linux/fs/xfs
Amir Goldstein 47c7d0b195 xfs: fix incorrect log_flushed on fsync
When calling into _xfs_log_force{,_lsn}() with a pointer
to log_flushed variable, log_flushed will be set to 1 if:
1. xlog_sync() is called to flush the active log buffer
AND/OR
2. xlog_wait() is called to wait on a syncing log buffers

xfs_file_fsync() checks the value of log_flushed after
_xfs_log_force_lsn() call to optimize away an explicit
PREFLUSH request to the data block device after writing
out all the file's pages to disk.

This optimization is incorrect in the following sequence of events:

 Task A                    Task B
 -------------------------------------------------------
 xfs_file_fsync()
   _xfs_log_force_lsn()
     xlog_sync()
        [submit PREFLUSH]
                           xfs_file_fsync()
                             file_write_and_wait_range()
                               [submit WRITE X]
                               [endio  WRITE X]
                             _xfs_log_force_lsn()
                               xlog_wait()
        [endio  PREFLUSH]

The write X is not guarantied to be on persistent storage
when PREFLUSH request in completed, because write A was submitted
after the PREFLUSH request, but xfs_file_fsync() of task A will
be notified of log_flushed=1 and will skip explicit flush.

If the system crashes after fsync of task A, write X may not be
present on disk after reboot.

This bug was discovered and demonstrated using Josef Bacik's
dm-log-writes target, which can be used to record block io operations
and then replay a subset of these operations onto the target device.
The test goes something like this:
- Use fsx to execute ops of a file and record ops on log device
- Every now and then fsync the file, store md5 of file and mark
  the location in the log
- Then replay log onto device for each mark, mount fs and compare
  md5 of file to stored value

