2010-10-27 21:30:10 -04:00
/*
* linux / fs / ext4 / page - io . c
*
* This contains the new page_io functions for ext4
*
* Written by Theodore Ts ' o , 2010.
*/
# include <linux/fs.h>
# include <linux/time.h>
# include <linux/jbd2.h>
# include <linux/highuid.h>
# include <linux/pagemap.h>
# include <linux/quotaops.h>
# include <linux/string.h>
# include <linux/buffer_head.h>
# include <linux/writeback.h>
# include <linux/pagevec.h>
# include <linux/mpage.h>
# include <linux/namei.h>
# include <linux/uio.h>
# include <linux/bio.h>
# include <linux/workqueue.h>
# include <linux/kernel.h>
# include <linux/slab.h>
# include "ext4_jbd2.h"
# include "xattr.h"
# include "acl.h"
static struct kmem_cache * io_page_cachep , * io_end_cachep ;
2010-10-27 21:30:14 -04:00
int __init ext4_init_pageio ( void )
2010-10-27 21:30:10 -04:00
{
io_page_cachep = KMEM_CACHE ( ext4_io_page , SLAB_RECLAIM_ACCOUNT ) ;
if ( io_page_cachep = = NULL )
return - ENOMEM ;
io_end_cachep = KMEM_CACHE ( ext4_io_end , SLAB_RECLAIM_ACCOUNT ) ;
2011-01-10 12:10:44 -05:00
if ( io_end_cachep = = NULL ) {
2010-10-27 21:30:10 -04:00
kmem_cache_destroy ( io_page_cachep ) ;
return - ENOMEM ;
}
return 0 ;
}
2010-10-27 21:30:14 -04:00
void ext4_exit_pageio ( void )
2010-10-27 21:30:10 -04:00
{
kmem_cache_destroy ( io_end_cachep ) ;
kmem_cache_destroy ( io_page_cachep ) ;
}
2010-11-08 13:43:33 -05:00
void ext4_ioend_wait ( struct inode * inode )
{
ext4: serialize unaligned asynchronous DIO
ext4 has a data corruption case when doing non-block-aligned
asynchronous direct IO into a sparse file, as demonstrated
by xfstest 240.
The root cause is that while ext4 preallocates space in the
hole, mappings of that space still look "new" and
dio_zero_block() will zero out the unwritten portions. When
more than one AIO thread is going, they both find this "new"
block and race to zero out their portion; this is uncoordinated
and causes data corruption.
Dave Chinner fixed this for xfs by simply serializing all
unaligned asynchronous direct IO. I've done the same here.
The difference is that we only wait on conversions, not all IO.
This is a very big hammer, and I'm not very pleased with
stuffing this into ext4_file_write(). But since ext4 is
DIO_LOCKING, we need to serialize it at this high level.
I tried to move this into ext4_ext_direct_IO, but by then
we have the i_mutex already, and we will wait on the
work queue to do conversions - which must also take the
i_mutex. So that won't work.
This was originally exposed by qemu-kvm installing to
a raw disk image with a normal sector-63 alignment. I've
tested a backport of this patch with qemu, and it does
avoid the corruption. It is also quite a lot slower
(14 min for package installs, vs. 8 min for well-aligned)
but I'll take slow correctness over fast corruption any day.
Mingming suggested that we can track outstanding
conversions, and wait on those so that non-sparse
files won't be affected, and I've implemented that here;
unaligned AIO to nonsparse files won't take a perf hit.
[tytso@mit.edu: Keep the mutex as a hashed array instead
of bloating the ext4 inode]
[tytso@mit.edu: Fix up namespace issues so that global
variables are protected with an "ext4_" prefix.]
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
2011-02-12 08:17:34 -05:00
wait_queue_head_t * wq = ext4_ioend_wq ( inode ) ;
2010-11-08 13:43:33 -05:00
wait_event ( * wq , ( atomic_read ( & EXT4_I ( inode ) - > i_ioend_count ) = = 0 ) ) ;
}
2010-11-08 13:45:33 -05:00
static void put_io_page ( struct ext4_io_page * io_page )
{
if ( atomic_dec_and_test ( & io_page - > p_count ) ) {
Revert "ext4: don't release page refs in ext4_end_bio()"
This reverts commit b43d17f319f2c502b17139d1cf70731b2b62c644.
Dave Jones reports that it causes lockups on his laptop, and his debug
output showed a lot of processes hung waiting for page_writeback (or
more commonly - processes hung waiting for a lock that was held during
that writeback wait).
The page_writeback hint made Ted suggest that Dave look at this commit,
and Dave verified that reverting it makes his problems go away.
