_supers(); > sync_filesystems(0); > sync_filesystems(1); > sync_inodes(1); > > This ordering makes it kind of hard for filesystems as sync_inodes(0) need not > submit all the IO (for example it skips inodes with I_SYNC set) so e.g. forcing > transaction to disk in ->sync_fs() is not really enough. Therefore sys_sync has > not been completely reliable on some filesystems (ext3, ext4, reiserfs, ocfs2 > and others are hit by this) when racing e.g. with background writeback. A > similar problem hits also other filesystems (e.g. ext2) because of > write_supers() being called before the sync_inodes(1). > > Change the ordering of calls in do_sync() - this requires a new function > sync_blkdevs() to preserve the property that block devices are always synced > after write_super() / sync_fs() call. > > The same issue is fixed in __fsync_super() function used on umount / > remount read-only. > > Signed-off-by: Jan Kara <jack@suse.cz> > --- > fs/super.c | 25 ++++++++++++++++++++++++- > fs/sync.c | 3 ++- > include/linux/fs.h | 2 ++ > 3 files changed, 28 insertions(+), 2 deletions(-) > > diff --git a/fs/super.c b/fs/super.c > index 786fe7d..4f56333 100644 > --- a/fs/super.c > +++ b/fs/super.c > @@ -267,6 +267,7 @@ void __fsync_super(struct super_block *sb) > { > sync_inodes_sb(sb, 0); > vfs_dq_sync(sb); > + sync_inodes_sb(sb, 1); > lock_super(sb); > if (sb->s_dirt && sb->s_op->write_super) > sb->s_op->write_super(sb); > @@ -274,7 +275,6 @@ void __fsync_super(struct super_block *sb) > if (sb->s_op->sync_fs) > sb->s_op->sync_fs(sb, 1); > sync_blockdev(sb->s_bdev); > - sync_inodes_sb(sb, 1); > } > > /* > @@ -502,6 +502,29 @@ restart: > mutex_unlock(&mutex); > } > > +/* > + * Sync all block devices underlying some superblock > + */ > +void sync_blockdevs(void) > +{ > + struct super_block *sb; > + > + spin_lock(&sb_lock); > +restart: > + list_for_each_entry(sb, &super_blocks, s_list) { > + sb->s_count++; > + spin_unlock(&sb_lock); > + down_read(&sb->s_umount); > + if (sb->s_root) > + sync_blockdev(sb->s_bdev); > + up_read(&sb->s_umount); What's the point of going to all this trouble of upping the sb->s_count, and grabbing sb->s_umount if there is no sb->s_bdev to sync in the first place? > + spin_lock(&sb_lock); > + if (__put_super_and_need_restart(sb)) > + goto restart; > + } > + spin_unlock(&sb_lock); > +} > + > /** > * get_super - get the superblock of a device > * @bdev: device to get the superblock for > diff --git a/fs/sync.c b/fs/sync.c > index 7abc65f..fa14e42 100644 > --- a/fs/sync.c > +++ b/fs/sync.c > @@ -26,10 +26,11 @@ static void do_sync(unsigned long wait) > wakeup_pdflush(0); > sync_inodes(0); /* All mappings, inodes and their blockdevs */ > vfs_dq_sync(NULL); > + sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ > sync_supers(); /* Write the superblocks */ > sync_filesystems(0); /* Start syncing the filesystems */ > sync_filesystems(wait); /* Waitingly sync the filesystems */ > - sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ > + sync_blockdevs(); > if (!wait) > printk("Emergency Sync complete\n"); > if (unlikely(laptop_mode)) > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 5bed436..4bad02e 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -1942,6 +1942,7 @@ extern void bdput(struct block_device *); > extern struct block_device *open_by_devnum(dev_t, fmode_t); > extern void invalidate_bdev(struct block_device *); > extern int sync_blockdev(struct block_device *bdev); > +extern void sync_blockdevs(void); > extern struct super_block *freeze_bdev(struct block_device *); > extern void emergency_thaw_all(void); > extern int thaw_bdev(struct block_device *bdev, struct super_block *sb); > @@ -1951,6 +1952,7 @@ extern int fsync_no_super(struct block_device *); > #else > static inline void bd_forget(struct inode *inode) {} > static inline int sync_blockdev(struct block_device *bdev) { return 0; } > +static inline void sync_blockdevs(void) { } > static inline void invalidate_bdev(struct block_device *bdev) {} > > static inline struct super_block *freeze_bdev(struct block_device *sb) > -- > 1.6.0.2 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-22 17:16 ` Trond Myklebust @ 2009-04-22 17:23 ` Jan Kara 0 siblings, 0 replies; 11+ messages in thread From: Jan Kara @ 2009-04-22 17:23 UTC (permalink / raw) To: Trond Myklebust; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed 22-04-09 13:16:16, Trond Myklebust wrote: > On Wed, 2009-04-22 at 17:56 +0200, Jan Kara wrote: > > So far, do_sync() called: > > sync_inodes(0); > > sync_supers(); > > sync_filesystems(0); > > sync_filesystems(1); > > sync_inodes(1); > > > > This ordering makes it kind of hard for filesystems as sync_inodes(0) need not > > submit all the IO (for example it skips inodes with I_SYNC set) so e.g. forcing > > transaction to disk in ->sync_fs() is not really enough. Therefore sys_sync has > > not been completely reliable on some filesystems (ext3, ext4, reiserfs, ocfs2 > > and others are hit by this) when racing e.g. with background writeback. A > > similar problem hits also other filesystems (e.g. ext2) because of > > write_supers() being called before the sync_inodes(1). > > > > Change the ordering of calls in do_sync() - this requires a new function > > sync_blkdevs() to preserve the property that block devices are always synced > > after write_super() / sync_fs() call. > > > > The same issue is fixed in __fsync_super() function used on umount / > > remount read-only. > > > > Signed-off-by: Jan Kara <jack@suse.cz> > > --- > > fs/super.c | 25 ++++++++++++++++++++++++- > > fs/sync.c | 3 ++- > > include/linux/fs.h | 2 ++ > > 3 files changed, 28 insertions(+), 2 deletions(-) > > > > diff --git a/fs/super.c b/fs/super.c > > index 786fe7d..4f56333 100644 > > --- a/fs/super.c > > +++ b/fs/super.c > > @@ -267,6 +267,7 @@ void __fsync_super(struct super_block *sb) > > { > > sync_inodes_sb(sb, 0); > > vfs_dq_sync(sb); > > + sync_inodes_sb(sb, 1); > > lock_super(sb); > > if (sb->s_dirt && sb->s_op->write_super) > > sb->s_op->write_super(sb); > > @@ -274,7 +275,6 @@ void __fsync_super(struct super_block *sb) > > if (sb->s_op->sync_fs) > > sb->s_op->sync_fs(sb, 1); > > sync_blockdev(sb->s_bdev); > > - sync_inodes_sb(sb, 1); > > } > > > > /* > > @@ -502,6 +502,29 @@ restart: > > mutex_unlock(&mutex); > > } > > > > +/* > > + * Sync all block devices underlying some superblock > > + */ > > +void sync_blockdevs(void) > > +{ > > + struct super_block *sb; > > + > > + spin_lock(&sb_lock); > > +restart: > > + list_for_each_entry(sb, &super_blocks, s_list) { > > + sb->s_count++; > > + spin_unlock(&sb_lock); > > + down_read(&sb->s_umount); > > + if (sb->s_root) > > + sync_blockdev(sb->s_bdev); > > + up_read(&sb->s_umount); > > What's the point of going to all this trouble of upping the sb->s_count, > and grabbing sb->s_umount if there is no sb->s_bdev to sync in the first > place? Thanks for the comment. Yes, we could save something here. I can improve this and similarly my next patch. I'll just wait till tomorrow whether someone else does not have other comments... > > > + spin_lock(&sb_lock); > > + if (__put_super_and_need_restart(sb)) > > + goto restart; > > + } > > + spin_unlock(&sb_lock); > > +} > > + > > /** > > * get_super - get the superblock of a device > > * @bdev: device to get the superblock for > > diff --git a/fs/sync.c b/fs/sync.c > > index 7abc65f..fa14e42 100644 > > --- a/fs/sync.c > > +++ b/fs/sync.c > > @@ -26,10 +26,11 @@ static void do_sync(unsigned long wait) > > wakeup_pdflush(0); > > sync_inodes(0); /* All mappings, inodes and their blockdevs */ > > vfs_dq_sync(NULL); > > + sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ > > sync_supers(); /* Write the superblocks */ > > sync_filesystems(0); /* Start syncing the filesystems */ > > sync_filesystems(wait); /* Waitingly sync the filesystems */ > > - sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ > > + sync_blockdevs(); > > if (!wait) > > printk("Emergency Sync complete\n"); > > if (unlikely(laptop_mode)) > > diff --git a/include/linux/fs.h b/include/linux/fs.h > > index 5bed436..4bad02e 100644 > > --- a/include/linux/fs.h > > +++ b/include/linux/fs.h > > @@ -1942,6 +1942,7 @@ extern void bdput(struct block_device *); > > extern struct block_device *open_by_devnum(dev_t, fmode_t); > > extern void invalidate_bdev(struct block_device *); > > extern int sync_blockdev(struct block_device *bdev); > > +extern void sync_blockdevs(void); > > extern struct super_block *freeze_bdev(struct block_device *); > > extern void emergency_thaw_all(void); > > extern int thaw_bdev(struct block_device *bdev, struct super_block *sb); > > @@ -1951,6 +1952,7 @@ extern int fsync_no_super(struct block_device *); > > #else > > static inline void bd_forget(struct inode *inode) {} > > static inline int sync_blockdev(struct block_device *bdev) { return 0; } > > +static inline void sync_blockdevs(void) { } > > static inline void invalidate_bdev(struct block_device *bdev) {} > > > > static inline struct super_block *freeze_bdev(struct block_device *sb) > > -- > > 1.6.0.2 Honza -- Jan