1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (c) 2000-2006 Silicon Graphics, Inc.
9 #define xfs_readonly_buftarg(buftarg) (0)
11 /* avoid set-but-unused var warning. gcc is not very bright. */
12 #define xlog_clear_stale_blocks(log, taillsn) ({ \
13 (taillsn) = (taillsn); \
17 #define BLK_AVG(blk1, blk2) ((blk1+blk2) >> 1)
20 * Verify the given count of basic blocks is valid number of blocks
21 * to specify for an operation involving the given XFS log buffer.
22 * Returns nonzero if the count is valid, 0 otherwise.
26 xlog_buf_bbcount_valid(
30 return bbcount
> 0 && bbcount
<= log
->l_logBBsize
;
34 * Allocate a buffer to hold log data. The buffer needs to be able
35 * to map to a range of nbblks basic blocks at any valid (basic
36 * block) offset within the log.
43 if (!xlog_buf_bbcount_valid(log
, nbblks
)) {
44 xfs_warn(log
->l_mp
, "Invalid block length (0x%x) for buffer",
46 XFS_ERROR_REPORT(__func__
, XFS_ERRLEVEL_HIGH
, log
->l_mp
);
51 * We do log I/O in units of log sectors (a power-of-2
52 * multiple of the basic block size), so we round up the
53 * requested size to accommodate the basic blocks required
54 * for complete log sectors.
56 * In addition, the buffer may be used for a non-sector-
57 * aligned block offset, in which case an I/O of the
58 * requested size could extend beyond the end of the
59 * buffer. If the requested size is only 1 basic block it
60 * will never straddle a sector boundary, so this won't be
61 * an issue. Nor will this be a problem if the log I/O is
62 * done in basic blocks (sector size 1). But otherwise we
63 * extend the buffer by one extra log sector to ensure
64 * there's space to accommodate this possibility.
66 if (nbblks
> 1 && log
->l_sectBBsize
> 1)
67 nbblks
+= log
->l_sectBBsize
;
68 nbblks
= round_up(nbblks
, log
->l_sectBBsize
);
70 return libxfs_getbufr(log
->l_dev
, (xfs_daddr_t
)-1, nbblks
);
81 * Return the address of the start of the given block number's data
82 * in a log buffer. The buffer covers a log sector-aligned region.
91 xfs_daddr_t offset
= blk_no
& ((xfs_daddr_t
)log
->l_sectBBsize
- 1);
93 ASSERT(offset
+ nbblks
<= bp
->b_length
);
94 return bp
->b_addr
+ BBTOB(offset
);
99 * nbblks should be uint, but oh well. Just want to catch that 32-bit length.
108 if (!xlog_buf_bbcount_valid(log
, nbblks
)) {
109 xfs_warn(log
->l_mp
, "Invalid block length (0x%x) for buffer",
111 XFS_ERROR_REPORT(__func__
, XFS_ERRLEVEL_HIGH
, log
->l_mp
);
115 blk_no
= round_down(blk_no
, log
->l_sectBBsize
);
116 nbblks
= round_up(nbblks
, log
->l_sectBBsize
);
119 ASSERT(BBTOB(nbblks
) <= XFS_BUF_SIZE(bp
));
121 XFS_BUF_SET_ADDR(bp
, log
->l_logBBstart
+ blk_no
);
122 bp
->b_bcount
= BBTOB(nbblks
);
125 return libxfs_readbufr(log
->l_dev
, XFS_BUF_ADDR(bp
), bp
, nbblks
, 0);
138 error
= xlog_bread_noalign(log
, blk_no
, nbblks
, bp
);
142 *offset
= xlog_align(log
, blk_no
, nbblks
, bp
);
147 * Read at an offset into the buffer. Returns with the buffer in it's original
148 * state regardless of the result of the read.
153 xfs_daddr_t blk_no
, /* block to read from */
154 int nbblks
, /* blocks to read */
158 char *orig_offset
= bp
->b_addr
;
159 int orig_len
= bp
->b_bcount
;
162 error
= xfs_buf_associate_memory(bp
, offset
, BBTOB(nbblks
));
166 error
= xlog_bread_noalign(log
, blk_no
, nbblks
, bp
);
168 /* must reset buffer pointer even on error */
169 error2
= xfs_buf_associate_memory(bp
, orig_offset
, orig_len
);
176 * This routine finds (to an approximation) the first block in the physical
177 * log which contains the given cycle. It uses a binary search algorithm.
178 * Note that the algorithm can not be perfect because the disk will not
179 * necessarily be perfect.
182 xlog_find_cycle_start(
185 xfs_daddr_t first_blk
,
186 xfs_daddr_t
*last_blk
,
196 mid_blk
= BLK_AVG(first_blk
, end_blk
);
197 while (mid_blk
!= first_blk
&& mid_blk
!= end_blk
) {
198 error
= xlog_bread(log
, mid_blk
, 1, bp
, &offset
);
201 mid_cycle
= xlog_get_cycle(offset
);
202 if (mid_cycle
== cycle
)
203 end_blk
= mid_blk
; /* last_half_cycle == mid_cycle */
205 first_blk
= mid_blk
; /* first_half_cycle == mid_cycle */
206 mid_blk
= BLK_AVG(first_blk
, end_blk
);
208 ASSERT((mid_blk
== first_blk
&& mid_blk
+1 == end_blk
) ||
209 (mid_blk
== end_blk
&& mid_blk
-1 == first_blk
));
217 * Check that a range of blocks does not contain stop_on_cycle_no.
218 * Fill in *new_blk with the block offset where such a block is
219 * found, or with -1 (an invalid block number) if there is no such
220 * block in the range. The scan needs to occur from front to back
221 * and the pointer into the region must be updated since a later
222 * routine will need to perform another test.
225 xlog_find_verify_cycle(
227 xfs_daddr_t start_blk
,
229 uint stop_on_cycle_no
,
230 xfs_daddr_t
*new_blk
)
240 * Greedily allocate a buffer big enough to handle the full
241 * range of basic blocks we'll be examining. If that fails,
242 * try a smaller size. We need to be able to read at least
243 * a log sector, or we're out of luck.
