2005-04-17 00:20:36 +02:00
|
|
|
/*
|
2005-11-02 04:58:39 +01:00
|
|
|
* Copyright (c) 2000-2003,2005 Silicon Graphics, Inc.
|
|
|
|
* All Rights Reserved.
|
2005-04-17 00:20:36 +02:00
|
|
|
*
|
2005-11-02 04:58:39 +01:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License as
|
2005-04-17 00:20:36 +02:00
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*
|
2005-11-02 04:58:39 +01:00
|
|
|
* This program is distributed in the hope that it would be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
2005-04-17 00:20:36 +02:00
|
|
|
*
|
2005-11-02 04:58:39 +01:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write the Free Software Foundation,
|
|
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
2005-04-17 00:20:36 +02:00
|
|
|
*/
|
|
|
|
#include "xfs.h"
|
|
|
|
#include "xfs_fs.h"
|
2005-11-02 04:38:42 +01:00
|
|
|
#include "xfs_bit.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
#include "xfs_log.h"
|
2005-11-02 04:38:42 +01:00
|
|
|
#include "xfs_inum.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
#include "xfs_trans.h"
|
|
|
|
#include "xfs_sb.h"
|
|
|
|
#include "xfs_ag.h"
|
|
|
|
#include "xfs_dir2.h"
|
|
|
|
#include "xfs_alloc.h"
|
|
|
|
#include "xfs_dmapi.h"
|
|
|
|
#include "xfs_quota.h"
|
|
|
|
#include "xfs_mount.h"
|
|
|
|
#include "xfs_bmap_btree.h"
|
2005-11-02 04:38:42 +01:00
|
|
|
#include "xfs_alloc_btree.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
#include "xfs_ialloc_btree.h"
|
|
|
|
#include "xfs_dir2_sf.h"
|
2005-11-02 04:38:42 +01:00
|
|
|
#include "xfs_attr_sf.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
#include "xfs_dinode.h"
|
|
|
|
#include "xfs_inode.h"
|
|
|
|
#include "xfs_bmap.h"
|
2005-11-02 04:38:42 +01:00
|
|
|
#include "xfs_btree.h"
|
|
|
|
#include "xfs_ialloc.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
#include "xfs_rtalloc.h"
|
|
|
|
#include "xfs_error.h"
|
|
|
|
#include "xfs_itable.h"
|
|
|
|
#include "xfs_rw.h"
|
|
|
|
#include "xfs_acl.h"
|
|
|
|
#include "xfs_attr.h"
|
|
|
|
#include "xfs_inode_item.h"
|
|
|
|
#include "xfs_buf_item.h"
|
|
|
|
#include "xfs_utils.h"
|
|
|
|
#include "xfs_iomap.h"
|
2007-08-28 08:12:30 +02:00
|
|
|
#include "xfs_vnodeops.h"
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
#include <linux/capability.h>
|
|
|
|
#include <linux/writeback.h>
|
|
|
|
|
|
|
|
|
|
|
|
#if defined(XFS_RW_TRACE)
|
|
|
|
void
|
|
|
|
xfs_rw_enter_trace(
|
|
|
|
int tag,
|
|
|
|
xfs_iocore_t *io,
|
|
|
|
void *data,
|
|
|
|
size_t segs,
|
|
|
|
loff_t offset,
|
|
|
|
int ioflags)
|
|
|
|
{
|
|
|
|
xfs_inode_t *ip = XFS_IO_INODE(io);
|
|
|
|
|
|
|
|
if (ip->i_rwtrace == NULL)
|
|
|
|
return;
|
|
|
|
ktrace_enter(ip->i_rwtrace,
|
|
|
|
(void *)(unsigned long)tag,
|
|
|
|
(void *)ip,
|
|
|
|
(void *)((unsigned long)((ip->i_d.di_size >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(ip->i_d.di_size & 0xffffffff)),
|
|
|
|
(void *)data,
|
|
|
|
(void *)((unsigned long)segs),
|
|
|
|
(void *)((unsigned long)((offset >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(offset & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)ioflags),
|
|
|
|
(void *)((unsigned long)((io->io_new_size >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(io->io_new_size & 0xffffffff)),
|
2006-03-22 02:44:15 +01:00
|
|
|
(void *)((unsigned long)current_pid()),
|
2005-04-17 00:20:36 +02:00
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
xfs_inval_cached_trace(
|
|
|
|
xfs_iocore_t *io,
|
|
|
|
xfs_off_t offset,
|
|
|
|
xfs_off_t len,
|
|
|
|
xfs_off_t first,
|
|
|
|
xfs_off_t last)
|
|
|
|
{
|
|
|
|
xfs_inode_t *ip = XFS_IO_INODE(io);
|
|
|
|
|
|
|
|
if (ip->i_rwtrace == NULL)
|
|
|
|
return;
|
|
|
|
ktrace_enter(ip->i_rwtrace,
|
|
|
|
(void *)(__psint_t)XFS_INVAL_CACHED,
|
|
|
|
(void *)ip,
|
|
|
|
(void *)((unsigned long)((offset >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(offset & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)((len >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(len & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)((first >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(first & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)((last >> 32) & 0xffffffff)),
|
|
|
|
(void *)((unsigned long)(last & 0xffffffff)),
|
2006-03-22 02:44:15 +01:00
|
|
|
(void *)((unsigned long)current_pid()),
|
2005-04-17 00:20:36 +02:00
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL,
|
|
|
|
(void *)NULL);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* xfs_iozero
|
|
|
|
*
|
|
|
|
* xfs_iozero clears the specified range of buffer supplied,
|
|
|
|
* and marks all the affected blocks as valid and modified. If
|
|
|
|
* an affected block is not allocated, it will be allocated. If
|
|
|
|
* an affected block is not completely overwritten, and is not
|
|
|
|
* valid before the operation, it will be read from disk before
|
|
|
|
* being partially zeroed.