Cc: Christoph Hellwig <hch@lst.de>
Cc: Josef Bacik <jbacik@fb.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
2017-09-01 13:08:26 -07:00
..
libxfs xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at 2017-09-01 13:08:25 -07:00
Kconfig xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00
kmem.c mm, vmalloc: use __GFP_HIGHMEM implicitly 2017-05-08 17:15:13 -07:00
kmem.h xfs: map KM_MAYFAIL to __GFP_RETRY_MAYFAIL 2017-07-12 16:26:03 -07:00
Makefile xfs: use the common helper uuid_is_null() 2017-06-05 16:59:08 +02:00
mrlock.h
xfs_acl.c xfs: Don't clear SGID when inheriting ACLs 2017-06-27 18:23:21 -07:00
xfs_acl.h xfs: Don't clear SGID when inheriting ACLs 2017-06-27 18:23:21 -07:00
xfs_aops.c Changes for 4.13: 2017-07-10 10:51:53 -07:00
xfs_aops.h xfs: use iomap_dio_rw 2016-11-30 14:37:15 +11:00
xfs_attr_inactive.c xfs: refactor xfs_trans_roll 2017-09-01 10:55:30 -07:00
xfs_attr_list.c xfs: assert locking precondіtion in xfs_attr_list_int_ilocked 2017-07-13 14:55:05 -07:00
xfs_attr.h xfs: pass along transaction context when reading xattr block buffers 2017-06-20 10:45:22 -07:00
xfs_bmap_item.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_bmap_item.h xfs: log bmap intent items 2016-10-04 11:05:44 -07:00
xfs_bmap_util.c xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent 2017-09-01 13:08:26 -07:00
xfs_bmap_util.h xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent 2017-09-01 13:08:26 -07:00
xfs_buf_item.c xfs: ordered buffer log items are never formatted 2017-09-01 10:55:30 -07:00
xfs_buf_item.h xfs: remove unnecessary dirty bli format check for ordered bufs 2017-09-01 10:55:30 -07:00
xfs_buf.c Changes for 4.13: 2017-07-10 10:51:53 -07:00
xfs_buf.h xfs: push buffer of flush locked dquot to avoid quotacheck deadlock 2017-06-19 08:59:10 -07:00
xfs_dir2_readdir.c xfs: pass along transaction context when reading directory block buffers 2017-06-20 10:45:22 -07:00
xfs_discard.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_discard.h xfs: don't block the log commit handler for discards 2017-02-09 11:36:40 -08:00
xfs_dquot_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_dquot_item.h
xfs_dquot.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_dquot.h
xfs_error.c xfs: add log item pinning error injection tag 2017-08-22 09:22:24 -07:00
xfs_error.h xfs: add log item pinning error injection tag 2017-08-22 09:22:24 -07:00
xfs_export.c xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_export.h
xfs_extent_busy.c xfs: fix len comparison in xfs_extent_busy_trim 2017-02-16 17:20:12 -08:00
xfs_extent_busy.h xfs: improve handling of busy extents in the low-level allocator 2017-02-09 10:50:25 -08:00
xfs_extfree_item.c xfs: better log intent item refcount checking 2017-04-25 09:40:42 -07:00
xfs_extfree_item.h xfs: refactor redo intent item processing 2016-08-03 11:23:49 +10:00
xfs_file.c xfs: consolidate the various page fault handlers 2017-09-01 10:55:30 -07:00
xfs_filestream.c Merge branch 'xfs-4.9-log-recovery-fixes' into for-next 2016-10-03 09:56:28 +11:00
xfs_filestream.h
xfs_fsmap.c xfs: only return detailed fsmap info if the caller has CAP_SYS_ADMIN 2017-05-16 12:26:16 -07:00
xfs_fsmap.h xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_fsops.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_fsops.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_globals.c xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00
xfs_icache.c xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster() 2017-09-01 10:55:30 -07:00
xfs_icache.h xfs: check if an inode is cached and allocated 2017-06-19 14:11:34 -07:00
xfs_icreate_item.c fs: xfs: xfs_icreate_item: constify xfs_item_ops structure 2016-11-28 14:57:42 +11:00
xfs_icreate_item.h
xfs_inode_item.c xfs: Properly retry failed inode items in case of error during buffer writeback 2017-08-22 09:22:23 -07:00
xfs_inode_item.h xfs: remove timestamps from incore inode 2016-02-09 16:54:58 +11:00
xfs_inode.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_inode.h xfs: Switch to iomap for SEEK_HOLE / SEEK_DATA 2017-07-02 22:46:13 -07:00
xfs_ioctl32.c xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_ioctl32.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_ioctl.c xfs: disable per-inode DAX flag 2017-09-01 13:08:26 -07:00
xfs_ioctl.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_iomap.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_iomap.h xfs: introduce xfs_aligned_fsb_count 2017-02-06 17:47:46 -08:00
xfs_iops.c xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN 2017-07-07 08:37:26 -07:00
xfs_iops.h xfs: Propagate dentry down to inode_change_ok() 2016-09-22 10:56:19 +02:00
xfs_itable.c xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_itable.h xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_linux.h Changes for 4.13: 2017-07-10 10:51:53 -07:00
xfs_log_cil.c xfs: Fix leak of discard bio 2017-08-04 13:43:36 -07:00
xfs_log_priv.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_log_recover.c xfs: add log recovery tracepoint for head/tail 2017-08-22 09:22:24 -07:00
xfs_log.c xfs: fix incorrect log_flushed on fsync 2017-09-01 13:08:26 -07:00
xfs_log.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_message.c xfs: define bug_on_assert debug mode sysfs tunable 2017-06-19 08:59:10 -07:00
xfs_message.h
xfs_mount.c xfs: don't leak quotacheck dquots when cow recovery 2017-08-17 12:40:33 -07:00
xfs_mount.h xfs: convert drop_writes to use the errortag mechanism 2017-06-27 18:23:20 -07:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_ondisk.h xfs: define the on-disk refcount btree format 2016-10-03 09:11:18 -07:00
xfs_pnfs.c xfs: remove i_iolock and use i_rwsem in the VFS inode instead 2016-11-30 14:33:25 +11:00
xfs_pnfs.h xfs: remove i_iolock and use i_rwsem in the VFS inode instead 2016-11-30 14:33:25 +11:00
xfs_qm_bhv.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_qm_syscalls.c xfs: wait on new inodes during quotaoff dquot release 2017-04-28 08:11:08 -07:00
xfs_qm.c xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves 2017-09-01 13:08:26 -07:00
xfs_qm.h xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_quota.h
xfs_quotaops.c xfs: remove a whitespace-only line from xfs_fs_get_nextdqblk 2017-07-01 21:09:33 -07:00
xfs_refcount_item.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_refcount_item.h xfs: log refcount intent items 2016-10-03 09:11:21 -07:00
xfs_reflink.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_reflink.h xfs: separate function to check if inode shares extents 2017-06-19 14:11:35 -07:00
xfs_rmap_item.c xfs: better log intent item refcount checking 2017-04-25 09:40:42 -07:00
xfs_rmap_item.h xfs: convert RUI log formats to use variable length arrays 2016-09-19 10:24:27 +10:00
xfs_rtalloc.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_rtalloc.h xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_stats.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_stats.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_super.c Changes for 4.13: 2017-07-10 10:51:53 -07:00
xfs_super.h xfs: don't block the log commit handler for discards 2017-02-09 11:36:40 -08:00
xfs_symlink.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_symlink.h xfs: allow reading of already-locked remote symbolic link 2017-06-20 10:45:22 -07:00
xfs_sysctl.c xfs: garbage collect old cowextsz reservations 2016-10-05 16:26:28 -07:00
xfs_sysctl.h xfs: define bug_on_assert debug mode sysfs tunable 2017-06-19 08:59:10 -07:00
xfs_sysfs.c xfs: replace log_badcrc_factor knob with error injection tag 2017-06-27 18:23:21 -07:00
xfs_sysfs.h xfs: configurable error behavior via sysfs 2016-05-18 10:58:51 +10:00
xfs_trace.c xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_trace.h xfs: consolidate the various page fault handlers 2017-09-01 10:55:30 -07:00
xfs_trans_ail.c xfs: add log item pinning error injection tag 2017-08-22 09:22:24 -07:00
xfs_trans_bmap.c xfs: try to avoid blowing out the transaction reservation when bunmaping a shared extent 2017-06-19 08:59:10 -07:00
xfs_trans_buf.c xfs: disallow marking previously dirty buffers as ordered 2017-09-01 10:55:30 -07:00
xfs_trans_dquot.c xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_trans_extfree.c xfs: set up per-AG free space reservations 2016-09-19 10:30:52 +10:00
xfs_trans_inode.c xfs: refactor xfs_trans_roll 2017-09-01 10:55:30 -07:00
xfs_trans_priv.h xfs: Properly retry failed inode items in case of error during buffer writeback 2017-08-22 09:22:23 -07:00
xfs_trans_refcount.c xfs: connect refcount adjust functions to upper layers 2016-10-03 09:11:22 -07:00
xfs_trans_rmap.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_trans.c xfs: refactor xfs_trans_roll 2017-09-01 10:55:30 -07:00
xfs_trans.h xfs: disallow marking previously dirty buffers as ordered 2017-09-01 10:55:30 -07:00
xfs_xattr.c xfs: several xattr functions can be void 2016-12-05 12:32:14 +11:00
xfs.h xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00