245 bufblks
= 1 << ffs(nbblks
);
246 while (bufblks
> log
->l_logBBsize
)
248 while (!(bp
= xlog_get_bp(log
, bufblks
))) {
250 if (bufblks
< log
->l_sectBBsize
)
254 for (i
= start_blk
; i
< start_blk
+ nbblks
; i
+= bufblks
) {
257 bcount
= min(bufblks
, (start_blk
+ nbblks
- i
));
259 error
= xlog_bread(log
, i
, bcount
, bp
, &buf
);
263 for (j
= 0; j
< bcount
; j
++) {
264 cycle
= xlog_get_cycle(buf
);
265 if (cycle
== stop_on_cycle_no
) {
282 * Potentially backup over partial log record write.
284 * In the typical case, last_blk is the number of the block directly after
285 * a good log record. Therefore, we subtract one to get the block number
286 * of the last block in the given buffer. extra_bblks contains the number
287 * of blocks we would have read on a previous read. This happens when the
288 * last log record is split over the end of the physical log.
290 * extra_bblks is the number of blocks potentially verified on a previous
291 * call to this routine.
294 xlog_find_verify_log_record(
296 xfs_daddr_t start_blk
,
297 xfs_daddr_t
*last_blk
,
303 xlog_rec_header_t
*head
= NULL
;
306 int num_blks
= *last_blk
- start_blk
;
309 ASSERT(start_blk
!= 0 || *last_blk
!= start_blk
);
311 if (!(bp
= xlog_get_bp(log
, num_blks
))) {
312 if (!(bp
= xlog_get_bp(log
, 1)))
316 error
= xlog_bread(log
, start_blk
, num_blks
, bp
, &offset
);
319 offset
+= ((num_blks
- 1) << BBSHIFT
);
322 for (i
= (*last_blk
) - 1; i
>= 0; i
--) {
324 /* valid log record not found */
326 "Log inconsistent (didn't find previous header)");
328 error
= XFS_ERROR(EIO
);
333 error
= xlog_bread(log
, i
, 1, bp
, &offset
);
338 head
= (xlog_rec_header_t
*)offset
;
340 if (head
->h_magicno
== cpu_to_be32(XLOG_HEADER_MAGIC_NUM
))
348 * We hit the beginning of the physical log & still no header. Return
349 * to caller. If caller can handle a return of -1, then this routine
350 * will be called again for the end of the physical log.
358 * We have the final block of the good log (the first block
359 * of the log record _before_ the head. So we check the uuid.
361 if ((error
= xlog_header_check_mount(log
->l_mp
, head
)))
365 * We may have found a log record header before we expected one.
366 * last_blk will be the 1st block # with a given cycle #. We may end
367 * up reading an entire log record. In this case, we don't want to
368 * reset last_blk. Only when last_blk points in the middle of a log
369 * record do we update last_blk.
371 if (xfs_sb_version_haslogv2(&log
->l_mp
->m_sb
)) {
372 uint h_size
= be32_to_cpu(head
->h_size
);
374 xhdrs
= h_size
/ XLOG_HEADER_CYCLE_SIZE
;
375 if (h_size
% XLOG_HEADER_CYCLE_SIZE
)
381 if (*last_blk
- i
+ extra_bblks
!=
382 BTOBB(be32_to_cpu(head
->h_len
)) + xhdrs
)
391 * Head is defined to be the point of the log where the next log write
392 * write could go. This means that incomplete LR writes at the end are
393 * eliminated when calculating the head. We aren't guaranteed that previous
394 * LR have complete transactions. We only know that a cycle number of
395 * current cycle number -1 won't be present in the log if we start writing
396 * from our current block number.
398 * last_blk contains the block number of the first block with a given
401 * Return: zero if normal, non-zero if error.
406 xfs_daddr_t
*return_head_blk
)
410 xfs_daddr_t new_blk
, first_blk
, start_blk
, last_blk
, head_blk
;
412 uint first_half_cycle
, last_half_cycle
;
414 int error
, log_bbnum
= log
->l_logBBsize
;
416 /* Is the end of the log device zeroed? */
417 if ((error
= xlog_find_zeroed(log
, &first_blk
)) == -1) {
418 *return_head_blk
= first_blk
;
420 /* Is the whole lot zeroed? */
422 /* Linux XFS shouldn't generate totally zeroed logs -
423 * mkfs etc write a dummy unmount record to a fresh
424 * log so we can store the uuid in there
426 xfs_warn(log
->l_mp
, "totally zeroed log");
431 xfs_warn(log
->l_mp
, "empty log check failed");
435 first_blk
= 0; /* get cycle # of 1st block */
436 bp
= xlog_get_bp(log
, 1);
440 error
= xlog_bread(log
, 0, 1, bp
, &offset
);
444 first_half_cycle
= xlog_get_cycle(offset
);
446 last_blk
= head_blk
= log_bbnum
- 1; /* get cycle # of last block */
447 error
= xlog_bread(log
, last_blk
, 1, bp
, &offset
);
451 last_half_cycle
= xlog_get_cycle(offset
);
452 ASSERT(last_half_cycle
!= 0);
455 * If the 1st half cycle number is equal to the last half cycle number,
456 * then the entire log is stamped with the same cycle number. In this
457 * case, head_blk can't be set to zero (which makes sense). The below
458 * math doesn't work out properly with head_blk equal to zero. Instead,
459 * we set it to log_bbnum which is an invalid block number, but this
460 * value makes the math correct. If head_blk doesn't changed through
461 * all the tests below, *head_blk is set to zero at the very end rather
462 * than log_bbnum. In a sense, log_bbnum and zero are the same block
463 * in a circular file.
465 if (first_half_cycle
== last_half_cycle
) {
467 * In this case we believe that the entire log should have
468 * cycle number last_half_cycle. We need to scan backwards
469 * from the end verifying that there are no holes still
470 * containing last_half_cycle - 1. If we find such a hole,
471 * then the start of that hole will be the new head. The
472 * simple case looks like
473 * x | x ... | x - 1 | x
474 * Another case that fits this picture would be
475 * x | x + 1 | x ... | x
476 * In this case the head really is somewhere at the end of the
477 * log, as one of the latest writes at the beginning was
480 * x | x + 1 | x ... | x - 1 | x
481 * This is really the combination of the above two cases, and
482 * the head has to end up at the start of the x-1 hole at the
485 * In the 256k log case, we will read from the beginning to the
486 * end of the log and search for cycle numbers equal to x-1.