|
|
|
|
*/
|
|
|
|
STATIC int
|
|
|
|
xfs_iozero(
|
|
|
|
struct inode *ip, /* inode */
|
|
|
|
loff_t pos, /* offset in file */
|
2007-02-10 08:36:47 +01:00
|
|
|
size_t count) /* size of data to zero */
|
2005-04-17 00:20:36 +02:00
|
|
|
{
|
|
|
|
struct page *page;
|
|
|
|
struct address_space *mapping;
|
|
|
|
int status;
|
|
|
|
|
|
|
|
mapping = ip->i_mapping;
|
|
|
|
do {
|
2007-10-16 10:25:06 +02:00
|
|
|
unsigned offset, bytes;
|
|
|
|
void *fsdata;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
offset = (pos & (PAGE_CACHE_SIZE -1)); /* Within page */
|
|
|
|
bytes = PAGE_CACHE_SIZE - offset;
|
|
|
|
if (bytes > count)
|
|
|
|
bytes = count;
|
|
|
|
|
2007-10-16 10:25:06 +02:00
|
|
|
status = pagecache_write_begin(NULL, mapping, pos, bytes,
|
|
|
|
AOP_FLAG_UNINTERRUPTIBLE,
|
|
|
|
&page, &fsdata);
|
2007-02-10 08:37:46 +01:00
|
|
|
if (status)
|
2007-10-16 10:25:06 +02:00
|
|
|
break;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-05-24 07:27:17 +02:00
|
|
|
zero_user_page(page, offset, bytes, KM_USER0);
|
2007-02-10 08:37:46 +01:00
|
|
|
|
2007-10-16 10:25:06 +02:00
|
|
|
status = pagecache_write_end(NULL, mapping, pos, bytes, bytes,
|
|
|
|
page, fsdata);
|
|
|
|
WARN_ON(status <= 0); /* can't return less than zero! */
|
|
|
|
pos += bytes;
|
|
|
|
count -= bytes;
|
|
|
|
status = 0;
|
2005-04-17 00:20:36 +02:00
|
|
|
} while (count);
|
|
|
|
|
|
|
|
return (-status);
|
|
|
|
}
|
|
|
|
|
|
|
|
ssize_t /* bytes read, or (-) error */
|
|
|
|
xfs_read(
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_inode_t *ip,
|
2005-04-17 00:20:36 +02:00
|
|
|
struct kiocb *iocb,
|
|
|
|
const struct iovec *iovp,
|
|
|
|
unsigned int segs,
|
|
|
|
loff_t *offset,
|
2007-08-28 08:12:30 +02:00
|
|
|
int ioflags)
|
2005-04-17 00:20:36 +02:00
|
|
|
{
|
|
|
|
struct file *file = iocb->ki_filp;
|
|
|
|
struct inode *inode = file->f_mapping->host;
|
2007-08-28 08:12:30 +02:00
|
|
|
bhv_vnode_t *vp = XFS_ITOV(ip);
|
|
|
|
xfs_mount_t *mp = ip->i_mount;
|
2005-04-17 00:20:36 +02:00
|
|
|
size_t size = 0;
|
2007-05-08 05:49:27 +02:00
|
|
|
ssize_t ret = 0;
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_fsize_t n;
|
|
|
|
unsigned long seg;
|
|
|
|
|
|
|
|
|
|
|
|
XFS_STATS_INC(xs_read_calls);
|
|
|
|
|
|
|
|
/* START copy & waste from filemap.c */
|
|
|
|
for (seg = 0; seg < segs; seg++) {
|
|
|
|
const struct iovec *iv = &iovp[seg];
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If any segment has a negative length, or the cumulative
|
|
|
|
* length ever wraps negative then return -EINVAL.
|
|
|
|
*/
|
|
|
|
size += iv->iov_len;
|
|
|
|
if (unlikely((ssize_t)(size|iv->iov_len) < 0))
|
|
|
|
return XFS_ERROR(-EINVAL);
|
|
|
|
}
|
|
|
|
/* END copy & waste from filemap.c */
|
|
|
|
|
|
|
|
if (unlikely(ioflags & IO_ISDIRECT)) {
|
|
|
|
xfs_buftarg_t *target =
|
|
|
|
(ip->i_d.di_flags & XFS_DIFLAG_REALTIME) ?
|
|
|
|
mp->m_rtdev_targp : mp->m_ddev_targp;
|
2006-01-11 05:39:08 +01:00
|
|
|
if ((*offset & target->bt_smask) ||
|
|
|
|
(size & target->bt_smask)) {
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (*offset == ip->i_size) {
|
2005-04-17 00:20:36 +02:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
return -XFS_ERROR(EINVAL);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
n = XFS_MAXIOFFSET(mp) - *offset;
|
|
|
|
if ((n <= 0) || (size == 0))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (n < size)
|
|
|
|
size = n;
|
|
|
|
|
2006-03-17 07:26:14 +01:00
|
|
|
if (XFS_FORCED_SHUTDOWN(mp))
|
2005-04-17 00:20:36 +02:00
|
|
|
return -EIO;
|
|
|
|
|
|
|
|
if (unlikely(ioflags & IO_ISDIRECT))
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_lock(&inode->i_mutex);
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_ilock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
|
2007-08-16 10:42:07 +02:00
|
|
|
if (DM_EVENT_ENABLED(ip, DM_EVENT_READ) && !(ioflags & IO_INVIS)) {
|
2006-06-09 09:07:12 +02:00
|
|
|
bhv_vrwlock_t locktype = VRWLOCK_READ;
|
2005-06-22 02:20:44 +02:00
|
|
|
int dmflags = FILP_DELAY_FLAG(file) | DM_SEM_FLAG_RD(ioflags);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2007-08-28 08:12:30 +02:00
|
|
|
ret = -XFS_SEND_DATA(mp, DM_EVENT_READ, vp, *offset, size,
|
2005-06-22 02:20:44 +02:00
|
|
|
dmflags, &locktype);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (ret) {
|
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_SHARED);
|
2006-09-07 06:27:05 +02:00
|
|
|
if (unlikely(ioflags & IO_ISDIRECT))
|
|
|
|
mutex_unlock(&inode->i_mutex);
|
|
|
|
return ret;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-09-28 03:05:33 +02:00
|
|
|
if (unlikely(ioflags & IO_ISDIRECT)) {
|
|
|
|
if (VN_CACHED(vp))
|
2007-08-29 02:58:01 +02:00
|
|
|
ret = xfs_flushinval_pages(ip,
|
|
|
|
ctooff(offtoct(*offset)),
|
|
|
|
-1, FI_REMAPF_LOCKED);
|
2006-09-07 06:27:05 +02:00
|
|
|
mutex_unlock(&inode->i_mutex);
|
2007-05-08 05:49:27 +02:00
|
|
|
if (ret) {
|
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
return ret;
|
|
|
|
}
|
2006-09-28 03:05:33 +02:00
|
|
|
}
|
2006-09-07 06:27:05 +02:00
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_rw_enter_trace(XFS_READ_ENTER, &ip->i_iocore,
|
|
|
|
(void *)iovp, segs, *offset, ioflags);
|
2006-10-01 08:28:48 +02:00
|
|
|
|
|
|
|
iocb->ki_pos = *offset;
|
|
|
|
ret = generic_file_aio_read(iocb, iovp, segs, *offset);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (ret == -EIOCBQUEUED && !(ioflags & IO_ISAIO))