Kara <jack@suse.cz> SUSE Labs, CR ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-22 15:56 ` [PATCH] vfs: Fix sys_sync() and fsync_super() reliability Jan Kara 2009-04-22 17:16 ` Trond Myklebust @ 2009-04-23 11:10 ` Christoph Hellwig 2009-04-23 13:07 ` Jan Kara 1 sibling, 1 reply; 11+ messages in thread From: Christoph Hellwig @ 2009-04-23 11:10 UTC (permalink / raw) To: Jan Kara; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed, Apr 22, 2009 at 05:56:20PM +0200, Jan Kara wrote: > So far, do_sync() called: > sync_inodes(0); > sync_supers(); > sync_filesystems(0); > sync_filesystems(1); > sync_inodes(1); > > This ordering makes it kind of hard for filesystems as sync_inodes(0) need not > submit all the IO (for example it skips inodes with I_SYNC set) so e.g. forcing > transaction to disk in ->sync_fs() is not really enough. Therefore sys_sync has > not been completely reliable on some filesystems (ext3, ext4, reiserfs, ocfs2 > and others are hit by this) when racing e.g. with background writeback. A > similar problem hits also other filesystems (e.g. ext2) because of > write_supers() being called before the sync_inodes(1). > > Change the ordering of calls in do_sync() - this requires a new function > sync_blkdevs() to preserve the property that block devices are always synced > after write_super() / sync_fs() call. > > The same issue is fixed in __fsync_super() function used on umount / > remount read-only. This looks reasonable, but I always fear we break something when touching this path. It would be really nice if we could rewrite do_sync to sit ontop of __fsync_super. E.g. do a for_each_sb() __fsync_super(sb, ASYNC); for_each_sb() __fsync_super(sb, SYNC); so that we have one central place that makes sure a filesystem is properly synced. Another thing I want to do in this area is sort out the meaning of write_super. I'd really prefer to have every filesystem implement ->sync_fs for actual data-integerity syncs, and only leave ->write_super for the periodic writeouts, as the current implementation is extrenly confusing and causes a lot of trouble for filesystems doing their own periodic sb writeback. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-23 11:10 ` Christoph Hellwig @ 2009-04-23 13:07 ` Jan Kara 2009-04-23 13:09 ` Christoph Hellwig 0 siblings, 1 reply; 11+ messages in thread From: Jan Kara @ 2009-04-23 13:07 UTC (permalink / raw) To: Christoph Hellwig; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Thu 23-04-09 07:10:40, Christoph Hellwig wrote: > On Wed, Apr 22, 2009 at 05:56:20PM +0200, Jan Kara wrote: > > So far, do_sync() called: > > sync_inodes(0); > > sync_supers(); > > sync_filesystems(0); > > sync_filesystems(1); > > sync_inodes(1); > > > > This ordering makes it kind of hard for filesystems as sync_inodes(0) need not > > submit all the IO (for example it skips inodes with I_SYNC set) so e.g. forcing > > transaction to disk in ->sync_fs() is not really enough. Therefore sys_sync has > > not been completely reliable on some filesystems (ext3, ext4, reiserfs, ocfs2 > > and others are hit by this) when racing e.g. with background writeback. A > > similar problem hits also other filesystems (e.g. ext2) because of > > write_supers() being called before the sync_inodes(1). > > > > Change the ordering of calls in do_sync() - this requires a new function > > sync_blkdevs() to preserve the property that block devices are always synced > > after write_super() / sync_fs() call. > > > > The same issue is fixed in __fsync_super() function used on umount / > > remount read-only. > > This looks reasonable, but I always fear we break something when > touching this path. It would be really nice if we could rewrite do_sync > to sit ontop of __fsync_super. E.g. do a > > for_each_sb() > __fsync_super(sb, ASYNC); > for_each_sb() > __fsync_super(sb, SYNC); > > so that we have one central place that makes sure a filesystem is > properly synced. OK, makes sence. Will do. > Another thing I want to do in this area is sort out the meaning of > write_super. I'd really prefer to have every filesystem implement > ->sync_fs for actual data-integerity syncs, and only leave ->write_super > for the periodic writeouts, as the current implementation is extrenly > confusing and causes a lot of trouble for filesystems doing their own > periodic sb writeback. Yes, that would be nice but I guess it's a partly a separate issue (and has to touch a lot of filesystems). I'll keep write_supers() call in the next version of the patch so that this split isn't