487 * We don't worry about the x+1 blocks that we encounter,
488 * because we know that they cannot be the head since the log
491 head_blk
= log_bbnum
;
492 stop_on_cycle
= last_half_cycle
- 1;
495 * In this case we want to find the first block with cycle
496 * number matching last_half_cycle. We expect the log to be
498 * x + 1 ... | x ... | x
499 * The first block with cycle number x (last_half_cycle) will
500 * be where the new head belongs. First we do a binary search
501 * for the first occurrence of last_half_cycle. The binary
502 * search may not be totally accurate, so then we scan back
503 * from there looking for occurrences of last_half_cycle before
504 * us. If that backwards scan wraps around the beginning of
505 * the log, then we look for occurrences of last_half_cycle - 1
506 * at the end of the log. The cases we're looking for look
508 * v binary search stopped here
509 * x + 1 ... | x | x + 1 | x ... | x
510 * ^ but we want to locate this spot
512 * <---------> less than scan distance
513 * x + 1 ... | x ... | x - 1 | x
514 * ^ we want to locate this spot
516 stop_on_cycle
= last_half_cycle
;
517 if ((error
= xlog_find_cycle_start(log
, bp
, first_blk
,
518 &head_blk
, last_half_cycle
)))
523 * Now validate the answer. Scan back some number of maximum possible
524 * blocks and make sure each one has the expected cycle number. The
525 * maximum is determined by the total possible amount of buffering
526 * in the in-core log. The following number can be made tighter if
527 * we actually look at the block size of the filesystem.
529 num_scan_bblks
= XLOG_TOTAL_REC_SHIFT(log
);
530 if (head_blk
>= num_scan_bblks
) {
532 * We are guaranteed that the entire check can be performed
535 start_blk
= head_blk
- num_scan_bblks
;
536 if ((error
= xlog_find_verify_cycle(log
,
537 start_blk
, num_scan_bblks
,
538 stop_on_cycle
, &new_blk
)))
542 } else { /* need to read 2 parts of log */
544 * We are going to scan backwards in the log in two parts.
545 * First we scan the physical end of the log. In this part
546 * of the log, we are looking for blocks with cycle number
547 * last_half_cycle - 1.
548 * If we find one, then we know that the log starts there, as
549 * we've found a hole that didn't get written in going around
550 * the end of the physical log. The simple case for this is
551 * x + 1 ... | x ... | x - 1 | x
552 * <---------> less than scan distance
553 * If all of the blocks at the end of the log have cycle number
554 * last_half_cycle, then we check the blocks at the start of
555 * the log looking for occurrences of last_half_cycle. If we
556 * find one, then our current estimate for the location of the
557 * first occurrence of last_half_cycle is wrong and we move
558 * back to the hole we've found. This case looks like
559 * x + 1 ... | x | x + 1 | x ...
560 * ^ binary search stopped here
561 * Another case we need to handle that only occurs in 256k
563 * x + 1 ... | x ... | x+1 | x ...
564 * ^ binary search stops here
565 * In a 256k log, the scan at the end of the log will see the
566 * x + 1 blocks. We need to skip past those since that is
567 * certainly not the head of the log. By searching for
568 * last_half_cycle-1 we accomplish that.
570 ASSERT(head_blk
<= INT_MAX
&&
571 (xfs_daddr_t
) num_scan_bblks
>= head_blk
);
572 start_blk
= log_bbnum
- (num_scan_bblks
- head_blk
);
573 if ((error
= xlog_find_verify_cycle(log
, start_blk
,
574 num_scan_bblks
- (int)head_blk
,
575 (stop_on_cycle
- 1), &new_blk
)))
583 * Scan beginning of log now. The last part of the physical
584 * log is good. This scan needs to verify that it doesn't find
585 * the last_half_cycle.
588 ASSERT(head_blk
<= INT_MAX
);
589 if ((error
= xlog_find_verify_cycle(log
,
590 start_blk
, (int)head_blk
,
591 stop_on_cycle
, &new_blk
)))
599 * Now we need to make sure head_blk is not pointing to a block in
600 * the middle of a log record.
602 num_scan_bblks
= XLOG_REC_SHIFT(log
);
603 if (head_blk
>= num_scan_bblks
) {
604 start_blk
= head_blk
- num_scan_bblks
; /* don't read head_blk */
606 /* start ptr at last block ptr before head_blk */
607 if ((error
= xlog_find_verify_log_record(log
, start_blk
,
608 &head_blk
, 0)) == -1) {
609 error
= XFS_ERROR(EIO
);
615 ASSERT(head_blk
<= INT_MAX
);
616 if ((error
= xlog_find_verify_log_record(log
, start_blk
,
617 &head_blk
, 0)) == -1) {
618 /* We hit the beginning of the log during our search */
619 start_blk
= log_bbnum
- (num_scan_bblks
- head_blk
);
621 ASSERT(start_blk
<= INT_MAX
&&
622 (xfs_daddr_t
) log_bbnum
-start_blk
>= 0);
623 ASSERT(head_blk
<= INT_MAX
);
624 if ((error
= xlog_find_verify_log_record(log
,
626 (int)head_blk
)) == -1) {
627 error
= XFS_ERROR(EIO
);
631 if (new_blk
!= log_bbnum
)
638 if (head_blk
== log_bbnum
)
639 *return_head_blk
= 0;
641 *return_head_blk
= head_blk
;
643 * When returning here, we have a good block number. Bad block
644 * means that during a previous crash, we didn't have a clean break
645 * from cycle number N to cycle number N-1. In this case, we need
646 * to find the first block with cycle number N-1.
654 xfs_warn(log
->l_mp
, "failed to find log head");
659 * Find the sync block number or the tail of the log.
661 * This will be the block number of the last record to have its
662 * associated buffers synced to disk. Every log record header has
663 * a sync lsn embedded in it. LSNs hold block numbers, so it is easy
664 * to get a sync block number. The only concern is to figure out which
665 * log record header to believe.
667 * The following algorithm uses the log record header with the largest
668 * lsn. The entire log record does not need to be valid. We only care
669 * that the header is valid.
