From 8871cb6adaf3f6ebd2b053e1e52db73b6e4f69bd Mon Sep 17 00:00:00 2001 From: Theodore Ts'o Date: Sat, 15 Aug 2015 11:20:52 -0400 Subject: [PATCH] add patch ensure-entering-into-panic-after-recording-an-error-in-superblock --- ...to-panic-after-recording-an-error-in-superblock | 57 ++++++++++++++++++++++ series | 1 + timestamps | 9 ++-- 3 files changed, 63 insertions(+), 4 deletions(-) create mode 100644 ensure-entering-into-panic-after-recording-an-error-in-superblock diff --git a/ensure-entering-into-panic-after-recording-an-error-in-superblock b/ensure-entering-into-panic-after-recording-an-error-in-superblock new file mode 100644 index 00000000..3785eff4 --- /dev/null +++ b/ensure-entering-into-panic-after-recording-an-error-in-superblock @@ -0,0 +1,57 @@ +jbd2: ensure entering into panic after recording an error in superblock + +From: Daeho Jeong + +If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the +journaling will be aborted first and the error number will be recorded +into JBD2 superblock and, finally, the system will enter into the +panic state in "errors=panic" option. But, in the rare case, this +sequence is little twisted like the below figure and it will happen +that the system enters into panic state, which means the system reset +in mobile environment, before completion of recording an error in the +journal superblock. In this case, e2fsck cannot recognize that the +filesystem failure occured in the previous run and the corruption +wouldn't be fixed. + +Task A Task B +ext4_handle_error() +-> jbd2_journal_abort() + -> __journal_abort_soft() + -> __jbd2_journal_abort_hard() + | -> journal->j_flags |= JBD2_ABORT; + | + | __ext4_abort() + | -> jbd2_journal_abort() + | | -> __journal_abort_soft() + | | -> if (journal->j_flags & JBD2_ABORT) + | | return; + | -> panic() + | + -> jbd2_journal_update_sb_errno() + +Tested-by: Hobin Woo +Signed-off-by: Daeho Jeong +Signed-off-by: Youngjin Gil +Signed-off-by: Theodore Ts'o + +--- + fs/jbd2/journal.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c +index 8270fe9..84bdb67 100644 +--- a/fs/jbd2/journal.c ++++ b/fs/jbd2/journal.c +@@ -2069,10 +2069,10 @@ static void __journal_abort_soft (journal_t *journal, int errno) + if (!journal->j_errno) + journal->j_errno = errno; + +- __jbd2_journal_abort_hard(journal); +- + if (errno) + jbd2_journal_update_sb_errno(journal); ++ ++ __jbd2_journal_abort_hard(journal); + } + + /** diff --git a/series b/series index 8d940635..02196ed1 100644 --- a/series +++ b/series @@ -14,6 +14,7 @@ update-cmtime-on-truncate-up remove-duplicate-header-file limit-number-of-reserved-credits dont-manipulate-recovery-flag-when-freezing-no-journal-fs +ensure-entering-into-panic-after-recording-an-error-in-superblock ########################################## # unstable patches diff --git a/timestamps b/timestamps index 36d9bd39..a1279980 100755 --- a/timestamps +++ b/timestamps @@ -32,12 +32,13 @@ touch -d @1437537479 reject-journal-options-for-ext2-mounts touch -d @1437538088 exit-cleanly-if-ext4_derive_key_aes-fails touch -d @1437538185 fix-crypto-typo touch -d @1437659171 add-REQ_FUQ-flag-when-recording-an-error -touch -d @1437659231 stable-boundary touch -d @1438109834 avoid-infinite-loop-when-destroying-aborted-journal touch -d @1438110521 update-cmtime-on-truncate-up touch -d @1438110738 remove-duplicate-header-file touch -d @1438701712 limit-number-of-reserved-credits touch -d @1439649906 dont-manipulate-recovery-flag-when-freezing-no-journal-fs -touch -d @1439649942 series -touch -d @1439649954 status -touch -d @1439649962 timestamps +touch -d @1439651740 series +touch -d @1439651916 ensure-entering-into-panic-after-recording-an-error-in-superblock +touch -d @1439651935 stable-boundary +touch -d @1439651937 status +touch -d @1439652047 timestamps -- 2.11.4.GIT