made harded by it. Honza -- Jan Kara <jack@suse.cz> SUSE Labs, CR ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Fix sys_sync() and fsync_super() reliability 2009-04-23 13:07 ` Jan Kara @ 2009-04-23 13:09 ` Christoph Hellwig 0 siblings, 0 replies; 11+ messages in thread From: Christoph Hellwig @ 2009-04-23 13:09 UTC (permalink / raw) To: Jan Kara Cc: Christoph Hellwig, LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Thu, Apr 23, 2009 at 03:07:24PM +0200, Jan Kara wrote: > > Another thing I want to do in this area is sort out the meaning of > > write_super. I'd really prefer to have every filesystem implement > > ->sync_fs for actual data-integerity syncs, and only leave ->write_super > > for the periodic writeouts, as the current implementation is extrenly > > confusing and causes a lot of trouble for filesystems doing their own > > periodic sb writeback. > Yes, that would be nice but I guess it's a partly a separate issue > (and has to touch a lot of filesystems). I'll keep write_supers() call in > the next version of the patch so that this split isn't made harded by it. Yeah, separate issue. We need to do this sync massaging in a couple of small steps.. ^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() 2009-04-22 15:56 [PATCH 0/2] Fix sys_sync() bug and slightly cleanup the code Jan Kara 2009-04-22 15:56 ` [PATCH] vfs: Fix sys_sync() and fsync_super() reliability Jan Kara @ 2009-04-22 15:56 ` Jan Kara 2009-04-22 17:20 ` Trond Myklebust ` (2 more replies) 1 sibling, 3 replies; 11+ messages in thread From: Jan Kara @ 2009-04-22 15:56 UTC (permalink / raw) To: LKML; +Cc: linux-fsdevel, Andrew Morton, Jens Axboe, Jan Kara These three functions are quite similar so merge them to save superblock list traversal code. As a bonus we get livelock avoidance for all these superblock traversals. Also remove the condition that if wait == 0 and sb->s_dirt is not set, then ->sync_fs() is not called. This does not really make much sence since s_dirt is generally used by filesystem to mean that ->write_super() needs to be called. But ->sync_fs() does different things. I even suspect that some filesystems (btrfs?) sets s_dirt just to fool this logic. Signed-off-by: Jan Kara <jack@suse.cz> --- fs/super.c | 104 ++++++++++++++------------------------------------ fs/sync.c | 12 ++++-- include/linux/fs.h | 11 +++-- mm/page-writeback.c | 2 +- 4 files changed, 44 insertions(+), 85 deletions(-) diff --git a/fs/super.c b/fs/super.c index 4f56333..6d6209e 100644 --- a/fs/super.c +++ b/fs/super.c @@ -413,58 +413,24 @@ void drop_super(struct super_block *sb) EXPORT_SYMBOL(drop_super); -static inline void write_super(struct super_block *sb) -{ - lock_super(sb); - if (sb->s_root && sb->s_dirt) - if (sb->s_op->write_super) - sb->s_op->write_super(sb); - unlock_super(sb); -} - -/* - * Note: check the dirty flag before waiting, so we don't - * hold up the sync while mounting a device. (The newly - * mounted device won't need syncing.) - */ -void sync_supers(void) -{ - struct super_block *sb; - - spin_lock(&sb_lock); -restart: - list_for_each_entry(sb, &super_blocks, s_list) { - if (sb->s_dirt) { - sb->s_count++; - spin_unlock(&sb_lock); - down_read(&sb->s_umount); - write_super(sb); - up_read(&sb->s_umount); - spin_lock(&sb_lock); - if (__put_super_and_need_restart(sb)) - goto restart; - } - } - spin_unlock(&sb_lock); -} - /* - * Call the ->sync_fs super_op against all filesystems which are r/w and - * which implement it. + * Call the ->write_super, ->sync_fs, sync_blockdev() against all filesystems + * which are r/w and which implement it. * - * This operation is careful to avoid the livelock which could easily happen - * if two or more filesystems are being continuously dirtied. s_need_sync_fs - * is used only here. We set it against all filesystems and then clear it as - * we sync them. So redirtied filesystems are skipped. + * This operation is careful to avoid the livelock. Currently it's not so easy + * to trigger as it used to be - we restart scanning the superblock list only + * if the superblock got unmounted under us - but it's better to be safe and it + * doesn't cost us much. s_need_sync is used only here. We set it against all + * filesystems and then clear it as we sync them. So redirtied filesystems are + * skipped. * * But if process A is currently running sync_filesystems and then process B - * calls sync_filesystems as well, process B will set all the s_need_sync_fs - * flags again, which will cause process A to resync everything. Fix that with - * a local mutex. + * calls sync_filesystems as well, process B will set all the s_need_sync flags + * again, which will cause process A to resync everything. Fix that with a + * local mutex. * - * (Fabian) Avoid sync_fs with clean fs & wait mode 0 */ -void sync_filesystems(int wait) +void sync_filesystems(int what, int wait) { struct super_block *sb; static DEFINE_MUTEX(mutex); @@ -472,26 +438,37 @@ void sync_filesystems(int wait) mutex_lock(&mutex); /* Could be down_interruptible */ spin_lock(&sb_lock); list_for_each_entry(sb, &super_blocks, s_list) { - if (!sb->s_op->sync_fs) + if ((!sb->s_op->sync_fs || !