671 * We could speed up search by using current head_blk buffer, but it is not
677 xfs_daddr_t
*head_blk
,
678 xfs_daddr_t
*tail_blk
)
680 xlog_rec_header_t
*rhead
;
681 xlog_op_header_t
*op_head
;
685 xfs_daddr_t umount_data_blk
;
686 xfs_daddr_t after_umount_blk
;
693 * Find previous log record
695 if ((error
= xlog_find_head(log
, head_blk
)))
698 bp
= xlog_get_bp(log
, 1);
701 if (*head_blk
== 0) { /* special case */
702 error
= xlog_bread(log
, 0, 1, bp
, &offset
);
706 if (xlog_get_cycle(offset
) == 0) {
708 /* leave all other log inited values alone */
714 * Search backwards looking for log record header block
716 ASSERT(*head_blk
< INT_MAX
);
717 for (i
= (int)(*head_blk
) - 1; i
>= 0; i
--) {
718 error
= xlog_bread(log
, i
, 1, bp
, &offset
);
722 if (*(__be32
*)offset
== cpu_to_be32(XLOG_HEADER_MAGIC_NUM
)) {
728 * If we haven't found the log record header block, start looking
729 * again from the end of the physical log. XXXmiken: There should be
730 * a check here to make sure we didn't search more than N blocks in
734 for (i
= log
->l_logBBsize
- 1; i
>= (int)(*head_blk
); i
--) {
735 error
= xlog_bread(log
, i
, 1, bp
, &offset
);
739 if (*(__be32
*)offset
==
740 cpu_to_be32(XLOG_HEADER_MAGIC_NUM
)) {
747 xfs_warn(log
->l_mp
, "%s: couldn't find sync record", __func__
);
750 return XFS_ERROR(EIO
);
753 /* find blk_no of tail of log */
754 rhead
= (xlog_rec_header_t
*)offset
;
755 *tail_blk
= BLOCK_LSN(be64_to_cpu(rhead
->h_tail_lsn
));
758 * Reset log values according to the state of the log when we
759 * crashed. In the case where head_blk == 0, we bump curr_cycle
760 * one because the next write starts a new cycle rather than
761 * continuing the cycle of the last good log record. At this
762 * point we have guaranteed that all partial log records have been
763 * accounted for. Therefore, we know that the last good log record
764 * written was complete and ended exactly on the end boundary
765 * of the physical log.
767 log
->l_prev_block
= i
;
768 log
->l_curr_block
= (int)*head_blk
;
769 log
->l_curr_cycle
= be32_to_cpu(rhead
->h_cycle
);
772 atomic64_set(&log
->l_tail_lsn
, be64_to_cpu(rhead
->h_tail_lsn
));
773 atomic64_set(&log
->l_last_sync_lsn
, be64_to_cpu(rhead
->h_lsn
));
774 xlog_assign_grant_head(&log
->l_reserve_head
.grant
, log
->l_curr_cycle
,
775 BBTOB(log
->l_curr_block
));
776 xlog_assign_grant_head(&log
->l_write_head
.grant
, log
->l_curr_cycle
,
777 BBTOB(log
->l_curr_block
));
780 * Look for unmount record. If we find it, then we know there
781 * was a clean unmount. Since 'i' could be the last block in
782 * the physical log, we convert to a log block before comparing
785 * Save the current tail lsn to use to pass to
786 * xlog_clear_stale_blocks() below. We won't want to clear the
787 * unmount record if there is one, so we pass the lsn of the
788 * unmount record rather than the block after it.
790 if (xfs_sb_version_haslogv2(&log
->l_mp
->m_sb
)) {
791 int h_size
= be32_to_cpu(rhead
->h_size
);
792 int h_version
= be32_to_cpu(rhead
->h_version
);
794 if ((h_version
& XLOG_VERSION_2
) &&
795 (h_size
> XLOG_HEADER_CYCLE_SIZE
)) {
796 hblks
= h_size
/ XLOG_HEADER_CYCLE_SIZE
;
797 if (h_size
% XLOG_HEADER_CYCLE_SIZE
)
805 after_umount_blk
= (i
+ hblks
+ (int)
806 BTOBB(be32_to_cpu(rhead
->h_len
))) % log
->l_logBBsize
;
807 tail_lsn
= atomic64_read(&log
->l_tail_lsn
);
808 if (*head_blk
== after_umount_blk
&&
809 be32_to_cpu(rhead
->h_num_logops
) == 1) {
810 umount_data_blk
= (i
+ hblks
) % log
->l_logBBsize
;
811 error
= xlog_bread(log
, umount_data_blk
, 1, bp
, &offset
);
815 op_head
= (xlog_op_header_t
*)offset
;
816 if (op_head
->oh_flags
& XLOG_UNMOUNT_TRANS
) {
818 * Set tail and last sync so that newly written
819 * log records will point recovery to after the
820 * current unmount record.
822 xlog_assign_atomic_lsn(&log
->l_tail_lsn
,
823 log
->l_curr_cycle
, after_umount_blk
);
824 xlog_assign_atomic_lsn(&log
->l_last_sync_lsn
,
825 log
->l_curr_cycle
, after_umount_blk
);
826 *tail_blk
= after_umount_blk
;
829 * Note that the unmount was clean. If the unmount
830 * was not clean, we need to know this to rebuild the
831 * superblock counters from the perag headers if we
832 * have a filesystem using non-persistent counters.
834 log
->l_mp
->m_flags
|= XFS_MOUNT_WAS_CLEAN
;
839 * Make sure that there are no blocks in front of the head
840 * with the same cycle number as the head. This can happen
841 * because we allow multiple outstanding log writes concurrently,
842 * and the later writes might make it out before earlier ones.
844 * We use the lsn from before modifying it so that we'll never
845 * overwrite the unmount record after a clean unmount.
847 * Do this only if we are going to recover the filesystem
849 * NOTE: This used to say "if (!readonly)"
850 * However on Linux, we can & do recover a read-only filesystem.
851 * We only skip recovery if NORECOVERY is specified on mount,
852 * in which case we would not be here.
854 * But... if the -device- itself is readonly, just skip this.
855 * We can't recover this device anyway, so it won't matter.