Ted says:
"That commit fixes a race which is seen when you write into fallocated
(and hence uninitialized) disk blocks under *very* heavy memory
pressure. Furthermore, although theoretically it could trigger under
normal direct I/O writes, it only seems to trigger if you are issuing
a huge number of AIO writes, such that a just-written page can get
evicted from memory, and then read back into memory, before the
workqueue has a chance to update the extent tree.
This race has been around for a little over a year, and no one noticed
until two months ago; it only happens under fairly exotic conditions,
and in fact even after trying very hard to create a simple repro under
lab conditions, we could only reproduce the problem and confirm the
fix on production servers running MySQL on very fast PCIe-attached
flash devices.
Given that Dave was able to hit this problem pretty quickly, if we
confirm that this commit is at fault, the only reasonable thing to do
is to revert it IMO."
Reported-and-tested-by: Dave Jones <davej@redhat.com>
Acked-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-03-29 17:00:56 -07:00
end_page_writeback ( io_page - > p_page ) ;
2010-11-08 13:45:33 -05:00
put_page ( io_page - > p_page ) ;
kmem_cache_free ( io_page_cachep , io_page ) ;
}
}
2010-10-27 21:30:10 -04:00
void ext4_free_io_end ( ext4_io_end_t * io )
{
int i ;
BUG_ON ( ! io ) ;
2012-09-29 00:14:55 -04:00
BUG_ON ( ! list_empty ( & io - > list ) ) ;
2012-09-28 23:36:25 -04:00
BUG_ON ( io - > flag & EXT4_IO_END_UNWRITTEN ) ;
2010-10-27 21:30:10 -04:00
if ( io - > page )
put_page ( io - > page ) ;
2010-11-08 13:45:33 -05:00
for ( i = 0 ; i < io - > num_io_pages ; i + + )
put_io_page ( io - > pages [ i ] ) ;
2010-10-27 21:30:10 -04:00
io - > num_io_pages = 0 ;
2011-10-30 18:41:19 -04:00
if ( atomic_dec_and_test ( & EXT4_I ( io - > inode ) - > i_ioend_count ) )
wake_up_all ( ext4_ioend_wq ( io - > inode ) ) ;
2010-10-27 21:30:10 -04:00
kmem_cache_free ( io_end_cachep , io ) ;
}
2012-09-29 00:14:55 -04:00
/* check a range of space and convert unwritten extents to written. */
static int ext4_end_io ( ext4_io_end_t * io )
2010-10-27 21:30:10 -04:00
{
struct inode * inode = io - > inode ;
loff_t offset = io - > offset ;
ssize_t size = io - > size ;
int ret = 0 ;
ext4_debug ( " ext4_end_io_nolock: io 0x%p from inode %lu,list->next 0x%p, "
" list->prev 0x%p \n " ,
io , inode - > i_ino , io - > list . next , io - > list . prev ) ;
ret = ext4_convert_unwritten_extents ( inode , offset , size ) ;
if ( ret < 0 ) {
2011-10-31 10:56:32 -04:00
ext4_msg ( inode - > i_sb , KERN_EMERG ,
" failed to convert unwritten extents to written "
" extents -- potential data loss! "
" (inode %lu, offset %llu, size %zd, error %d) " ,
inode - > i_ino , offset , size , ret ) ;
2010-10-27 21:30:10 -04:00
}
if ( io - > iocb )
aio_complete ( io - > iocb , io - > result , 0 ) ;
ext4: serialize unaligned asynchronous DIO
ext4 has a data corruption case when doing non-block-aligned
asynchronous direct IO into a sparse file, as demonstrated
by xfstest 240.
The root cause is that while ext4 preallocates space in the
hole, mappings of that space still look "new" and
dio_zero_block() will zero out the unwritten portions. When
more than one AIO thread is going, they both find this "new"
block and race to zero out their portion; this is uncoordinated
and causes data corruption.
Dave Chinner fixed this for xfs by simply serializing all
unaligned asynchronous direct IO. I've done the same here.
The difference is that we only wait on conversions, not all IO.
This is a very big hammer, and I'm not very pleased with
stuffing this into ext4_file_write(). But since ext4 is
DIO_LOCKING, we need to serialize it at this high level.
I tried to move this into ext4_ext_direct_IO, but by then
we have the i_mutex already, and we will wait on the
work queue to do conversions - which must also take the
i_mutex. So that won't work.
This was originally exposed by qemu-kvm installing to
a raw disk image with a normal sector-63 alignment. I've
tested a backport of this patch with qemu, and it does
avoid the corruption. It is also quite a lot slower
(14 min for package installs, vs. 8 min for well-aligned)
but I'll take slow correctness over fast corruption any day.