|
|
|
|
ret = wait_on_sync_kiocb(iocb);
|
|
|
|
if (ret > 0)
|
|
|
|
XFS_STATS_ADD(xs_read_bytes, ret);
|
|
|
|
|
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2006-03-31 05:08:59 +02:00
|
|
|
ssize_t
|
|
|
|
xfs_splice_read(
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_inode_t *ip,
|
2006-03-31 05:08:59 +02:00
|
|
|
struct file *infilp,
|
2006-04-11 14:57:50 +02:00
|
|
|
loff_t *ppos,
|
2006-04-10 15:18:35 +02:00
|
|
|
struct pipe_inode_info *pipe,
|
2006-03-31 05:08:59 +02:00
|
|
|
size_t count,
|
|
|
|
int flags,
|
2007-08-28 08:12:30 +02:00
|
|
|
int ioflags)
|
2006-03-31 05:08:59 +02:00
|
|
|
{
|
2007-08-28 08:12:30 +02:00
|
|
|
bhv_vnode_t *vp = XFS_ITOV(ip);
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_mount_t *mp = ip->i_mount;
|
|
|
|
ssize_t ret;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
2006-03-31 05:08:59 +02:00
|
|
|
XFS_STATS_INC(xs_read_calls);
|
|
|
|
if (XFS_FORCED_SHUTDOWN(ip->i_mount))
|
|
|
|
return -EIO;
|
|
|
|
|
|
|
|
xfs_ilock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
|
2007-08-16 10:42:07 +02:00
|
|
|
if (DM_EVENT_ENABLED(ip, DM_EVENT_READ) && !(ioflags & IO_INVIS)) {
|
2006-06-09 09:07:12 +02:00
|
|
|
bhv_vrwlock_t locktype = VRWLOCK_READ;
|
2006-03-31 05:08:59 +02:00
|
|
|
int error;
|
|
|
|
|
2007-08-28 08:12:30 +02:00
|
|
|
error = XFS_SEND_DATA(mp, DM_EVENT_READ, vp, *ppos, count,
|
2006-03-31 05:08:59 +02:00
|
|
|
FILP_DELAY_FLAG(infilp), &locktype);
|
|
|
|
if (error) {
|
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
return -error;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
xfs_rw_enter_trace(XFS_SPLICE_READ_ENTER, &ip->i_iocore,
|
2006-04-11 14:57:50 +02:00
|
|
|
pipe, count, *ppos, ioflags);
|
|
|
|
ret = generic_file_splice_read(infilp, ppos, pipe, count, flags);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (ret > 0)
|
|
|
|
XFS_STATS_ADD(xs_read_bytes, ret);
|
|
|
|
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_SHARED);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
ssize_t
|
|
|
|
xfs_splice_write(
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_inode_t *ip,
|
2006-04-10 15:18:35 +02:00
|
|
|
struct pipe_inode_info *pipe,
|
2006-03-31 05:08:59 +02:00
|
|
|
struct file *outfilp,
|
2006-04-11 14:57:50 +02:00
|
|
|
loff_t *ppos,
|
2006-03-31 05:08:59 +02:00
|
|
|
size_t count,
|
|
|
|
int flags,
|
2007-08-28 08:12:30 +02:00
|
|
|
int ioflags)
|
2006-03-31 05:08:59 +02:00
|
|
|
{
|
2007-08-28 08:12:30 +02:00
|
|
|
bhv_vnode_t *vp = XFS_ITOV(ip);
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_mount_t *mp = ip->i_mount;
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
xfs_iocore_t *io = &ip->i_iocore;
|
2006-03-31 05:08:59 +02:00
|
|
|
ssize_t ret;
|
2006-09-07 06:27:15 +02:00
|
|
|
struct inode *inode = outfilp->f_mapping->host;
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
xfs_fsize_t isize, new_size;
|
2006-03-31 05:08:59 +02:00
|
|
|
|
|
|
|
XFS_STATS_INC(xs_write_calls);
|
|
|
|
if (XFS_FORCED_SHUTDOWN(ip->i_mount))
|
|
|
|
return -EIO;
|
|
|
|
|
|
|
|
xfs_ilock(ip, XFS_IOLOCK_EXCL);
|
|
|
|
|
2007-08-16 10:42:07 +02:00
|
|
|
if (DM_EVENT_ENABLED(ip, DM_EVENT_WRITE) && !(ioflags & IO_INVIS)) {
|
2006-06-09 09:07:12 +02:00
|
|
|
bhv_vrwlock_t locktype = VRWLOCK_WRITE;
|
2006-03-31 05:08:59 +02:00
|
|
|
int error;
|
|
|
|
|
2007-08-28 08:12:30 +02:00
|
|
|
error = XFS_SEND_DATA(mp, DM_EVENT_WRITE, vp, *ppos, count,
|
2006-03-31 05:08:59 +02:00
|
|
|
FILP_DELAY_FLAG(outfilp), &locktype);
|
|
|
|
if (error) {
|
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_EXCL);
|
|
|
|
return -error;
|
|
|
|
}
|
|
|
|
}
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
|
|
|
|
new_size = *ppos + count;
|
|
|
|
|
|
|
|
xfs_ilock(ip, XFS_ILOCK_EXCL);
|
|
|
|
if (new_size > ip->i_size)
|
|
|
|
io->io_new_size = new_size;
|
|
|
|
xfs_iunlock(ip, XFS_ILOCK_EXCL);
|
|
|
|
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_rw_enter_trace(XFS_SPLICE_WRITE_ENTER, &ip->i_iocore,
|
2006-04-11 14:57:50 +02:00
|
|
|
pipe, count, *ppos, ioflags);
|
|
|
|
ret = generic_file_splice_write(pipe, outfilp, ppos, count, flags);
|
2006-03-31 05:08:59 +02:00
|
|
|
if (ret > 0)
|
|
|
|
XFS_STATS_ADD(xs_write_bytes, ret);
|
|
|
|
|
2006-09-07 06:27:15 +02:00
|
|
|
isize = i_size_read(inode);
|
|
|
|
if (unlikely(ret < 0 && ret != -EFAULT && *ppos > isize))
|
|
|
|
*ppos = isize;
|
|
|
|
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (*ppos > ip->i_size) {
|
2006-09-07 06:27:15 +02:00
|
|
|
xfs_ilock(ip, XFS_ILOCK_EXCL);
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (*ppos > ip->i_size)
|
|
|
|
ip->i_size = *ppos;
|
|
|
|
xfs_iunlock(ip, XFS_ILOCK_EXCL);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (io->io_new_size) {
|
|
|
|
xfs_ilock(ip, XFS_ILOCK_EXCL);
|
|
|
|
io->io_new_size = 0;
|
|
|
|
if (ip->i_d.di_size > ip->i_size)
|
|
|
|
ip->i_d.di_size = ip->i_size;
|
2006-09-07 06:27:15 +02:00
|
|
|
xfs_iunlock(ip, XFS_ILOCK_EXCL);
|
|
|
|
}
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_iunlock(ip, XFS_IOLOCK_EXCL);
|
2005-04-17 00:20:36 +02:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This routine is called to handle zeroing any space in the last
|
|
|
|
* block of the file that is beyond the EOF. We do this since the
|
|
|
|
* size is being increased without writing anything to that block
|
|
|
|
* and we don't want anyone to read the garbage on the disk.