857 if (!xfs_readonly_buftarg(log
->l_mp
->m_logdev_targp
))
858 error
= xlog_clear_stale_blocks(log
, tail_lsn
);
864 xfs_warn(log
->l_mp
, "failed to locate log tail");
869 * Is the log zeroed at all?
871 * The last binary search should be changed to perform an X block read
872 * once X becomes small enough. You can then search linearly through
873 * the X blocks. This will cut down on the number of reads we need to do.
875 * If the log is partially zeroed, this routine will pass back the blkno
876 * of the first block with cycle number 0. It won't have a complete LR
880 * 0 => the log is completely written to
881 * -1 => use *blk_no as the first block of the log
882 * >0 => error has occurred
891 uint first_cycle
, last_cycle
;
892 xfs_daddr_t new_blk
, last_blk
, start_blk
;
893 xfs_daddr_t num_scan_bblks
;
894 int error
, log_bbnum
= log
->l_logBBsize
;
898 /* check totally zeroed log */
899 bp
= xlog_get_bp(log
, 1);
902 error
= xlog_bread(log
, 0, 1, bp
, &offset
);
906 first_cycle
= xlog_get_cycle(offset
);
907 if (first_cycle
== 0) { /* completely zeroed log */
913 /* check partially zeroed log */
914 error
= xlog_bread(log
, log_bbnum
-1, 1, bp
, &offset
);
918 last_cycle
= xlog_get_cycle(offset
);
919 if (last_cycle
!= 0) { /* log completely written to */
922 } else if (first_cycle
!= 1) {
924 * If the cycle of the last block is zero, the cycle of
925 * the first block must be 1. If it's not, maybe we're
926 * not looking at a log... Bail out.
929 "Log inconsistent or not a log (last==0, first!=1)");
930 error
= XFS_ERROR(EINVAL
);
934 /* we have a partially zeroed log */
935 last_blk
= log_bbnum
-1;
936 if ((error
= xlog_find_cycle_start(log
, bp
, 0, &last_blk
, 0)))
940 * Validate the answer. Because there is no way to guarantee that
941 * the entire log is made up of log records which are the same size,
942 * we scan over the defined maximum blocks. At this point, the maximum
943 * is not chosen to mean anything special. XXXmiken
945 num_scan_bblks
= XLOG_TOTAL_REC_SHIFT(log
);
946 ASSERT(num_scan_bblks
<= INT_MAX
);
948 if (last_blk
< num_scan_bblks
)
949 num_scan_bblks
= last_blk
;
950 start_blk
= last_blk
- num_scan_bblks
;
953 * We search for any instances of cycle number 0 that occur before
954 * our current estimate of the head. What we're trying to detect is
955 * 1 ... | 0 | 1 | 0...
956 * ^ binary search ends here
958 if ((error
= xlog_find_verify_cycle(log
, start_blk
,
959 (int)num_scan_bblks
, 0, &new_blk
)))
965 * Potentially backup over partial log record write. We don't need
966 * to search the end of the log because we know it is zero.
968 if ((error
= xlog_find_verify_log_record(log
, start_blk
,
969 &last_blk
, 0)) == -1) {
970 error
= XFS_ERROR(EIO
);
983 STATIC xlog_recover_t
*
984 xlog_recover_find_tid(
985 struct hlist_head
*head
,
988 xlog_recover_t
*trans
;
989 struct hlist_node
*n
;
991 hlist_for_each_entry(trans
, n
, head
, r_list
) {
992 if (trans
->r_log_tid
== tid
)
999 xlog_recover_new_tid(
1000 struct hlist_head
*head
,
1004 xlog_recover_t
*trans
;
1006 trans
= kmem_zalloc(sizeof(xlog_recover_t
), 0);
1007 trans
->r_log_tid
= tid
;
1009 INIT_LIST_HEAD(&trans
->r_itemq
);
1011 INIT_HLIST_NODE(&trans
->r_list
);
1012 hlist_add_head(&trans
->r_list
, head
);
1016 xlog_recover_add_item(
1017 struct list_head
*head
)
1019 xlog_recover_item_t
*item
;
1021 item
= kmem_zalloc(sizeof(xlog_recover_item_t
), 0);
1022 INIT_LIST_HEAD(&item
->ri_list
);
1023 list_add_tail(&item
->ri_list
, head
);
1027 xlog_recover_add_to_cont_trans(
1029 struct xlog_recover
*trans
,
1033 xlog_recover_item_t
*item
;
1034 char *ptr
, *old_ptr
;
1037 if (list_empty(&trans
->r_itemq
)) {
1038 /* finish copying rest of trans header */
1039 xlog_recover_add_item(&trans
->r_itemq
);
1040 ptr
= (char *) &trans
->r_theader
+
1041 sizeof(xfs_trans_header_t
) - len
;
1042 memcpy(ptr
, dp
, len
); /* d, s, l */
1045 /* take the tail entry */
1046 item
= list_entry(trans
->r_itemq
.prev
, xlog_recover_item_t
, ri_list
);
1048 old_ptr
= item
->ri_buf
[item
->ri_cnt
-1].i_addr
;
1049 old_len
= item
->ri_buf
[item
->ri_cnt
-1].i_len
;
1051 ptr
= kmem_realloc(old_ptr
, len
+old_len
, 0);
1052 memcpy(&ptr
[old_len
], dp
, len
); /* d, s, l */
1053 item
->ri_buf
[item
->ri_cnt
-1].i_len
+= len
;
1054 item
->ri_buf
[item
->ri_cnt
-1].i_addr
= ptr
;
1055 trace_xfs_log_recover_item_add_cont(log
, trans
, item
, 0);
1060 * The next region to add is the start of a new region. It could be
1061 * a whole region or it could be the first part of a new region. Because
1062 * of this, the assumption here is that the type and size fields of all
1063 * format structures fit into the first 32 bits of the structure.
1065 * This works because all regions must be 32 bit aligned. Therefore, we
1066 * either have both fields or we have neither field. In the case we have
1067 * neither field, the data part of the region is zero length. We only have
1068 * a log_op_header and can throw away the header since a new one will appear
1069 * later. If we have at least 4 bytes, then we can determine how many regions
1070 * will appear in the current log item.