Mingming suggested that we can track outstanding
conversions, and wait on those so that non-sparse
files won't be affected, and I've implemented that here;
unaligned AIO to nonsparse files won't take a perf hit.
[tytso@mit.edu: Keep the mutex as a hashed array instead
of bloating the ext4 inode]
[tytso@mit.edu: Fix up namespace issues so that global
variables are protected with an "ext4_" prefix.]
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
2011-02-12 08:17:34 -05:00
2012-02-20 17:59:24 -05:00
if ( io - > flag & EXT4_IO_END_DIRECT )
inode_dio_done ( inode ) ;
2011-10-31 10:56:32 -04:00
/* Wake up anyone waiting on unwritten extent conversion */
2012-09-28 23:24:52 -04:00
if ( atomic_dec_and_test ( & EXT4_I ( inode ) - > i_unwritten ) )
2012-11-08 14:53:35 -05:00
wake_up_all ( ext4_ioend_wq ( inode ) ) ;
2010-10-27 21:30:10 -04:00
return ret ;
}
2012-09-29 00:14:55 -04:00
static void dump_completed_IO ( struct inode * inode )
{
# ifdef EXT4FS_DEBUG
struct list_head * cur , * before , * after ;
ext4_io_end_t * io , * io0 , * io1 ;
unsigned long flags ;
if ( list_empty ( & EXT4_I ( inode ) - > i_completed_io_list ) ) {
ext4_debug ( " inode %lu completed_io list is empty \n " ,
inode - > i_ino ) ;
return ;
}
ext4_debug ( " Dump inode %lu completed_io list \n " , inode - > i_ino ) ;
list_for_each_entry ( io , & EXT4_I ( inode ) - > i_completed_io_list , list ) {
cur = & io - > list ;
before = cur - > prev ;
io0 = container_of ( before , ext4_io_end_t , list ) ;
after = cur - > next ;
io1 = container_of ( after , ext4_io_end_t , list ) ;
ext4_debug ( " io 0x%p from inode %lu,prev 0x%p,next 0x%p \n " ,
io , inode - > i_ino , io0 , io1 ) ;
}
# endif
}
/* Add the io_end to per-inode completed end_io list. */
void ext4_add_complete_io ( ext4_io_end_t * io_end )
2010-10-27 21:30:10 -04:00
{
2012-09-29 00:14:55 -04:00
struct ext4_inode_info * ei = EXT4_I ( io_end - > inode ) ;
struct workqueue_struct * wq ;
unsigned long flags ;
BUG_ON ( ! ( io_end - > flag & EXT4_IO_END_UNWRITTEN ) ) ;
wq = EXT4_SB ( io_end - > inode - > i_sb ) - > dio_unwritten_wq ;
2010-10-27 21:30:10 -04:00
2011-10-30 18:26:08 -04:00
spin_lock_irqsave ( & ei - > i_completed_io_lock , flags ) ;
2012-09-29 00:14:55 -04:00
if ( list_empty ( & ei - > i_completed_io_list ) ) {
io_end - > flag | = EXT4_IO_END_QUEUED ;
queue_work ( wq , & io_end - > work ) ;
2011-10-30 18:26:08 -04:00
}
2012-09-29 00:14:55 -04:00
list_add_tail ( & io_end - > list , & ei - > i_completed_io_list ) ;
spin_unlock_irqrestore ( & ei - > i_completed_io_lock , flags ) ;
}
2011-10-30 18:26:08 -04:00
2012-09-29 00:14:55 -04:00
static int ext4_do_flush_completed_IO ( struct inode * inode ,
ext4_io_end_t * work_io )
{
ext4_io_end_t * io ;
struct list_head unwritten , complete , to_free ;
unsigned long flags ;
struct ext4_inode_info * ei = EXT4_I ( inode ) ;
int err , ret = 0 ;
INIT_LIST_HEAD ( & complete ) ;
INIT_LIST_HEAD ( & to_free ) ;
spin_lock_irqsave ( & ei - > i_completed_io_lock , flags ) ;
dump_completed_IO ( inode ) ;
list_replace_init ( & ei - > i_completed_io_list , & unwritten ) ;
spin_unlock_irqrestore ( & ei - > i_completed_io_lock , flags ) ;
while ( ! list_empty ( & unwritten ) ) {
io = list_entry ( unwritten . next , ext4_io_end_t , list ) ;
BUG_ON ( ! ( io - > flag & EXT4_IO_END_UNWRITTEN ) ) ;
list_del_init ( & io - > list ) ;
err = ext4_end_io ( io ) ;
if ( unlikely ( ! ret & & err ) )
ret = err ;
list_add_tail ( & io - > list , & complete ) ;
}
spin_lock_irqsave ( & ei - > i_completed_io_lock , flags ) ;
while ( ! list_empty ( & complete ) ) {
io = list_entry ( complete . next , ext4_io_end_t , list ) ;
io - > flag & = ~ EXT4_IO_END_UNWRITTEN ;