|
|
|
|
*/
|
|
|
|
STATIC int /* error (positive) */
|
|
|
|
xfs_zero_last_block(
|
|
|
|
struct inode *ip,
|
|
|
|
xfs_iocore_t *io,
|
2007-02-10 08:36:47 +01:00
|
|
|
xfs_fsize_t offset,
|
|
|
|
xfs_fsize_t isize)
|
2005-04-17 00:20:36 +02:00
|
|
|
{
|
|
|
|
xfs_fileoff_t last_fsb;
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_mount_t *mp = io->io_mount;
|
2005-04-17 00:20:36 +02:00
|
|
|
int nimaps;
|
|
|
|
int zero_offset;
|
|
|
|
int zero_len;
|
|
|
|
int error = 0;
|
|
|
|
xfs_bmbt_irec_t imap;
|
|
|
|
|
|
|
|
ASSERT(ismrlocked(io->io_lock, MR_UPDATE) != 0);
|
|
|
|
|
2006-01-11 05:34:32 +01:00
|
|
|
zero_offset = XFS_B_FSB_OFFSET(mp, isize);
|
|
|
|
if (zero_offset == 0) {
|
2005-04-17 00:20:36 +02:00
|
|
|
/*
|
|
|
|
* There are no extra bytes in the last block on disk to
|
|
|
|
* zero, so return.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
last_fsb = XFS_B_TO_FSBT(mp, isize);
|
|
|
|
nimaps = 1;
|
|
|
|
error = XFS_BMAPI(mp, NULL, io, last_fsb, 1, 0, NULL, 0, &imap,
|
2006-06-09 06:48:12 +02:00
|
|
|
&nimaps, NULL, NULL);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (error) {
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
ASSERT(nimaps > 0);
|
|
|
|
/*
|
|
|
|
* If the block underlying isize is just a hole, then there
|
|
|
|
* is nothing to zero.
|
|
|
|
*/
|
|
|
|
if (imap.br_startblock == HOLESTARTBLOCK) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Zero the part of the last block beyond the EOF, and write it
|
|
|
|
* out sync. We need to drop the ilock while we do this so we
|
|
|
|
* don't deadlock when the buffer cache calls back to us.
|
|
|
|
*/
|
|
|
|
XFS_IUNLOCK(mp, io, XFS_ILOCK_EXCL| XFS_EXTSIZE_RD);
|
|
|
|
|
2006-01-11 05:34:32 +01:00
|
|
|
zero_len = mp->m_sb.sb_blocksize - zero_offset;
|
2007-02-10 08:36:47 +01:00
|
|
|
if (isize + zero_len > offset)
|
|
|
|
zero_len = offset - isize;
|
|
|
|
error = xfs_iozero(ip, isize, zero_len);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
XFS_ILOCK(mp, io, XFS_ILOCK_EXCL|XFS_EXTSIZE_RD);
|
|
|
|
ASSERT(error >= 0);
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Zero any on disk space between the current EOF and the new,
|
|
|
|
* larger EOF. This handles the normal case of zeroing the remainder
|
|
|
|
* of the last block in the file and the unusual case of zeroing blocks
|
|
|
|
* out beyond the size of the file. This second case only happens
|
|
|
|
* with fixed size extents and when the system crashes before the inode
|
|
|
|
* size was updated but after blocks were allocated. If fill is set,
|
|
|
|
* then any holes in the range are filled and zeroed. If not, the holes
|
|
|
|
* are left alone as holes.
|
|
|
|
*/
|
|
|
|
|
|
|
|
int /* error (positive) */
|
|
|
|
xfs_zero_eof(
|
2006-06-09 09:00:52 +02:00
|
|
|
bhv_vnode_t *vp,
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_iocore_t *io,
|
|
|
|
xfs_off_t offset, /* starting I/O offset */
|
2007-02-10 08:36:47 +01:00
|
|
|
xfs_fsize_t isize) /* current inode size */
|
2005-04-17 00:20:36 +02:00
|
|
|
{
|
2006-03-17 07:25:36 +01:00
|
|
|
struct inode *ip = vn_to_inode(vp);
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_fileoff_t start_zero_fsb;
|
|
|
|
xfs_fileoff_t end_zero_fsb;
|
|
|
|
xfs_fileoff_t zero_count_fsb;
|
|
|
|
xfs_fileoff_t last_fsb;
|
2007-02-10 08:36:47 +01:00
|
|
|
xfs_fileoff_t zero_off;
|
|
|
|
xfs_fsize_t zero_len;
|
2006-03-31 05:08:59 +02:00
|
|
|
xfs_mount_t *mp = io->io_mount;
|
2005-04-17 00:20:36 +02:00
|
|
|
int nimaps;
|
|
|
|
int error = 0;
|
|
|
|
xfs_bmbt_irec_t imap;
|
|
|
|
|
|
|
|
ASSERT(ismrlocked(io->io_lock, MR_UPDATE));
|
|
|
|
ASSERT(ismrlocked(io->io_iolock, MR_UPDATE));
|
2006-01-11 05:34:32 +01:00
|
|
|
ASSERT(offset > isize);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* First handle zeroing the block on which isize resides.
|
|
|
|
* We only zero a part of that block so it is handled specially.