1073 xlog_recover_add_to_trans(
1075 struct xlog_recover
*trans
,
1079 struct xfs_inode_log_format
*in_f
; /* any will do */
1080 xlog_recover_item_t
*item
;
1085 if (list_empty(&trans
->r_itemq
)) {
1086 /* we need to catch log corruptions here */
1087 if (*(uint
*)dp
!= XFS_TRANS_HEADER_MAGIC
) {
1088 xfs_warn(log
->l_mp
, "%s: bad header magic number",
1091 return XFS_ERROR(EIO
);
1093 if (len
== sizeof(xfs_trans_header_t
))
1094 xlog_recover_add_item(&trans
->r_itemq
);
1095 memcpy(&trans
->r_theader
, dp
, len
); /* d, s, l */
1099 ptr
= kmem_alloc(len
, 0);
1100 memcpy(ptr
, dp
, len
);
1101 in_f
= (struct xfs_inode_log_format
*)ptr
;
1103 /* take the tail entry */
1104 item
= list_entry(trans
->r_itemq
.prev
, xlog_recover_item_t
, ri_list
);
1105 if (item
->ri_total
!= 0 &&
1106 item
->ri_total
== item
->ri_cnt
) {
1107 /* tail item is in use, get a new one */
1108 xlog_recover_add_item(&trans
->r_itemq
);
1109 item
= list_entry(trans
->r_itemq
.prev
,
1110 xlog_recover_item_t
, ri_list
);
1113 if (item
->ri_total
== 0) { /* first region to be added */
1114 if (in_f
->ilf_size
== 0 ||
1115 in_f
->ilf_size
> XLOG_MAX_REGIONS_IN_ITEM
) {
1117 "bad number of regions (%d) in inode log format",
1121 return XFS_ERROR(EIO
);
1124 item
->ri_total
= in_f
->ilf_size
;
1126 kmem_zalloc(item
->ri_total
* sizeof(xfs_log_iovec_t
),
1129 ASSERT(item
->ri_total
> item
->ri_cnt
);
1130 /* Description region is ri_buf[0] */
1131 item
->ri_buf
[item
->ri_cnt
].i_addr
= ptr
;
1132 item
->ri_buf
[item
->ri_cnt
].i_len
= len
;
1134 trace_xfs_log_recover_item_add(log
, trans
, item
, 0);
1139 * Free up any resources allocated by the transaction
1141 * Remember that EFIs, EFDs, and IUNLINKs are handled later.
1144 xlog_recover_free_trans(
1145 struct xlog_recover
*trans
)
1147 xlog_recover_item_t
*item
, *n
;
1150 list_for_each_entry_safe(item
, n
, &trans
->r_itemq
, ri_list
) {
1151 /* Free the regions in the item. */
1152 list_del(&item
->ri_list
);
1153 for (i
= 0; i
< item
->ri_cnt
; i
++)
1154 kmem_free(item
->ri_buf
[i
].i_addr
);
1155 /* Free the item itself */
1156 kmem_free(item
->ri_buf
);
1159 /* Free the transaction recover structure */
1164 * Perform the transaction.
1166 * If the transaction modifies a buffer or inode, do it now. Otherwise,
1167 * EFIs and EFDs get queued up by adding entries into the AIL for them.
1170 xlog_recover_commit_trans(
1172 struct xlog_recover
*trans
,
1177 hlist_del(&trans
->r_list
);
1178 if ((error
= xlog_recover_do_trans(log
, trans
, pass
)))
1181 xlog_recover_free_trans(trans
);
1186 xlog_recover_unmount_trans(
1187 xlog_recover_t
*trans
)
1189 /* Do nothing now */
1190 xfs_warn(log
->l_mp
, "%s: Unmount LR", __func__
);
1195 * There are two valid states of the r_state field. 0 indicates that the
1196 * transaction structure is in a normal state. We have either seen the
1197 * start of the transaction or the last operation we added was not a partial
1198 * operation. If the last operation we added to the transaction was a
1199 * partial operation, we need to mark r_state with XLOG_WAS_CONT_TRANS.
1201 * NOTE: skip LRs with 0 data length.
1204 xlog_recover_process_data(
1206 struct hlist_head rhash
[],
1207 struct xlog_rec_header
*rhead
,
1213 xlog_op_header_t
*ohead
;
1214 xlog_recover_t
*trans
;
1220 lp
= dp
+ be32_to_cpu(rhead
->h_len
);
1221 num_logops
= be32_to_cpu(rhead
->h_num_logops
);
1223 /* check the log format matches our own - else we can't recover */
1224 if (xlog_header_check_recover(log
->l_mp
, rhead
))
1225 return (XFS_ERROR(EIO
));
1227 while ((dp
< lp
) && num_logops
) {
1228 ASSERT(dp
+ sizeof(xlog_op_header_t
) <= lp
);
1229 ohead
= (xlog_op_header_t
*)dp
;
1230 dp
+= sizeof(xlog_op_header_t
);
1231 if (ohead
->oh_clientid
!= XFS_TRANSACTION
&&
1232 ohead
->oh_clientid
!= XFS_LOG
) {
1233 xfs_warn(log
->l_mp
, "%s: bad clientid 0x%x",
1234 __func__
, ohead
->oh_clientid
);
1236 return (XFS_ERROR(EIO
));
1238 tid
= be32_to_cpu(ohead
->oh_tid
);
1239 hash
= XLOG_RHASH(tid
);
1240 trans
= xlog_recover_find_tid(&rhash
[hash
], tid
);
1241 if (trans
== NULL
) { /* not found; add new tid */
1242 if (ohead
->oh_flags
& XLOG_START_TRANS
)
1243 xlog_recover_new_tid(&rhash
[hash
], tid
,
1244 be64_to_cpu(rhead
->h_lsn
));
1246 if (dp
+ be32_to_cpu(ohead
->oh_len
) > lp
) {
1247 xfs_warn(log
->l_mp
, "%s: bad length 0x%x",
1248 __func__
, be32_to_cpu(ohead
->oh_len
));
1249 return (XFS_ERROR(EIO
));
1251 flags
= ohead
->oh_flags
& ~XLOG_END_TRANS
;
1252 if (flags
& XLOG_WAS_CONT_TRANS
)
1253 flags
&= ~XLOG_CONTINUE_TRANS
;
1255 case XLOG_COMMIT_TRANS
:
1256 error
= xlog_recover_commit_trans(log
,
1259 case XLOG_UNMOUNT_TRANS
:
1260 error
= xlog_recover_unmount_trans(trans
);
1262 case XLOG_WAS_CONT_TRANS
:
1263 error
= xlog_recover_add_to_cont_trans(log
,
1265 be32_to_cpu(ohead
->oh_len
));
1267 case XLOG_START_TRANS
:
1268 xfs_warn(log
->l_mp
, "%s: bad transaction",
1271 error
= XFS_ERROR(EIO
);
1274 case XLOG_CONTINUE_TRANS
:
1275 error
= xlog_recover_add_to_trans(log
, trans
,
1276 dp
, be32_to_cpu(ohead
->oh_len
));
1279 xfs_warn(log
->l_mp
, "%s: bad flag 0x%x",
1282 error
= XFS_ERROR(EIO
);
1288 dp
+= be32_to_cpu(ohead
->oh_len
);
1295 * Upack the log buffer data and crc check it. If the check fails, issue a
1296 * warning if and only if the CRC in the header is non-zero. This makes the
1297 * check an advisory warning, and the zero CRC check will prevent failure
1298 * warnings from being emitted when upgrading the kernel from one that does not
1299 * add CRCs by default.