/* end_io context can not be destroyed now because it still
* used by queued worker . Worker thread will destroy it later */
if ( io - > flag & EXT4_IO_END_QUEUED )
list_del_init ( & io - > list ) ;
else
list_move ( & io - > list , & to_free ) ;
}
/* If we are called from worker context, it is time to clear queued
* flag , and destroy it ' s end_io if it was converted already */
if ( work_io ) {
work_io - > flag & = ~ EXT4_IO_END_QUEUED ;
if ( ! ( work_io - > flag & EXT4_IO_END_UNWRITTEN ) )
list_add_tail ( & work_io - > list , & to_free ) ;
2011-08-31 11:50:51 -04:00
}
2010-10-27 21:30:10 -04:00
spin_unlock_irqrestore ( & ei - > i_completed_io_lock , flags ) ;
2012-09-29 00:14:55 -04:00
while ( ! list_empty ( & to_free ) ) {
io = list_entry ( to_free . next , ext4_io_end_t , list ) ;
list_del_init ( & io - > list ) ;
ext4_free_io_end ( io ) ;
}
return ret ;
}
/*
* work on completed aio dio IO , to convert unwritten extents to extents
*/
static void ext4_end_io_work ( struct work_struct * work )
{
ext4_io_end_t * io = container_of ( work , ext4_io_end_t , work ) ;
ext4_do_flush_completed_IO ( io - > inode , io ) ;
}
2012-10-05 11:31:55 -04:00
int ext4_flush_unwritten_io ( struct inode * inode )
2012-09-29 00:14:55 -04:00
{
2012-10-05 11:31:55 -04:00
int ret ;
WARN_ON_ONCE ( ! mutex_is_locked ( & inode - > i_mutex ) & &
! ( inode - > i_state & I_FREEING ) ) ;
ret = ext4_do_flush_completed_IO ( inode , NULL ) ;
ext4_unwritten_wait ( inode ) ;
return ret ;
2010-10-27 21:30:10 -04:00
}
ext4_io_end_t * ext4_init_io_end ( struct inode * inode , gfp_t flags )
{
2010-12-19 21:41:55 -05:00
ext4_io_end_t * io = kmem_cache_zalloc ( io_end_cachep , flags ) ;
2010-10-27 21:30:10 -04:00
if ( io ) {
2010-11-08 13:43:33 -05:00
atomic_inc ( & EXT4_I ( inode ) - > i_ioend_count ) ;
io - > inode = inode ;
2010-10-27 21:30:10 -04:00
INIT_WORK ( & io - > work , ext4_end_io_work ) ;
INIT_LIST_HEAD ( & io - > list ) ;
}
return io ;
}
/*
* Print an buffer I / O error compatible with the fs / buffer . c . This
* provides compatibility with dmesg scrapers that look for a specific
* buffer I / O error message . We really need a unified error reporting
* structure to userspace ala Digital Unix ' s uerf system , but it ' s
* probably not going to happen in my lifetime , due to LKML politics . . .
*/
static void buffer_io_error ( struct buffer_head * bh )
{
char b [ BDEVNAME_SIZE ] ;
printk ( KERN_ERR " Buffer I/O error on device %s, logical block %llu \n " ,
bdevname ( bh - > b_bdev , b ) ,
( unsigned long long ) bh - > b_blocknr ) ;
}
static void ext4_end_bio ( struct bio * bio , int error )
{
ext4_io_end_t * io_end = bio - > bi_private ;
struct inode * inode ;
int i ;
ext4: Fix data corruption with multi-block writepages support
This fixes a corruption problem with the multi-block
writepages submittal change for ext4, from commit
bd2d0210cf22f2bd0cef72eb97cf94fc7d31d8cc ("ext4: use bio
layer instead of buffer layer in mpage_da_submit_io").
(Note that this corruption is not present in 2.6.37 on
ext4, because the corruption was detected after the
feature was merged in 2.6.37-rc1, and so it was turned
off by adding a non-default mount option,
mblk_io_submit. With this commit, which hopefully
fixes the last of the bugs with this feature, we'll be
able to turn on this performance feature by default in
2.6.38, and remove the mblk_io_submit option.)
The ext4 code path to bundle multiple pages for
writeback in ext4_bio_write_page() had a bug: we should
be clearing buffer head dirty flags *before* we submit
the bio, not in the completion routine.
The patch below was tested on 2.6.37 under KVM with the
postgresql script which was submitted by Jon Nelson as
documented in commit 1449032be1.