|
|
|
|
*/
|
2007-02-10 08:36:47 +01:00
|
|
|
error = xfs_zero_last_block(ip, io, offset, isize);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (error) {
|
|
|
|
ASSERT(ismrlocked(io->io_lock, MR_UPDATE));
|
|
|
|
ASSERT(ismrlocked(io->io_iolock, MR_UPDATE));
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Calculate the range between the new size and the old
|
|
|
|
* where blocks needing to be zeroed may exist. To get the
|
|
|
|
* block where the last byte in the file currently resides,
|
|
|
|
* we need to subtract one from the size and truncate back
|
|
|
|
* to a block boundary. We subtract 1 in case the size is
|
|
|
|
* exactly on a block boundary.
|
|
|
|
*/
|
|
|
|
last_fsb = isize ? XFS_B_TO_FSBT(mp, isize - 1) : (xfs_fileoff_t)-1;
|
|
|
|
start_zero_fsb = XFS_B_TO_FSB(mp, (xfs_ufsize_t)isize);
|
|
|
|
end_zero_fsb = XFS_B_TO_FSBT(mp, offset - 1);
|
|
|
|
ASSERT((xfs_sfiloff_t)last_fsb < (xfs_sfiloff_t)start_zero_fsb);
|
|
|
|
if (last_fsb == end_zero_fsb) {
|
|
|
|
/*
|
|
|
|
* The size was only incremented on its last block.
|
|
|
|
* We took care of that above, so just return.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
ASSERT(start_zero_fsb <= end_zero_fsb);
|
|
|
|
while (start_zero_fsb <= end_zero_fsb) {
|
|
|
|
nimaps = 1;
|
|
|
|
zero_count_fsb = end_zero_fsb - start_zero_fsb + 1;
|
|
|
|
error = XFS_BMAPI(mp, NULL, io, start_zero_fsb, zero_count_fsb,
|
2006-06-09 06:48:12 +02:00
|
|
|
0, NULL, 0, &imap, &nimaps, NULL, NULL);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (error) {
|
|
|
|
ASSERT(ismrlocked(io->io_lock, MR_UPDATE));
|
|
|
|
ASSERT(ismrlocked(io->io_iolock, MR_UPDATE));
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
ASSERT(nimaps > 0);
|
|
|
|
|
|
|
|
if (imap.br_state == XFS_EXT_UNWRITTEN ||
|
|
|
|
imap.br_startblock == HOLESTARTBLOCK) {
|
|
|
|
/*
|
|
|
|
* This loop handles initializing pages that were
|
|
|
|
* partially initialized by the code below this
|
|
|
|
* loop. It basically zeroes the part of the page
|
|
|
|
* that sits on a hole and sets the page as P_HOLE
|
|
|
|
* and calls remapf if it is a mapped file.
|
|
|
|
*/
|
2006-01-11 05:34:32 +01:00
|
|
|
start_zero_fsb = imap.br_startoff + imap.br_blockcount;
|
2005-04-17 00:20:36 +02:00
|
|
|
ASSERT(start_zero_fsb <= (end_zero_fsb + 1));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2006-06-09 06:57:30 +02:00
|
|
|
* There are blocks we need to zero.
|
2005-04-17 00:20:36 +02:00
|
|
|
* Drop the inode lock while we're doing the I/O.
|
|
|
|
* We'll still have the iolock to protect us.
|
|
|
|
*/
|
|
|
|
XFS_IUNLOCK(mp, io, XFS_ILOCK_EXCL|XFS_EXTSIZE_RD);
|
|
|
|
|
2007-02-10 08:36:47 +01:00
|
|
|
zero_off = XFS_FSB_TO_B(mp, start_zero_fsb);
|
|
|
|
zero_len = XFS_FSB_TO_B(mp, imap.br_blockcount);
|
|
|
|
|
|
|
|
if ((zero_off + zero_len) > offset)
|
|
|
|
zero_len = offset - zero_off;
|
|
|
|
|
|
|
|
error = xfs_iozero(ip, zero_off, zero_len);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (error) {
|
|
|
|
goto out_lock;
|
|
|
|
}
|
|
|
|
|
2006-06-09 06:57:30 +02:00
|
|
|
start_zero_fsb = imap.br_startoff + imap.br_blockcount;
|
2005-04-17 00:20:36 +02:00
|
|
|
ASSERT(start_zero_fsb <= (end_zero_fsb + 1));
|
|
|
|
|
|
|
|
XFS_ILOCK(mp, io, XFS_ILOCK_EXCL|XFS_EXTSIZE_RD);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
out_lock:
|
|
|
|
|
|
|
|
XFS_ILOCK(mp, io, XFS_ILOCK_EXCL|XFS_EXTSIZE_RD);
|
|
|
|
ASSERT(error >= 0);
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
ssize_t /* bytes written, or (-) error */
|
|
|
|
xfs_write(
|
2007-08-28 08:12:30 +02:00
|
|
|
struct xfs_inode *xip,
|
2005-04-17 00:20:36 +02:00
|
|
|
struct kiocb *iocb,
|
|
|
|
const struct iovec *iovp,
|
|
|
|
unsigned int nsegs,
|
|
|
|
loff_t *offset,
|
2007-08-28 08:12:30 +02:00
|
|
|
int ioflags)
|
2005-04-17 00:20:36 +02:00
|
|
|
{
|
|
|
|
struct file *file = iocb->ki_filp;
|
|
|
|
struct address_space *mapping = file->f_mapping;
|
|
|
|
struct inode *inode = mapping->host;
|
2007-08-28 08:12:30 +02:00
|
|
|
bhv_vnode_t *vp = XFS_ITOV(xip);
|
2005-04-17 00:20:36 +02:00
|
|
|
unsigned long segs = nsegs;
|
|
|
|
xfs_mount_t *mp;
|
|
|
|
ssize_t ret = 0, error = 0;
|
|
|
|
xfs_fsize_t isize, new_size;
|
|
|
|
xfs_iocore_t *io;
|
|
|
|
int iolock;
|
|
|
|
int eventsent = 0;
|
2006-06-09 09:07:12 +02:00
|
|
|
bhv_vrwlock_t locktype;
|
2005-04-17 00:20:36 +02:00
|
|
|
size_t ocount = 0, count;