(what & FSSYNC_FS)) && + (!sb->s_op->write_super || !(what & FSSYNC_SUPER)) && + !(what & FSSYNC_BDEV)) continue; if (sb->s_flags & MS_RDONLY) continue; - sb->s_need_sync_fs = 1; + sb->s_need_sync = 1; } restart: list_for_each_entry(sb, &super_blocks, s_list) { - if (!sb->s_need_sync_fs) + if (!sb->s_need_sync) continue; - sb->s_need_sync_fs = 0; + sb->s_need_sync = 0; if (sb->s_flags & MS_RDONLY) continue; /* hm. Was remounted r/o meanwhile */ sb->s_count++; spin_unlock(&sb_lock); down_read(&sb->s_umount); async_synchronize_full_domain(&sb->s_async_list); - if (sb->s_root && (wait || sb->s_dirt)) - sb->s_op->sync_fs(sb, wait); + if (sb->s_root) { + lock_super(sb); + if (what & FSSYNC_SUPER && sb->s_dirt && + sb->s_op->write_super) + sb->s_op->write_super(sb); + unlock_super(sb); + if (what & FSSYNC_FS && sb->s_op->sync_fs) + sb->s_op->sync_fs(sb, wait); + if (what & FSSYNC_BDEV) + sync_blockdev(sb->s_bdev); + } up_read(&sb->s_umount); /* restart only when sb is no longer on the list */ spin_lock(&sb_lock); @@ -502,29 +479,6 @@ restart: mutex_unlock(&mutex); } -/* - * Sync all block devices underlying some superblock - */ -void sync_blockdevs(void) -{ - struct super_block *sb; - - spin_lock(&sb_lock); -restart: - list_for_each_entry(sb, &super_blocks, s_list) { - sb->s_count++; - spin_unlock(&sb_lock); - down_read(&sb->s_umount); - if (sb->s_root) - sync_blockdev(sb->s_bdev); - up_read(&sb->s_umount); - spin_lock(&sb_lock); - if (__put_super_and_need_restart(sb)) - goto restart; - } - spin_unlock(&sb_lock); -} - /** * get_super - get the superblock of a device * @bdev: device to get the superblock for diff --git a/fs/sync.c b/fs/sync.c index fa14e42..3c677ee 100644 --- a/fs/sync.c +++ b/fs/sync.c @@ -26,11 +26,15 @@ static void do_sync(unsigned long wait) wakeup_pdflush(0); sync_inodes(0); /* All mappings, inodes and their blockdevs */ vfs_dq_sync(NULL); + sync_filesystems(FSSYNC_FS, 0); /* Start syncing the filesystems */ + /* + * We have to reliably submit IO for all the inodes before writing + * super blocks and calling sync_fs(). Otherwise superblock could miss + * some updates or journal could still have uncommitted data. + */ sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ - sync_supers(); /* Write the superblocks */ - sync_filesystems(0); /* Start syncing the filesystems */ - sync_filesystems(wait); /* Waitingly sync the filesystems */ - sync_blockdevs(); + /* Waitingly sync the filesystems */ + sync_filesystems(FSSYNC_SUPER | FSSYNC_FS | FSSYNC_BDEV, wait); if (!wait) printk("Emergency Sync complete\n"); if (unlikely(laptop_mode)) diff --git a/include/linux/fs.h b/include/linux/fs.h index 4bad02e..2758e75 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1321,7 +1321,7 @@ struct super_block { struct rw_semaphore s_umount; struct mutex s_lock; int s_count; - int s_need_sync_fs; + int s_need_sync; atomic_t s_active; #ifdef CONFIG_SECURITY void *s_security; @@ -1942,7 +1942,6 @@ extern void bdput(struct block_device *); extern struct block_device *open_by_devnum(dev_t, fmode_t); extern void invalidate_bdev(struct block_device *); extern int sync_blockdev(struct block_device *bdev); -extern void sync_blockdevs(void); extern struct super_block *freeze_bdev(struct block_device *); extern void emergency_thaw_all(void); extern int thaw_bdev(struct block_device *bdev, struct super_block *sb); @@ -1952,7 +1951,6 @@ extern int fsync_no_super(struct block_device *); #else static inline void bd_forget(struct inode *inode) {} static inline int sync_blockdev(struct block_device *bdev) { return 0; } -static inline void sync_blockdevs(void) { } static inline void invalidate_bdev(struct block_device *bdev) {} static inline struct super_block *freeze_bdev(struct block_device *sb) @@ -2082,8 +2080,11 @@ extern int filemap_fdatawrite_range(struct address_space *mapping, loff_t start, loff_t end); extern int vfs_fsync(struct file *file, struct dentry *dentry, int datasync); -extern void sync_supers(void); -extern void sync_filesystems(int wait); +/* Flags telling what should be synced by sync_filesystems() */ +#define FSSYNC_FS 1 +#define FSSYNC_SUPER 2 +#define FSSYNC_BDEV 4 +extern void sync_filesystems(int what, int wait); extern void __fsync_super(struct super_block *sb); extern void emergency_sync(void); extern void emergency_remount(void); diff --git a/mm/page-writeback.c b/mm/page-writeback.c index 30351f0..05a2948 100644 --- a/mm/page-writeback.c +++ b/mm/page-writeback.c @@ -768,7 +768,7 @@ static void wb_kupdate(unsigned long arg) .range_cyclic = 1, }; - sync_supers(); + sync_filesystems(FSSYNC_SUPER, 0); oldest_jif = jiffies - msecs_to_jiffies(dirty_expire_interval); start_jif = jiffies; -- 1.6.0.2 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara @ 2009-04-22 17:20 ` Trond Myklebust 2009-04-23 11:06 ` Christoph Hellwig 2009-04-23 12:31 ` Christoph Hellwig 2 siblings, 0 replies; 11+ messages in thread From: Trond Myklebust @ 2009-04-22 17:20 UTC (permalink / raw) To: Jan Kara; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed, 2009-04-22 at 17:56 +0200, Jan Kara wrote: > These three functions are quite similar so merge them to save superblock list > traversal code. As a bonus we get livelock avoidance for all these superblock > traversals. Also remove the condition that if wait == 0 and sb->s_dirt is > not set, then ->sync_fs() is not called. This does not really make much sence > since s_dirt is generally used by filesystem to mean that ->write_super() needs > to be called. But ->sync_fs() does different things. I even suspect that some > filesystems (btrfs?) sets s_dirt just to fool this logic. > > Signed-off-by: Jan Kara <jack@suse.cz> > --- > fs/super.c | 104 ++++++++++++++------------------------------------ > fs/sync.c | 12 ++++-- > include/linux/fs.h | 11 +++-- > mm/page-writeback.c | 2 +- > 4 files changed, 44 insertions(+), 85 deletions(-) > > diff --git a/fs/super.c b/fs/super.c > index 4f56333..6d6209e 100644 > --- a/fs/super.c > +++ b/fs/super.c > @@ -413,58 +413,24 @@ void drop_super(struct super_block *sb) > > EXPORT_SYMBOL(drop_super); > > -static inline void write_super(struct super_block *sb) > -{ > - lock_super(sb); > - if (sb->s_root && sb->s_dirt) > - if (sb->s_op->write_super) > - sb->s_op->write_super(sb); > - unlock_super(sb); > -} > - > -/* > - * Note: check the dirty flag before waiting, so we don't > - * hold up the sync while mounting a device. (The newly > - * mounted device won't need syncing.) > - */ > -void sync_supers(void) > -{ > - struct super_block *sb; > - > - spin_lock(&sb_lock); > -restart: > - list_for_each_entry(sb, &super_blocks, s_list) { > - if (sb->s_dirt) { > - sb->s_count++; > - spin_unlock(&sb_lock); > - down_read(&sb->s_umount); > - write_super(sb); > - up_read(&sb->s_umount); > - spin_lock(&sb_lock); > - if (__put_super_and_need_restart(sb)) > - goto restart; > - } > - } > - spin_unlock(&sb_lock); > -} > - > /* > - * Call the ->sync_fs super_op against all filesystems which are r/w and > - * which implement it. > + * Call the ->write_super, ->sync_fs, sync_blockdev() against all filesystems > + * which are r/w and which implement it. > * > - * This operation is careful to avoid the livelock which could easily happen > - * if two or more filesystems are being continuously dirtied. s_need_sync_fs > - * is used only here. We set it against all filesystems and then clear it as > - * we sync them. So redirtied filesystems are skipped. > + * This operation is careful to avoid the livelock. Currently it's not so easy > + * to trigger as it used to be - we restart scanning the superblock list only > + * if the superblock got unmounted under us - but it's better to be safe and it > + * doesn't cost us much. s_need_sync is used only here. We set it against all > + * filesystems and then clear it as we sync them. So redirtied filesystems are > + * skipped. > * > * But if process A is currently running sync_filesystems and then process B > - * calls sync_filesystems as well, process B will set all the s_need_sync_fs > - * flags again, which will cause process A to resync everything. Fix that with > - * a local mutex. > + * calls sync_filesystems as well, process B will set all the s_need_sync flags > + * again, which will cause process A to resync everything. Fix that with a > + * local mutex. > * > - * (Fabian) Avoid sync_fs with clean fs & wait mode 0 > */ > -void sync_filesystems(int wait) > +void sync_filesystems(int what, int wait) > { > struct super_block *sb; > static DEFINE_MUTEX(mutex); > @@ -472,26 +438,37 @@ void sync_filesystems(int wait) > mutex_lock(&mutex); /* Could be down_interruptible */ > spin_lock(&sb_lock); > list_for_each_entry(sb, &super_blocks, s_list) { > - if (!sb->s_op->sync_fs) > + if ((!sb->s_op->sync_fs || !