File remove problem
David Cecil
david.cecil at nokia.com
Sun Dec 2 14:10:34 PST 2007
What's the plan with these patches guys? Are they likely to be
committed to current? I guess it's getting late in the game to commit
to the 7.0 branch.
Sorry for the resend Bruce.
Thanks,
Dave
ext Bruce Evans wrote:
> A second reply. Sorry for so many.
>
> On Sun, 2 Dec 2007, Bruce Evans wrote:
>
>> On Sun, 2 Dec 2007, Kostik Belousov wrote:
>
>>> I would argue that the ufs already knows too much about the ffs. But,
>>> this seems to be the first explicit reference to the ffs from the ufs
>>> code. With your approval, see below.
>
>>> diff --git a/sys/ufs/ufs/ufs_inode.c b/sys/ufs/ufs/ufs_inode.c
>>> index 448f436..22e29e9 100644
>>> --- a/sys/ufs/ufs/ufs_inode.c
>>> +++ b/sys/ufs/ufs/ufs_inode.c
>>> @@ -60,6 +60,7 @@ __FBSDID("$FreeBSD: src/sys/ufs/ufs/ufs_inode.c,v
>>> 1.69 2007/06/22 13:22:37 kib E
>>> #ifdef UFS_GJOURNAL
>>> #include <ufs/ufs/gjournal.h>
>>> #endif
>>> +#include <ufs/ffs/fs.h>
>>>
>>> /*
>>> * Last reference to an inode. If necessary, write or delete it.
>>
>> ufs/ffs includes are conventionally separated from ufs/ufs includes by a
>> blank line. About 2/3 of the files in ufs/ffs follow this convention.
>>
>>> @@ -90,8 +91,7 @@ ufs_inactive(ap)
>>> ufs_gjournal_close(vp);
>>> #endif
>>> if ((ip->i_effnlink == 0 && DOINGSOFTDEP(vp)) ||
>>> - (ip->i_nlink <= 0 &&
>>> - (vp->v_mount->mnt_flag & MNT_RDONLY) == 0)) {
>>> + (ip->i_nlink <= 0 && !VFSTOUFS(mp)->um_fs->fs_ronly)) {
>>> loop:
>>> if (vn_start_secondary_write(vp, &mp, V_NOWAIT) != 0) {
>>> /* Cannot delete file while file system is suspended */
>>> @@ -121,7 +121,7 @@ ufs_inactive(ap)
>>> }
>>> if (ip->i_effnlink == 0 && DOINGSOFTDEP(vp))
>>> softdep_releasefile(ip);
>>> - if (ip->i_nlink <= 0 && (vp->v_mount->mnt_flag & MNT_RDONLY) ==
>>> 0) {
>>> + if (ip->i_nlink <= 0 && !VFSTOUFS(mp)->um_fs->fs_ronly) {
>>> #ifdef QUOTA
>>> if (!getinoquota(ip))
>>> (void)chkiq(ip, -1, NOCRED, FORCE);
>>>
>>
>> Should be ip->i_fs->fs_ronly.
>>
>> The locking for fs_ronly is unclear. It seems to be locked mainly by
>> vn_start_write(), and that enough for everything except probably access
>> time changes.
>
> Actually. I hope that this MNT_RDONLY check can just go away. I now see
> that it part of previous attempts to fix the bugs in this area.
>
> % RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_inode.c,v
> % Working file: ufs_inode.c
> % head: 1.69
> % ----------------------------
> % revision 1.64
> % date: 2005/09/23 20:49:57; author: delphij; state: Exp; lines: +1 -1
> % Restore a historical ufs_inactive behavior that has been changed
> % in rev. 1.40 of ufs_inode.c, which allows an inode being truncated
> % even when the filesystem itself is marked RDONLY. A subsequent
> % call of UFS_TRUNCATE (ffs_truncate) would panic the system as it
> % asserts that it can only be called when the filesystem is mounted
> % read-write (same changeset, rev. 1.74 of sys/ufs/ffs/ffs_inode.c).
> % % Because ffs_mount() already takes care of sync'ing the filesystem
> % to disk before being downgraded to readonly, it appears to be more
> % desirable that we should not permit this sort of writes to disk.
> % % This change would fix a panic that occours when read-only mounted
> % a corrupted filesystem and doing some file operations.
> % % MT6/5/4 candidate
> % % Reviewed by: mckusick
> % ----------------------------
> % ...
> % ----------------------------
> % revision 1.40
> % date: 2002/01/15 07:17:12; author: mckusick; state: Exp; lines:
> +2 -2
> % When downgrading a filesystem from read-write to read-only, operations
> % involving file removal or file update were not always being fully
> % committed to disk. The result was lost files or corrupted file data.