|
|
|
|
loff_t pos;
|
2007-05-08 05:49:39 +02:00
|
|
|
int need_i_mutex;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
XFS_STATS_INC(xs_write_calls);
|
|
|
|
|
2007-05-08 09:23:02 +02:00
|
|
|
error = generic_segment_checks(iovp, &segs, &ocount, VERIFY_READ);
|
|
|
|
if (error)
|
|
|
|
return error;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
count = ocount;
|
|
|
|
pos = *offset;
|
|
|
|
|
|
|
|
if (count == 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
io = &xip->i_iocore;
|
|
|
|
mp = io->io_mount;
|
|
|
|
|
2007-08-30 09:21:30 +02:00
|
|
|
xfs_wait_for_freeze(mp, SB_FREEZE_WRITE);
|
2006-06-09 09:11:55 +02:00
|
|
|
|
2005-04-17 00:20:36 +02:00
|
|
|
if (XFS_FORCED_SHUTDOWN(mp))
|
|
|
|
return -EIO;
|
|
|
|
|
|
|
|
relock:
|
2007-05-08 05:49:39 +02:00
|
|
|
if (ioflags & IO_ISDIRECT) {
|
|
|
|
iolock = XFS_IOLOCK_SHARED;
|
|
|
|
locktype = VRWLOCK_WRITE_DIRECT;
|
|
|
|
need_i_mutex = 0;
|
|
|
|
} else {
|
2005-04-17 00:20:36 +02:00
|
|
|
iolock = XFS_IOLOCK_EXCL;
|
|
|
|
locktype = VRWLOCK_WRITE;
|
2007-05-08 05:49:39 +02:00
|
|
|
need_i_mutex = 1;
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_lock(&inode->i_mutex);
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
xfs_ilock(xip, XFS_ILOCK_EXCL|iolock);
|
|
|
|
|
|
|
|
start:
|
|
|
|
error = -generic_write_checks(file, &pos, &count,
|
|
|
|
S_ISBLK(inode->i_mode));
|
|
|
|
if (error) {
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL|iolock);
|
2006-03-17 07:26:14 +01:00
|
|
|
goto out_unlock_mutex;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
2007-08-16 10:42:07 +02:00
|
|
|
if ((DM_EVENT_ENABLED(xip, DM_EVENT_WRITE) &&
|
2005-04-17 00:20:36 +02:00
|
|
|
!(ioflags & IO_INVIS) && !eventsent)) {
|
|
|
|
int dmflags = FILP_DELAY_FLAG(file);
|
|
|
|
|
2006-03-17 07:26:14 +01:00
|
|
|
if (need_i_mutex)
|
2006-01-10 00:59:24 +01:00
|
|
|
dmflags |= DM_FLAGS_IMUX;
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL);
|
|
|
|
error = XFS_SEND_DATA(xip->i_mount, DM_EVENT_WRITE, vp,
|
|
|
|
pos, count,
|
|
|
|
dmflags, &locktype);
|
|
|
|
if (error) {
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
goto out_unlock_internal;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
xfs_ilock(xip, XFS_ILOCK_EXCL);
|
|
|
|
eventsent = 1;
|
|
|
|
|
|
|
|
/*
|
2006-03-29 00:55:14 +02:00
|
|
|
* The iolock was dropped and reacquired in XFS_SEND_DATA
|
2005-04-17 00:20:36 +02:00
|
|
|
* so we have to recheck the size when appending.
|
|
|
|
* We will only "goto start;" once, since having sent the
|
|
|
|
* event prevents another call to XFS_SEND_DATA, which is
|
|
|
|
* what allows the size to change in the first place.
|
|
|
|
*/
|
2007-05-08 05:50:12 +02:00
|
|
|
if ((file->f_flags & O_APPEND) && pos != xip->i_size)
|
2005-04-17 00:20:36 +02:00
|
|
|
goto start;
|
|
|
|
}
|
|
|
|
|
2007-05-08 05:50:12 +02:00
|
|
|
if (ioflags & IO_ISDIRECT) {
|
|
|
|
xfs_buftarg_t *target =
|
|
|
|
(xip->i_d.di_flags & XFS_DIFLAG_REALTIME) ?
|
|
|
|
mp->m_rtdev_targp : mp->m_ddev_targp;
|
|
|
|
|
|
|
|
if ((pos & target->bt_smask) || (count & target->bt_smask)) {
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL|iolock);
|
|
|
|
return XFS_ERROR(-EINVAL);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!need_i_mutex && (VN_CACHED(vp) || pos > xip->i_size)) {
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL|iolock);
|
|
|
|
iolock = XFS_IOLOCK_EXCL;
|
|
|
|
locktype = VRWLOCK_WRITE;
|
|
|
|
need_i_mutex = 1;
|
|
|
|
mutex_lock(&inode->i_mutex);
|
|
|
|
xfs_ilock(xip, XFS_ILOCK_EXCL|iolock);
|
2005-04-17 00:20:36 +02:00
|
|
|
goto start;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-05-08 05:50:12 +02:00
|
|
|
new_size = pos + count;
|
|
|
|
if (new_size > xip->i_size)
|
|
|
|
io->io_new_size = new_size;
|
|
|
|
|
2005-11-02 01:43:58 +01:00
|
|
|
if (likely(!(ioflags & IO_INVIS))) {
|
2006-01-10 05:52:01 +01:00
|
|
|
file_update_time(file);
|
2005-11-02 01:43:58 +01:00
|
|
|
xfs_ichgtime_fast(xip, inode,
|
|
|
|
XFS_ICHGTIME_MOD | XFS_ICHGTIME_CHG);
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the offset is beyond the size of the file, we have a couple
|
|
|
|
* of things to do. First, if there is already space allocated
|
|
|
|
* we need to either create holes or zero the disk or ...
|
|
|
|
*
|
|
|
|
* If there is a page where the previous size lands, we need
|
|
|
|
* to zero it out up to the new size.