(what & FSSYNC_FS)) && > + (!sb->s_op->write_super || !(what & FSSYNC_SUPER)) && > + !(what & FSSYNC_BDEV)) Ditto. There should be a check for sb->s_bdev here too... > continue; > if (sb->s_flags & MS_RDONLY) > continue; > - sb->s_need_sync_fs = 1; > + sb->s_need_sync = 1; > } > > restart: > list_for_each_entry(sb, &super_blocks, s_list) { > - if (!sb->s_need_sync_fs) > + if (!sb->s_need_sync) > continue; > - sb->s_need_sync_fs = 0; > + sb->s_need_sync = 0; > if (sb->s_flags & MS_RDONLY) > continue; /* hm. Was remounted r/o meanwhile */ > sb->s_count++; > spin_unlock(&sb_lock); > down_read(&sb->s_umount); > async_synchronize_full_domain(&sb->s_async_list); > - if (sb->s_root && (wait || sb->s_dirt)) > - sb->s_op->sync_fs(sb, wait); > + if (sb->s_root) { > + lock_super(sb); > + if (what & FSSYNC_SUPER && sb->s_dirt && > + sb->s_op->write_super) > + sb->s_op->write_super(sb); > + unlock_super(sb); > + if (what & FSSYNC_FS && sb->s_op->sync_fs) > + sb->s_op->sync_fs(sb, wait); > + if (what & FSSYNC_BDEV) > + sync_blockdev(sb->s_bdev); > + } > up_read(&sb->s_umount); > /* restart only when sb is no longer on the list */ > spin_lock(&sb_lock); > @@ -502,29 +479,6 @@ restart: > mutex_unlock(&mutex); > } > > -/* > - * Sync all block devices underlying some superblock > - */ > -void sync_blockdevs(void) > -{ > - struct super_block *sb; > - > - spin_lock(&sb_lock); > -restart: > - list_for_each_entry(sb, &super_blocks, s_list) { > - sb->s_count++; > - spin_unlock(&sb_lock); > - down_read(&sb->s_umount); > - if (sb->s_root) > - sync_blockdev(sb->s_bdev); > - up_read(&sb->s_umount); > - spin_lock(&sb_lock); > - if (__put_super_and_need_restart(sb)) > - goto restart; > - } > - spin_unlock(&sb_lock); > -} > - > /** > * get_super - get the superblock of a device > * @bdev: device to get the superblock for > diff --git a/fs/sync.c b/fs/sync.c > index fa14e42..3c677ee 100644 > --- a/fs/sync.c > +++ b/fs/sync.c > @@ -26,11 +26,15 @@ static void do_sync(unsigned long wait) > wakeup_pdflush(0); > sync_inodes(0); /* All mappings, inodes and their blockdevs */ > vfs_dq_sync(NULL); > + sync_filesystems(FSSYNC_FS, 0); /* Start syncing the filesystems */ > + /* > + * We have to reliably submit IO for all the inodes before writing > + * super blocks and calling sync_fs(). Otherwise superblock could miss > + * some updates or journal could still have uncommitted data. > + */ > sync_inodes(wait); /* Mappings, inodes and blockdevs, again. */ > - sync_supers(); /* Write the superblocks */ > - sync_filesystems(0); /* Start syncing the filesystems */ > - sync_filesystems(wait); /* Waitingly sync the filesystems */ > - sync_blockdevs(); > + /* Waitingly sync the filesystems */ > + sync_filesystems(FSSYNC_SUPER | FSSYNC_FS | FSSYNC_BDEV, wait); > if (!wait) > printk("Emergency Sync complete\n"); > if (unlikely(laptop_mode)) > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 4bad02e..2758e75 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -1321,7 +1321,7 @@ struct super_block { > struct rw_semaphore s_umount; > struct mutex s_lock; > int s_count; > - int s_need_sync_fs; > + int s_need_sync; > atomic_t s_active; > #ifdef CONFIG_SECURITY > void *s_security; > @@ -1942,7 +1942,6 @@ extern void bdput(struct block_device *); > extern struct block_device *open_by_devnum(dev_t, fmode_t); > extern void invalidate_bdev(struct block_device *); > extern int sync_blockdev(struct block_device *bdev); > -extern void sync_blockdevs(void); > extern struct super_block *freeze_bdev(struct block_device *); > extern void emergency_thaw_all(void); > extern int thaw_bdev(struct block_device *bdev, struct super_block *sb); > @@ -1952,7 +1951,6 @@ extern int fsync_no_super(struct block_device *); > #else > static inline void bd_forget(struct inode *inode) {} > static inline int sync_blockdev(struct block_device *bdev) { return 0; } > -static inline void sync_blockdevs(void) { } > static inline void invalidate_bdev(struct block_device *bdev) {} > > static inline struct super_block *freeze_bdev(struct block_device *sb) > @@ -2082,8 +2080,11 @@ extern int filemap_fdatawrite_range(struct address_space *mapping, > loff_t start, loff_t end); > > extern int vfs_fsync(struct file *file, struct dentry *dentry, int