Without the patch, I'd hit the corruption problem about
50-70% of the time. With the patch, I executed the
script > 100 times with no corruption seen.
I also fixed a bug to make sure ext4_end_bio() doesn't
dereference the bio after the bio_put() call.
Reported-by: Jon Nelson <jnelson@jamponi.net>
Reported-by: Matthias Bayer <jackdachef@gmail.com>
Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
2011-02-07 12:46:14 -05:00
sector_t bi_sector = bio - > bi_sector ;
2010-10-27 21:30:10 -04:00
BUG_ON ( ! io_end ) ;
bio - > bi_private = NULL ;
bio - > bi_end_io = NULL ;
if ( test_bit ( BIO_UPTODATE , & bio - > bi_flags ) )
error = 0 ;
bio_put ( bio ) ;
for ( i = 0 ; i < io_end - > num_io_pages ; i + + ) {
struct page * page = io_end - > pages [ i ] - > p_page ;
struct buffer_head * bh , * head ;
2011-04-30 13:26:26 -04:00
loff_t offset ;
loff_t io_end_offset ;
2010-10-27 21:30:10 -04:00
2011-04-30 13:26:26 -04:00
if ( error ) {
2010-10-27 21:30:10 -04:00
SetPageError ( page ) ;
2011-04-30 13:26:26 -04:00
set_bit ( AS_EIO , & page - > mapping - > flags ) ;
head = page_buffers ( page ) ;
BUG_ON ( ! head ) ;
io_end_offset = io_end - > offset + io_end - > size ;
2010-10-27 21:30:10 -04:00
offset = ( sector_t ) page - > index < < PAGE_CACHE_SHIFT ;
bh = head ;
do {
if ( ( offset > = io_end - > offset ) & &
2011-04-30 13:26:26 -04:00
( offset + bh - > b_size < = io_end_offset ) )
buffer_io_error ( bh ) ;
2010-10-27 21:30:10 -04:00
offset + = bh - > b_size ;
bh = bh - > b_this_page ;
} while ( bh ! = head ) ;
}
Revert "ext4: don't release page refs in ext4_end_bio()"
This reverts commit b43d17f319f2c502b17139d1cf70731b2b62c644.
Dave Jones reports that it causes lockups on his laptop, and his debug
output showed a lot of processes hung waiting for page_writeback (or
more commonly - processes hung waiting for a lock that was held during
that writeback wait).
The page_writeback hint made Ted suggest that Dave look at this commit,
and Dave verified that reverting it makes his problems go away.
Ted says:
"That commit fixes a race which is seen when you write into fallocated
(and hence uninitialized) disk blocks under *very* heavy memory
pressure. Furthermore, although theoretically it could trigger under
normal direct I/O writes, it only seems to trigger if you are issuing
a huge number of AIO writes, such that a just-written page can get
evicted from memory, and then read back into memory, before the
workqueue has a chance to update the extent tree.
This race has been around for a little over a year, and no one noticed
until two months ago; it only happens under fairly exotic conditions,
and in fact even after trying very hard to create a simple repro under
lab conditions, we could only reproduce the problem and confirm the
fix on production servers running MySQL on very fast PCIe-attached
flash devices.
Given that Dave was able to hit this problem pretty quickly, if we
confirm that this commit is at fault, the only reasonable thing to do
is to revert it IMO."
Reported-and-tested-by: Dave Jones <davej@redhat.com>
Acked-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-03-29 17:00:56 -07:00
put_io_page ( io_end - > pages [ i ] ) ;
2010-10-27 21:30:10 -04:00
}
Revert "ext4: don't release page refs in ext4_end_bio()"
This reverts commit b43d17f319f2c502b17139d1cf70731b2b62c644.
Dave Jones reports that it causes lockups on his laptop, and his debug
output showed a lot of processes hung waiting for page_writeback (or
more commonly - processes hung waiting for a lock that was held during
that writeback wait).
The page_writeback hint made Ted suggest that Dave look at this commit,
and Dave verified that reverting it makes his problems go away.
Ted says:
"That commit fixes a race which is seen when you write into fallocated
(and hence uninitialized) disk blocks under *very* heavy memory
pressure. Furthermore, although theoretically it could trigger under
normal direct I/O writes, it only seems to trigger if you are issuing
a huge number of AIO writes, such that a just-written page can get
evicted from memory, and then read back into memory, before the
workqueue has a chance to update the extent tree.
This race has been around for a little over a year, and no one noticed
until two months ago; it only happens under fairly exotic conditions,
and in fact even after trying very hard to create a simple repro under
lab conditions, we could only reproduce the problem and confirm the
fix on production servers running MySQL on very fast PCIe-attached
flash devices.
Given that Dave was able to hit this problem pretty quickly, if we
confirm that this commit is at fault, the only reasonable thing to do
is to revert it IMO."