|
|
|
|
*/
|
|
|
|
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (pos > xip->i_size) {
|
2007-08-28 08:12:30 +02:00
|
|
|
error = xfs_zero_eof(vp, io, pos, xip->i_size);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (error) {
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL);
|
|
|
|
goto out_unlock_internal;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If we're writing the file then make sure to clear the
|
|
|
|
* setuid and setgid bits if the process is not being run
|
|
|
|
* by root. This keeps people from modifying setuid and
|
|
|
|
* setgid binaries.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (((xip->i_d.di_mode & S_ISUID) ||
|
|
|
|
((xip->i_d.di_mode & (S_ISGID | S_IXGRP)) ==
|
|
|
|
(S_ISGID | S_IXGRP))) &&
|
|
|
|
!capable(CAP_FSETID)) {
|
|
|
|
error = xfs_write_clear_setuid(xip);
|
|
|
|
if (likely(!error))
|
2006-12-08 11:36:49 +01:00
|
|
|
error = -remove_suid(file->f_path.dentry);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (unlikely(error)) {
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
goto out_unlock_internal;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
retry:
|
|
|
|
/* We can write back this queue in page reclaim */
|
|
|
|
current->backing_dev_info = mapping->backing_dev_info;
|
|
|
|
|
|
|
|
if ((ioflags & IO_ISDIRECT)) {
|
2007-05-08 05:49:39 +02:00
|
|
|
if (VN_CACHED(vp)) {
|
|
|
|
WARN_ON(need_i_mutex == 0);
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_inval_cached_trace(io, pos, -1,
|
|
|
|
ctooff(offtoct(pos)), -1);
|
2007-08-29 02:58:01 +02:00
|
|
|
error = xfs_flushinval_pages(xip,
|
|
|
|
ctooff(offtoct(pos)),
|
2005-04-17 00:20:36 +02:00
|
|
|
-1, FI_REMAPF_LOCKED);
|
2007-05-08 05:49:27 +02:00
|
|
|
if (error)
|
|
|
|
goto out_unlock_internal;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
2006-03-17 07:26:14 +01:00
|
|
|
if (need_i_mutex) {
|
2005-04-17 00:20:36 +02:00
|
|
|
/* demote the lock now the cached pages are gone */
|
|
|
|
XFS_ILOCK_DEMOTE(mp, io, XFS_IOLOCK_EXCL);
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_unlock(&inode->i_mutex);
|
2005-04-17 00:20:36 +02:00
|
|
|
|
|
|
|
iolock = XFS_IOLOCK_SHARED;
|
|
|
|
locktype = VRWLOCK_WRITE_DIRECT;
|
2006-03-17 07:26:14 +01:00
|
|
|
need_i_mutex = 0;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
xfs_rw_enter_trace(XFS_DIOWR_ENTER, io, (void *)iovp, segs,
|
|
|
|
*offset, ioflags);
|
|
|
|
ret = generic_file_direct_write(iocb, iovp,
|
|
|
|
&segs, pos, offset, count, ocount);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* direct-io write to a hole: fall through to buffered I/O
|
|
|
|
* for completing the rest of the request.
|
|
|
|
*/
|
|
|
|
if (ret >= 0 && ret != count) {
|
|
|
|
XFS_STATS_ADD(xs_write_bytes, ret);
|
|
|
|
|
|
|
|
pos += ret;
|
|
|
|
count -= ret;
|
|
|
|
|
|
|
|
ioflags &= ~IO_ISDIRECT;
|
|
|
|
xfs_iunlock(xip, iolock);
|
|
|
|
goto relock;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
xfs_rw_enter_trace(XFS_WRITE_ENTER, io, (void *)iovp, segs,
|
|
|
|
*offset, ioflags);
|
|
|
|
ret = generic_file_buffered_write(iocb, iovp, segs,
|
|
|
|
pos, offset, count, ret);
|
|
|
|
}
|
|
|
|
|
|
|
|
current->backing_dev_info = NULL;
|
|
|
|
|
|
|
|
if (ret == -EIOCBQUEUED && !(ioflags & IO_ISAIO))
|
|
|
|
ret = wait_on_sync_kiocb(iocb);
|
|
|
|
|
2007-08-16 10:42:07 +02:00
|
|
|
if (ret == -ENOSPC &&
|
|
|
|
DM_EVENT_ENABLED(xip, DM_EVENT_NOSPACE) && !(ioflags & IO_INVIS)) {
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_rwunlock(xip, locktype);
|
2006-03-17 07:26:14 +01:00
|
|
|
if (need_i_mutex)
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_unlock(&inode->i_mutex);
|
2005-04-17 00:20:36 +02:00
|
|
|
error = XFS_SEND_NAMESP(xip->i_mount, DM_EVENT_NOSPACE, vp,
|
|
|
|
DM_RIGHT_NULL, vp, DM_RIGHT_NULL, NULL, NULL,
|
|
|
|
0, 0, 0); /* Delay flag intentionally unused */
|
2006-03-17 07:26:14 +01:00
|
|
|
if (need_i_mutex)
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_lock(&inode->i_mutex);
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_rwlock(xip, locktype);
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (error)
|
|
|
|
goto out_unlock_internal;
|
|
|
|
pos = xip->i_size;
|
2005-04-17 00:20:36 +02:00
|
|
|
ret = 0;
|
|
|
|
goto retry;
|
|
|
|
}
|
|
|
|
|
2006-01-11 05:38:31 +01:00
|
|
|
isize = i_size_read(inode);
|
|
|
|
if (unlikely(ret < 0 && ret != -EFAULT && *offset > isize))
|
|
|
|
*offset = isize;
|
|
|
|
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (*offset > xip->i_size) {
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_ilock(xip, XFS_ILOCK_EXCL);
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (*offset > xip->i_size)
|
|
|
|
xip->i_size = *offset;
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL);
|
|
|
|
}
|
|
|
|
|
|
|
|
error = -ret;
|
|
|
|
if (ret <= 0)
|
|
|
|
goto out_unlock_internal;
|
|
|
|
|
|
|
|
XFS_STATS_ADD(xs_write_bytes, ret);
|
|
|
|
|
|
|
|
/* Handle various SYNC-type writes */
|
|
|
|
if ((file->f_flags & O_SYNC) || IS_SYNC(inode)) {
|
2007-09-14 07:22:08 +02:00
|
|
|
int error2;
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_rwunlock(xip, locktype);
|
2006-03-17 07:26:14 +01:00
|
|
|
if (need_i_mutex)
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_unlock(&inode->i_mutex);
|
2007-09-14 07:22:08 +02:00
|
|
|
error2 = sync_page_range(inode, mapping, pos, ret);
|
2005-04-17 00:20:36 +02:00
|
|
|
if (!error)
|
2007-09-14 07:22:08 +02:00
|
|
|
error = error2;
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (need_i_mutex)
|
|
|
|
mutex_lock(&inode->i_mutex);
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_rwlock(xip, locktype);
|
2007-09-14 07:22:08 +02:00
|
|
|
error2 = xfs_write_sync_logforce(mp, xip);
|
|
|
|
if (!error)
|
|
|
|
error = error2;
|
2005-04-17 00:20:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
out_unlock_internal:
|
[XFS] Fix to prevent the notorious 'NULL files' problem after a crash.
The problem that has been addressed is that of synchronising updates of
the file size with writes that extend a file. Without the fix the update
of a file's size, as a result of a write beyond eof, is independent of
when the cached data is flushed to disk. Often the file size update would
be written to the filesystem log before the data is flushed to disk. When
a system crashes between these two events and the filesystem log is
replayed on mount the file's size will be set but since the contents never
made it to disk the file is full of holes. If some of the cached data was
flushed to disk then it may just be a section of the file at the end that
has holes.