datasync); > -extern void sync_supers(void); > -extern void sync_filesystems(int wait); > +/* Flags telling what should be synced by sync_filesystems() */ > +#define FSSYNC_FS 1 > +#define FSSYNC_SUPER 2 > +#define FSSYNC_BDEV 4 > +extern void sync_filesystems(int what, int wait); > extern void __fsync_super(struct super_block *sb); > extern void emergency_sync(void); > extern void emergency_remount(void); > diff --git a/mm/page-writeback.c b/mm/page-writeback.c > index 30351f0..05a2948 100644 > --- a/mm/page-writeback.c > +++ b/mm/page-writeback.c > @@ -768,7 +768,7 @@ static void wb_kupdate(unsigned long arg) > .range_cyclic = 1, > }; > > - sync_supers(); > + sync_filesystems(FSSYNC_SUPER, 0); > > oldest_jif = jiffies - msecs_to_jiffies(dirty_expire_interval); > start_jif = jiffies; ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara 2009-04-22 17:20 ` Trond Myklebust @ 2009-04-23 11:06 ` Christoph Hellwig 2009-04-23 12:31 ` Christoph Hellwig 2 siblings, 0 replies; 11+ messages in thread From: Christoph Hellwig @ 2009-04-23 11:06 UTC (permalink / raw) To: Jan Kara; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed, Apr 22, 2009 at 05:56:21PM +0200, Jan Kara wrote: > These three functions are quite similar so merge them to save superblock list > traversal code. As a bonus we get livelock avoidance for all these superblock > traversals. Also remove the condition that if wait == 0 and sb->s_dirt is > not set, then ->sync_fs() is not called. This does not really make much sence > since s_dirt is generally used by filesystem to mean that ->write_super() needs > to be called. But ->sync_fs() does different things. I even suspect that some > filesystems (btrfs?) sets s_dirt just to fool this logic. Please separate the s_dirt bit out into a small patch, that's something we probably want for -stable, too. Otherwise the patch looks reasonable. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara 2009-04-22 17:20 ` Trond Myklebust 2009-04-23 11:06 ` Christoph Hellwig @ 2009-04-23 12:31 ` Christoph Hellwig 2 siblings, 0 replies; 11+ messages in thread From: Christoph Hellwig @ 2009-04-23 12:31 UTC (permalink / raw) To: Jan Kara; +Cc: LKML, linux-fsdevel, Andrew Morton, Jens Axboe On Wed, Apr 22, 2009 at 05:56:21PM +0200, Jan Kara wrote: > These three functions are quite similar so merge them to save superblock list > traversal code. As a bonus we get livelock avoidance for all these superblock > traversals. Also remove the condition that if wait == 0 and sb->s_dirt is > not set, then ->sync_fs() is not called. This does not really make much sence > since s_dirt is generally used by filesystem to mean that ->write_super() needs > to be called. But ->sync_fs() does different things. I even suspect that some > filesystems (btrfs?) sets s_dirt just to fool this logic. Some more comments after looking at it in more details: - the FSSYNC_SUPER case really needs to do a trylock on the mutex, otherwise any in-progress sync would block pdflush for a long time. And as any real sync should write out the superblock it's not needed anyway during that time. (Need to double-check the filesystems, though) - sync_filesystems really should move to fs/sync.c - I get more and more inclined to make sync just case of looping over the superblocks and do an fsync_super. A plain sync fsync_super might be too slow so we can try to do an async one first and then a sync one as a second pass - that wakeup_pdflush in do_sync looks extremly fishy, we need to do all page writeback via sync_inodes_(sb) anyway, and doing this in parallel from pdflush just introduced tons of potential race opportunities - now if sync_filesystems just ends up calling __fsync_super for the normal sync path I wonder if there really is a point unifying it with the periodic write_super case. ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2009-04-23 13:09 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2009-04-22 15:56 [PATCH 0/2] Fix sys_sync() bug and slightly cleanup the code Jan Kara 2009-04-22 15:56 ` [PATCH] vfs: Fix sys_sync() and fsync_super() reliability Jan Kara 2009-04-22 17:16 ` Trond Myklebust 2009-04-22 17:23 ` Jan Kara 2009-04-23 11:10 ` Christoph Hellwig 2009-04-23 13:07 ` Jan Kara 2009-04-23 13:09 ` Christoph Hellwig 2009-04-22 15:56 ` [PATCH] vfs: Merge sync_supers(), sync_filesystems() and sync_blockdevs() Jan Kara 2009-04-22 17:20 ` Trond Myklebust 2009-04-23 11:06 ` Christoph Hellwig 2009-04-23 12:31 ` Christoph Hellwig
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).