Reported-and-tested-by: Dave Jones <davej@redhat.com>
Acked-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-03-29 17:00:56 -07:00
io_end - > num_io_pages = 0 ;
2010-11-08 13:43:33 -05:00
inode = io_end - > inode ;
if ( error ) {
io_end - > flag | = EXT4_IO_END_ERROR ;
ext4_warning ( inode - > i_sb , " I/O error writing to inode %lu "
" (offset %llu size %ld starting block %llu) " ,
inode - > i_ino ,
( unsigned long long ) io_end - > offset ,
( long ) io_end - > size ,
( unsigned long long )
ext4: Fix data corruption with multi-block writepages support
This fixes a corruption problem with the multi-block
writepages submittal change for ext4, from commit
bd2d0210cf22f2bd0cef72eb97cf94fc7d31d8cc ("ext4: use bio
layer instead of buffer layer in mpage_da_submit_io").
(Note that this corruption is not present in 2.6.37 on
ext4, because the corruption was detected after the
feature was merged in 2.6.37-rc1, and so it was turned
off by adding a non-default mount option,
mblk_io_submit. With this commit, which hopefully
fixes the last of the bugs with this feature, we'll be
able to turn on this performance feature by default in
2.6.38, and remove the mblk_io_submit option.)
The ext4 code path to bundle multiple pages for
writeback in ext4_bio_write_page() had a bug: we should
be clearing buffer head dirty flags *before* we submit
the bio, not in the completion routine.
The patch below was tested on 2.6.37 under KVM with the
postgresql script which was submitted by Jon Nelson as
documented in commit 1449032be1.
Without the patch, I'd hit the corruption problem about
50-70% of the time. With the patch, I executed the
script > 100 times with no corruption seen.
I also fixed a bug to make sure ext4_end_bio() doesn't
dereference the bio after the bio_put() call.
Reported-by: Jon Nelson <jnelson@jamponi.net>
Reported-by: Matthias Bayer <jackdachef@gmail.com>
Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
2011-02-07 12:46:14 -05:00
bi_sector > > ( inode - > i_blkbits - 9 ) ) ;
2010-11-08 13:43:33 -05:00
}
2010-10-27 21:30:10 -04:00
2011-02-28 13:12:38 -05:00
if ( ! ( io_end - > flag & EXT4_IO_END_UNWRITTEN ) ) {
ext4_free_io_end ( io_end ) ;
return ;
}
2012-09-29 00:14:55 -04:00
ext4_add_complete_io ( io_end ) ;
2010-10-27 21:30:10 -04:00
}
void ext4_io_submit ( struct ext4_io_submit * io )
{
struct bio * bio = io - > io_bio ;
if ( bio ) {
bio_get ( io - > io_bio ) ;
submit_bio ( io - > io_op , io - > io_bio ) ;
BUG_ON ( bio_flagged ( io - > io_bio , BIO_EOPNOTSUPP ) ) ;
bio_put ( io - > io_bio ) ;
}
2011-02-21 21:01:42 -05:00
io - > io_bio = NULL ;
2010-10-27 21:30:10 -04:00
io - > io_op = 0 ;
2011-02-21 21:01:42 -05:00
io - > io_end = NULL ;
2010-10-27 21:30:10 -04:00
}
static int io_submit_init ( struct ext4_io_submit * io ,
struct inode * inode ,
struct writeback_control * wbc ,
struct buffer_head * bh )
{
ext4_io_end_t * io_end ;
struct page * page = bh - > b_page ;
int nvecs = bio_get_nr_vecs ( bh - > b_bdev ) ;
struct bio * bio ;
io_end = ext4_init_io_end ( inode , GFP_NOFS ) ;
if ( ! io_end )
return - ENOMEM ;
2011-06-29 21:44:45 -04:00
bio = bio_alloc ( GFP_NOIO , min ( nvecs , BIO_MAX_PAGES ) ) ;
2010-10-27 21:30:10 -04:00
bio - > bi_sector = bh - > b_blocknr * ( bh - > b_size > > 9 ) ;
bio - > bi_bdev = bh - > b_bdev ;
bio - > bi_private = io - > io_end = io_end ;
bio - > bi_end_io = ext4_end_bio ;
io_end - > offset = ( page - > index < < PAGE_CACHE_SHIFT ) + bh_offset ( bh ) ;
io - > io_bio = bio ;
2011-03-09 11:56:30 +01:00
io - > io_op = ( wbc - > sync_mode = = WB_SYNC_ALL ? WRITE_SYNC : WRITE ) ;
2010-10-27 21:30:10 -04:00
io - > io_next_block = bh - > b_blocknr ;
return 0 ;
}
static int io_submit_add_bh ( struct ext4_io_submit * io ,
struct ext4_io_page * io_page ,
struct inode * inode ,
struct writeback_control * wbc ,
struct buffer_head * bh )
{
ext4_io_end_t * io_end ;
int ret ;
if ( buffer_new ( bh ) ) {
clear_buffer_new ( bh ) ;