1301 * When filesystems are CRC enabled, this CRC mismatch becomes a fatal log
1302 * corruption failure
1304 * XXX: we do not calculate the CRC here yet. It's not clear what we should do
1305 * with CRC errors here in userspace, so we'll address that problem later on.
1307 #define xlog_cksum(l,r,dp,len) ((r)->h_crc)
1309 xlog_unpack_data_crc(
1310 struct xlog_rec_header
*rhead
,
1316 crc
= xlog_cksum(log
, rhead
, dp
, be32_to_cpu(rhead
->h_len
));
1317 if (crc
!= rhead
->h_crc
) {
1318 if (rhead
->h_crc
|| xfs_sb_version_hascrc(&log
->l_mp
->m_sb
)) {
1319 xfs_alert(log
->l_mp
,
1320 "log record CRC mismatch: found 0x%x, expected 0x%x.",
1321 le32_to_cpu(rhead
->h_crc
),
1323 xfs_hex_dump(dp
, 32);
1327 * If we've detected a log record corruption, then we can't
1328 * recover past this point. Abort recovery if we are enforcing
1329 * CRC protection by punting an error back up the stack.
1331 if (xfs_sb_version_hascrc(&log
->l_mp
->m_sb
))
1332 return EFSCORRUPTED
;
1340 struct xlog_rec_header
*rhead
,
1347 error
= xlog_unpack_data_crc(rhead
, dp
, log
);
1351 for (i
= 0; i
< BTOBB(be32_to_cpu(rhead
->h_len
)) &&
1352 i
< (XLOG_HEADER_CYCLE_SIZE
/ BBSIZE
); i
++) {
1353 *(__be32
*)dp
= *(__be32
*)&rhead
->h_cycle_data
[i
];
1357 if (xfs_sb_version_haslogv2(&log
->l_mp
->m_sb
)) {
1358 xlog_in_core_2_t
*xhdr
= (xlog_in_core_2_t
*)rhead
;
1359 for ( ; i
< BTOBB(be32_to_cpu(rhead
->h_len
)); i
++) {
1360 j
= i
/ (XLOG_HEADER_CYCLE_SIZE
/ BBSIZE
);
1361 k
= i
% (XLOG_HEADER_CYCLE_SIZE
/ BBSIZE
);
1362 *(__be32
*)dp
= xhdr
[j
].hic_xheader
.xh_cycle_data
[k
];
1371 xlog_valid_rec_header(
1373 struct xlog_rec_header
*rhead
,
1378 if (unlikely(rhead
->h_magicno
!= cpu_to_be32(XLOG_HEADER_MAGIC_NUM
))) {
1379 XFS_ERROR_REPORT("xlog_valid_rec_header(1)",
1380 XFS_ERRLEVEL_LOW
, log
->l_mp
);
1381 return XFS_ERROR(EFSCORRUPTED
);
1384 (!rhead
->h_version
||
1385 (be32_to_cpu(rhead
->h_version
) & (~XLOG_VERSION_OKBITS
))))) {
1386 xfs_warn(log
->l_mp
, "%s: unrecognised log version (%d).",
1387 __func__
, be32_to_cpu(rhead
->h_version
));
1388 return XFS_ERROR(EIO
);
1391 /* LR body must have data or it wouldn't have been written */
1392 hlen
= be32_to_cpu(rhead
->h_len
);
1393 if (unlikely( hlen
<= 0 || hlen
> INT_MAX
)) {
1394 XFS_ERROR_REPORT("xlog_valid_rec_header(2)",
1395 XFS_ERRLEVEL_LOW
, log
->l_mp
);
1396 return XFS_ERROR(EFSCORRUPTED
);
1398 if (unlikely( blkno
> log
->l_logBBsize
|| blkno
> INT_MAX
)) {
1399 XFS_ERROR_REPORT("xlog_valid_rec_header(3)",
1400 XFS_ERRLEVEL_LOW
, log
->l_mp
);
1401 return XFS_ERROR(EFSCORRUPTED
);
1407 * Read the log from tail to head and process the log records found.
1408 * Handle the two cases where the tail and head are in the same cycle
1409 * and where the active portion of the log wraps around the end of
1410 * the physical log separately. The pass parameter is passed through
1411 * to the routines called to process the data and is not looked at
1415 xlog_do_recovery_pass(
1417 xfs_daddr_t head_blk
,
1418 xfs_daddr_t tail_blk
,
1421 xlog_rec_header_t
*rhead
;
1424 xfs_buf_t
*hbp
, *dbp
;
1425 int error
= 0, h_size
;
1426 int bblks
, split_bblks
;
1427 int hblks
, split_hblks
, wrapped_hblks
;
1428 struct hlist_head rhash
[XLOG_RHASH_SIZE
];
1430 ASSERT(head_blk
!= tail_blk
);
1433 * Read the header of the tail block and get the iclog buffer size from
1434 * h_size. Use this to tell how many sectors make up the log header.