> % This change ensures that the filesystem is properly synced to disk
> % before the filesystem is down-graded.
> % % This delta also fixes a long standing bug in which a file open for
> % reading has been unlinked. When the last open reference to the file
> % is closed, the inode is reclaimed by the filesystem. Previously,
> % if the filesystem had been down-graded to read-only, the inode could
> % not be reclaimed, and thus was lost and had to be later recovered
> % by fsck. With this change, such files are found at the time of the
> % down-grade. Normally they will result in the filesystem down-grade
> % failing with `device busy'. If a forcible down-grade is done, then
> % the affected files will be revoked causing the inode to be released
> % and the open file descriptors to begin failing on attempts to read.
> % % Submitted by: "Sam Leffler" <sam at errno.com>
> % ----------------------------
> % % Index: ufs_inode.c
> % ===================================================================
> % RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_inode.c,v
> % retrieving revision 1.63
> % retrieving revision 1.64
> % diff -u -2 -r1.63 -r1.64
> % --- ufs_inode.c 17 Mar 2005 11:58:43 -0000 1.63
> % +++ ufs_inode.c 23 Sep 2005 20:49:57 -0000 1.64
> % @@ -36,5 +36,5 @@
> % % #include <sys/cdefs.h>
> % -__FBSDID("$FreeBSD: src/sys/ufs/ufs/ufs_inode.c,v 1.63 2005/03/17
> 11:58:43 jeff Exp $");
> % +__FBSDID("$FreeBSD: src/sys/ufs/ufs/ufs_inode.c,v 1.64 2005/09/23
> 20:49:57 delphij Exp $");
> % % #include "opt_quota.h"
> % @@ -84,5 +84,5 @@
> % if (ip->i_effnlink == 0 && DOINGSOFTDEP(vp))
> % softdep_releasefile(ip);
> % - if (ip->i_nlink <= 0) {
> % + if (ip->i_nlink <= 0 && (vp->v_mount->mnt_flag & MNT_RDONLY) ==
> 0) {
> % (void) vn_write_suspend_wait(vp, NULL, V_WAIT);
> % #ifdef QUOTA
>
> % Index: ufs_inode.c
> % ===================================================================
> % RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_inode.c,v
> % retrieving revision 1.39
> % retrieving revision 1.40
> % diff -u -2 -r1.39 -r1.40
> % --- ufs_inode.c 11 Oct 2001 17:52:20 -0000 1.39
> % +++ ufs_inode.c 15 Jan 2002 07:17:12 -0000 1.40
> % @@ -37,5 +37,5 @@
> % *
> % * @(#)ufs_inode.c 8.9 (Berkeley) 5/14/95
> % - * $FreeBSD: src/sys/ufs/ufs/ufs_inode.c,v 1.39 2001/10/11 17:52:20
> jhb Exp $
> % + * $FreeBSD: src/sys/ufs/ufs/ufs_inode.c,v 1.40 2002/01/15 07:17:12
> mckusick Exp $
> % */
> % % @@ -85,5 +85,5 @@
> % if (ip->i_effnlink == 0 && DOINGSOFTDEP(vp))
> % softdep_releasefile(ip);
> % - if (ip->i_nlink <= 0 && (vp->v_mount->mnt_flag & MNT_RDONLY) ==
> 0) {
> % + if (ip->i_nlink <= 0) {
> % (void) vn_write_suspend_wait(vp, NULL, V_WAIT);
> % #ifdef QUOTA
>
> Rev.1.40 of ufs_inode.c goes with rev.1.182 of ufs_vnops.c and
> rev.1.74 of
> ffs_vnops.c to fix truncation of unlinked open files in mount-update.
> Rev.1.64 breaks this case by backing out 1.40. I think 1.64 is an
> attempt
> to work around the other bugs. It breaks the case of unlinked open files
> more deterministically, but this case is relatively uncommon. Again, I
> was "lucky" to debug this partly under 5.2 which doesn't have 1.64, so
> the extra (null?) truncations for closed files were relatively common.
>
> So it should be safe to remove all the r/o checks in ufs_inactive() after
> fixing the other bugs. ffs_truncate alread panics if fs_ronly, but only
> in some cases. In particular, it doesn't panic for truncations that
> don't
> change the file size. Such truncations aren't quite null, since
> standards
> require [f]truncate(2) to mark the ctime and mtime for update.
> ffs_truncate() sets the marks, which is correct for null truncations from
> userland but not ones from syncer internals. Setting of the marks when
> fs_ronly is set should cause panics later (my patch has a vprint() for
> it).
>
> Bruce
> _______________________________________________
> freebsd-fs at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-fs
> To unsubscribe, send any mail to "freebsd-fs-unsubscribe at freebsd.org"
>
More information about the freebsd-fs
mailing list