unmap_underlying_metadata ( bh - > b_bdev , bh - > b_blocknr ) ;
}
if ( ! buffer_mapped ( bh ) | | buffer_delay ( bh ) ) {
if ( ! buffer_mapped ( bh ) )
clear_buffer_dirty ( bh ) ;
if ( io - > io_bio )
ext4_io_submit ( io ) ;
return 0 ;
}
if ( io - > io_bio & & bh - > b_blocknr ! = io - > io_next_block ) {
submit_and_retry :
ext4_io_submit ( io ) ;
}
if ( io - > io_bio = = NULL ) {
ret = io_submit_init ( io , inode , wbc , bh ) ;
if ( ret )
return ret ;
}
io_end = io - > io_end ;
if ( ( io_end - > num_io_pages > = MAX_IO_PAGES ) & &
( io_end - > pages [ io_end - > num_io_pages - 1 ] ! = io_page ) )
goto submit_and_retry ;
2011-10-31 17:30:44 -04:00
if ( buffer_uninit ( bh ) )
ext4_set_io_unwritten_flag ( inode , io_end ) ;
2010-10-27 21:30:10 -04:00
io - > io_end - > size + = bh - > b_size ;
io - > io_next_block + + ;
ret = bio_add_page ( io - > io_bio , bh - > b_page , bh - > b_size , bh_offset ( bh ) ) ;
if ( ret ! = bh - > b_size )
goto submit_and_retry ;
if ( ( io_end - > num_io_pages = = 0 ) | |
( io_end - > pages [ io_end - > num_io_pages - 1 ] ! = io_page ) ) {
io_end - > pages [ io_end - > num_io_pages + + ] = io_page ;
2010-11-08 13:45:33 -05:00
atomic_inc ( & io_page - > p_count ) ;
2010-10-27 21:30:10 -04:00
}
return 0 ;
}
int ext4_bio_write_page ( struct ext4_io_submit * io ,
struct page * page ,
int len ,
struct writeback_control * wbc )
{
struct inode * inode = page - > mapping - > host ;
unsigned block_start , block_end , blocksize ;
struct ext4_io_page * io_page ;
struct buffer_head * bh , * head ;
int ret = 0 ;
blocksize = 1 < < inode - > i_blkbits ;
ext4: Fix data corruption with multi-block writepages support
This fixes a corruption problem with the multi-block
writepages submittal change for ext4, from commit
bd2d0210cf22f2bd0cef72eb97cf94fc7d31d8cc ("ext4: use bio
layer instead of buffer layer in mpage_da_submit_io").
(Note that this corruption is not present in 2.6.37 on
ext4, because the corruption was detected after the
feature was merged in 2.6.37-rc1, and so it was turned
off by adding a non-default mount option,
mblk_io_submit. With this commit, which hopefully
fixes the last of the bugs with this feature, we'll be
able to turn on this performance feature by default in
2.6.38, and remove the mblk_io_submit option.)
The ext4 code path to bundle multiple pages for
writeback in ext4_bio_write_page() had a bug: we should
be clearing buffer head dirty flags *before* we submit
the bio, not in the completion routine.
The patch below was tested on 2.6.37 under KVM with the
postgresql script which was submitted by Jon Nelson as
documented in commit 1449032be1.
Without the patch, I'd hit the corruption problem about
50-70% of the time. With the patch, I executed the
script > 100 times with no corruption seen.
I also fixed a bug to make sure ext4_end_bio() doesn't
dereference the bio after the bio_put() call.
Reported-by: Jon Nelson <jnelson@jamponi.net>
Reported-by: Matthias Bayer <jackdachef@gmail.com>
Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
2011-02-07 12:46:14 -05:00
BUG_ON ( ! PageLocked ( page ) ) ;
2010-10-27 21:30:10 -04:00
BUG_ON ( PageWriteback ( page ) ) ;
io_page = kmem_cache_alloc ( io_page_cachep , GFP_NOFS ) ;
if ( ! io_page ) {
set_page_dirty ( page ) ;
unlock_page ( page ) ;
return - ENOMEM ;
}
io_page - > p_page = page ;
2010-11-08 13:45:33 -05:00
atomic_set ( & io_page - > p_count , 1 ) ;
2010-10-27 21:30:10 -04:00
get_page ( page ) ;
2011-02-27 16:43:24 -05:00
set_page_writeback ( page ) ;
ClearPageError ( page ) ;
2010-10-27 21:30:10 -04:00
for ( bh = head = page_buffers ( page ) , block_start = 0 ;
bh ! = head | | ! block_start ;
block_start = block_end , bh = bh - > b_this_page ) {
ext4: Fix data corruption with multi-block writepages support
This fixes a corruption problem with the multi-block
writepages submittal change for ext4, from commit
bd2d0210cf22f2bd0cef72eb97cf94fc7d31d8cc ("ext4: use bio
layer instead of buffer layer in mpage_da_submit_io").