1436 if (xfs_sb_version_haslogv2(&log
->l_mp
->m_sb
)) {
1438 * When using variable length iclogs, read first sector of
1439 * iclog header and extract the header size from it. Get a
1440 * new hbp that is the correct size.
1442 hbp
= xlog_get_bp(log
, 1);
1446 error
= xlog_bread(log
, tail_blk
, 1, hbp
, &offset
);
1450 rhead
= (xlog_rec_header_t
*)offset
;
1451 error
= xlog_valid_rec_header(log
, rhead
, tail_blk
);
1454 h_size
= be32_to_cpu(rhead
->h_size
);
1455 if ((be32_to_cpu(rhead
->h_version
) & XLOG_VERSION_2
) &&
1456 (h_size
> XLOG_HEADER_CYCLE_SIZE
)) {
1457 hblks
= h_size
/ XLOG_HEADER_CYCLE_SIZE
;
1458 if (h_size
% XLOG_HEADER_CYCLE_SIZE
)
1461 hbp
= xlog_get_bp(log
, hblks
);
1466 ASSERT(log
->l_sectBBsize
== 1);
1468 hbp
= xlog_get_bp(log
, 1);
1469 h_size
= XLOG_BIG_RECORD_BSIZE
;
1474 dbp
= xlog_get_bp(log
, BTOBB(h_size
));
1480 memset(rhash
, 0, sizeof(rhash
));
1481 if (tail_blk
<= head_blk
) {
1482 for (blk_no
= tail_blk
; blk_no
< head_blk
; ) {
1483 error
= xlog_bread(log
, blk_no
, hblks
, hbp
, &offset
);
1487 rhead
= (xlog_rec_header_t
*)offset
;
1488 error
= xlog_valid_rec_header(log
, rhead
, blk_no
);
1492 /* blocks in data section */
1493 bblks
= (int)BTOBB(be32_to_cpu(rhead
->h_len
));
1494 error
= xlog_bread(log
, blk_no
+ hblks
, bblks
, dbp
,
1499 error
= xlog_unpack_data(rhead
, offset
, log
);
1503 error
= xlog_recover_process_data(log
,
1504 rhash
, rhead
, offset
, pass
);
1507 blk_no
+= bblks
+ hblks
;
1511 * Perform recovery around the end of the physical log.
1512 * When the head is not on the same cycle number as the tail,
1513 * we can't do a sequential recovery as above.
1516 while (blk_no
< log
->l_logBBsize
) {
1518 * Check for header wrapping around physical end-of-log
1520 offset
= hbp
->b_addr
;
1523 if (blk_no
+ hblks
<= log
->l_logBBsize
) {
1524 /* Read header in one read */
1525 error
= xlog_bread(log
, blk_no
, hblks
, hbp
,
1530 /* This LR is split across physical log end */
1531 if (blk_no
!= log
->l_logBBsize
) {
1532 /* some data before physical log end */
1533 ASSERT(blk_no
<= INT_MAX
);
1534 split_hblks
= log
->l_logBBsize
- (int)blk_no
;
1535 ASSERT(split_hblks
> 0);
1536 error
= xlog_bread(log
, blk_no
,
1544 * Note: this black magic still works with
1545 * large sector sizes (non-512) only because:
1546 * - we increased the buffer size originally
1547 * by 1 sector giving us enough extra space
1548 * for the second read;
1549 * - the log start is guaranteed to be sector
1551 * - we read the log end (LR header start)
1552 * _first_, then the log start (LR header end)
1553 * - order is important.
1555 wrapped_hblks
= hblks
- split_hblks
;
1556 error
= xlog_bread_offset(log
, 0,
1558 offset
+ BBTOB(split_hblks
));
1562 rhead
= (xlog_rec_header_t
*)offset
;
1563 error
= xlog_valid_rec_header(log
, rhead
,
1564 split_hblks
? blk_no
: 0);
1568 bblks
= (int)BTOBB(be32_to_cpu(rhead
->h_len
));
1571 /* Read in data for log record */
1572 if (blk_no
+ bblks
<= log
->l_logBBsize
) {
1573 error
= xlog_bread(log
, blk_no
, bblks
, dbp
,
1578 /* This log record is split across the
1579 * physical end of log */
1580 offset
= dbp
->b_addr
;
1582 if (blk_no
!= log
->l_logBBsize
) {
1583 /* some data is before the physical
1585 ASSERT(!wrapped_hblks
);
1586 ASSERT(blk_no
<= INT_MAX
);
1588 log
->l_logBBsize
- (int)blk_no
;
1589 ASSERT(split_bblks
> 0);
1590 error
= xlog_bread(log
, blk_no
,
1598 * Note: this black magic still works with
1599 * large sector sizes (non-512) only because:
1600 * - we increased the buffer size originally
1601 * by 1 sector giving us enough extra space
1602 * for the second read;
1603 * - the log start is guaranteed to be sector
1605 * - we read the log end (LR header start)
1606 * _first_, then the log start (LR header end)
1607 * - order is important.
1609 error
= xlog_bread_offset(log
, 0,
1610 bblks
- split_bblks
, dbp
,
1611 offset
+ BBTOB(split_bblks
));
1616 error
= xlog_unpack_data(rhead
, offset
, log
);
1620 error
= xlog_recover_process_data(log
, rhash
,
1621 rhead
, offset
, pass
);
1627 ASSERT(blk_no
>= log
->l_logBBsize
);
1628 blk_no
-= log
->l_logBBsize
;
1630 /* read first part of physical log */
1631 while (blk_no
< head_blk
) {
1632 error
= xlog_bread(log
, blk_no
, hblks
, hbp
, &offset
);
1636 rhead
= (xlog_rec_header_t
*)offset
;
1637 error
= xlog_valid_rec_header(log
, rhead
, blk_no
);
1641 bblks
= (int)BTOBB(be32_to_cpu(rhead
->h_len
));
1642 error
= xlog_bread(log
, blk_no
+hblks
, bblks
, dbp
,
1647 error
= xlog_unpack_data(rhead
, offset
, log
);
1651 error
= xlog_recover_process_data(log
, rhash
,
1652 rhead
, offset
, pass
);
1655 blk_no
+= bblks
+ hblks
;