There are existing fixes to help alleviate this problem, particularly in
the case where a file has been truncated, that force cached data to be
flushed to disk when the file is closed. If the system crashes while the
file(s) are still open then this flushing will never occur.
The fix that we have implemented is to introduce a second file size,
called the in-memory file size, that represents the current file size as
viewed by the user. The existing file size, called the on-disk file size,
is the one that get's written to the filesystem log and we only update it
when it is safe to do so. When we write to a file beyond eof we only
update the in- memory file size in the write operation. Later when the I/O
operation, that flushes the cached data to disk completes, an I/O
completion routine will update the on-disk file size. The on-disk file
size will be updated to the maximum offset of the I/O or to the value of
the in-memory file size if the I/O includes eof.
SGI-PV: 958522
SGI-Modid: xfs-linux-melb:xfs-kern:28322a
Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
Signed-off-by: David Chinner <dgc@sgi.com>
Signed-off-by: Tim Shimmin <tes@sgi.com>
2007-05-08 05:49:46 +02:00
|
|
|
if (io->io_new_size) {
|
|
|
|
xfs_ilock(xip, XFS_ILOCK_EXCL);
|
|
|
|
io->io_new_size = 0;
|
|
|
|
/*
|
|
|
|
* If this was a direct or synchronous I/O that failed (such
|
|
|
|
* as ENOSPC) then part of the I/O may have been written to
|
|
|
|
* disk before the error occured. In this case the on-disk
|
|
|
|
* file size may have been adjusted beyond the in-memory file
|
|
|
|
* size and now needs to be truncated back.
|
|
|
|
*/
|
|
|
|
if (xip->i_d.di_size > xip->i_size)
|
|
|
|
xip->i_d.di_size = xip->i_size;
|
|
|
|
xfs_iunlock(xip, XFS_ILOCK_EXCL);
|
|
|
|
}
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_rwunlock(xip, locktype);
|
2006-03-17 07:26:14 +01:00
|
|
|
out_unlock_mutex:
|
|
|
|
if (need_i_mutex)
|
2006-01-10 00:59:24 +01:00
|
|
|
mutex_unlock(&inode->i_mutex);
|
2005-04-17 00:20:36 +02:00
|
|
|
return -error;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* All xfs metadata buffers except log state machine buffers
|
|
|
|
* get this attached as their b_bdstrat callback function.
|
|
|
|
* This is so that we can catch a buffer
|
|
|
|
* after prematurely unpinning it to forcibly shutdown the filesystem.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
xfs_bdstrat_cb(struct xfs_buf *bp)
|
|
|
|
{
|
|
|
|
xfs_mount_t *mp;
|
|
|
|
|
|
|
|
mp = XFS_BUF_FSPRIVATE3(bp, xfs_mount_t *);
|
|
|
|
if (!XFS_FORCED_SHUTDOWN(mp)) {
|
2006-01-11 05:39:08 +01:00
|
|
|
xfs_buf_iorequest(bp);
|
2005-04-17 00:20:36 +02:00
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
xfs_buftrace("XFS__BDSTRAT IOERROR", bp);
|
|
|
|
/*
|
|
|
|
* Metadata write that didn't get logged but
|
|
|
|
* written delayed anyway. These aren't associated
|
|
|
|
* with a transaction, and can be ignored.
|
|
|
|
*/
|
|
|
|
if (XFS_BUF_IODONE_FUNC(bp) == NULL &&
|
|
|
|
(XFS_BUF_ISREAD(bp)) == 0)
|
|
|
|
return (xfs_bioerror_relse(bp));
|
|
|
|
else
|
|
|
|
return (xfs_bioerror(bp));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
2007-08-28 08:12:30 +02:00
|
|
|
xfs_bmap(
|
|
|
|
xfs_inode_t *ip,
|
2005-04-17 00:20:36 +02:00
|
|
|
xfs_off_t offset,
|
|
|
|
ssize_t count,
|
|
|
|
int flags,
|
|
|
|
xfs_iomap_t *iomapp,
|
|
|
|
int *niomaps)
|
|
|
|
{
|
|
|
|
xfs_iocore_t *io = &ip->i_iocore;
|
|
|
|
|
|
|
|
ASSERT((ip->i_d.di_mode & S_IFMT) == S_IFREG);
|
|
|
|
ASSERT(((ip->i_d.di_flags & XFS_DIFLAG_REALTIME) != 0) ==
|
|
|
|
((ip->i_iocore.io_flags & XFS_IOCORE_RT) != 0));
|
|
|
|
|
|
|
|
return xfs_iomap(io, offset, count, flags, iomapp, niomaps);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Wrapper around bdstrat so that we can stop data
|
|
|
|
* from going to disk in case we are shutting down the filesystem.
|
|
|
|
* Typically user data goes thru this path; one of the exceptions
|
|
|
|
* is the superblock.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
xfsbdstrat(
|
|
|
|
struct xfs_mount *mp,
|
|
|
|
struct xfs_buf *bp)
|
|
|
|
{
|
|
|
|
ASSERT(mp);
|
|
|
|
if (!XFS_FORCED_SHUTDOWN(mp)) {
|
|
|
|
/* Grio redirection would go here
|
|
|
|
* if (XFS_BUF_IS_GRIO(bp)) {
|
|
|
|
*/
|
|
|
|
|
2006-01-11 05:39:08 +01:00
|
|
|
xfs_buf_iorequest(bp);
|
2005-04-17 00:20:36 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
xfs_buftrace("XFSBDSTRAT IOERROR", bp);
|
|
|
|
return (xfs_bioerror_relse(bp));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the underlying (data/log/rt) device is readonly, there are some
|
|
|
|
* operations that cannot proceed.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
xfs_dev_is_read_only(
|
|
|
|
xfs_mount_t *mp,
|
|
|
|
char *message)
|
|
|
|
{
|
|
|
|
if (xfs_readonly_buftarg(mp->m_ddev_targp) ||
|
|
|
|
xfs_readonly_buftarg(mp->m_logdev_targp) ||
|
|
|
|
(mp->m_rtdev_targp && xfs_readonly_buftarg(mp->m_rtdev_targp))) {
|
|
|
|
cmn_err(CE_NOTE,
|
|
|
|
"XFS: %s required on read-only device.", message);
|
|
|
|
cmn_err(CE_NOTE,
|
|
|
|
"XFS: write access unavailable, cannot proceed.");
|
|
|
|
return EROFS;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|