(Note that this corruption is not present in 2.6.37 on
ext4, because the corruption was detected after the
feature was merged in 2.6.37-rc1, and so it was turned
off by adding a non-default mount option,
mblk_io_submit. With this commit, which hopefully
fixes the last of the bugs with this feature, we'll be
able to turn on this performance feature by default in
2.6.38, and remove the mblk_io_submit option.)
The ext4 code path to bundle multiple pages for
writeback in ext4_bio_write_page() had a bug: we should
be clearing buffer head dirty flags *before* we submit
the bio, not in the completion routine.
The patch below was tested on 2.6.37 under KVM with the
postgresql script which was submitted by Jon Nelson as
documented in commit 1449032be1.
Without the patch, I'd hit the corruption problem about
50-70% of the time. With the patch, I executed the
script > 100 times with no corruption seen.
I also fixed a bug to make sure ext4_end_bio() doesn't
dereference the bio after the bio_put() call.
Reported-by: Jon Nelson <jnelson@jamponi.net>
Reported-by: Matthias Bayer <jackdachef@gmail.com>
Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
2011-02-07 12:46:14 -05:00
2010-10-27 21:30:10 -04:00
block_end = block_start + blocksize ;
if ( block_start > = len ) {
2011-12-13 22:29:12 -05:00
/*
* Comments copied from block_write_full_page_endio :
*
* The page straddles i_size . It must be zeroed out on
* each and every writepage invocation because it may
* be mmapped . " A file is mapped in multiples of the
* page size . For a file that is not a multiple of
* the page size , the remaining memory is zeroed when
* mapped , and writes to that region are not written
* out to the file . "
*/
zero_user_segment ( page , block_start , block_end ) ;
2010-10-27 21:30:10 -04:00
clear_buffer_dirty ( bh ) ;
set_buffer_uptodate ( bh ) ;
continue ;
}
ext4: Fix data corruption with multi-block writepages support
This fixes a corruption problem with the multi-block
writepages submittal change for ext4, from commit
bd2d0210cf22f2bd0cef72eb97cf94fc7d31d8cc ("ext4: use bio
layer instead of buffer layer in mpage_da_submit_io").
(Note that this corruption is not present in 2.6.37 on
ext4, because the corruption was detected after the
feature was merged in 2.6.37-rc1, and so it was turned
off by adding a non-default mount option,
mblk_io_submit. With this commit, which hopefully
fixes the last of the bugs with this feature, we'll be
able to turn on this performance feature by default in
2.6.38, and remove the mblk_io_submit option.)
The ext4 code path to bundle multiple pages for
writeback in ext4_bio_write_page() had a bug: we should
be clearing buffer head dirty flags *before* we submit
the bio, not in the completion routine.
The patch below was tested on 2.6.37 under KVM with the
postgresql script which was submitted by Jon Nelson as
documented in commit 1449032be1.
Without the patch, I'd hit the corruption problem about
50-70% of the time. With the patch, I executed the
script > 100 times with no corruption seen.
I also fixed a bug to make sure ext4_end_bio() doesn't
dereference the bio after the bio_put() call.
Reported-by: Jon Nelson <jnelson@jamponi.net>
Reported-by: Matthias Bayer <jackdachef@gmail.com>
Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
2011-02-07 12:46:14 -05:00
clear_buffer_dirty ( bh ) ;
2010-10-27 21:30:10 -04:00
ret = io_submit_add_bh ( io , io_page , inode , wbc , bh ) ;
if ( ret ) {
/*
* We only get here on ENOMEM . Not much else
* we can do but mark the page as dirty , and
* better luck next time .
*/
set_page_dirty ( page ) ;
break ;
}
}
unlock_page ( page ) ;
/*
* If the page was truncated before we could do the writeback ,
* or we had a memory allocation error while trying to write
* the first buffer head , we won ' t have submitted any pages for
* I / O . In that case we need to make sure we ' ve cleared the
* PageWriteback bit from the page to prevent the system from
* wedging later on .
*/
2010-11-08 13:45:33 -05:00
put_io_page ( io_page ) ;
2010-10-27 21:30:10 -04:00
return ret ;
}